point d'entrée de procédure gdigetbitmapbitssize [résolu]

bonjour,

j'aimerais que quelqu'un puisse m'aider car mon pc est en panne, voila ce qu'il indique :

le point d'entrée de procédure gdigetbitmapbitssize est introuvable dans la biblihothéque de liaison dynamique gdi32.dll

J'ai essayé de rebooter mais le pc ne prend aucune des cd d'installation que j'ai crée. Sous quel format doit etre le cd d'installation : image ou autre ?

J'ai appuyé sur F8 pour mettre en mode sans échec, revenir à la dernière bonne configuration... rien ne marche.

Que faire ?

Ce problème vient suite à un virus sur le système et sur le fichier user32.dll

merci d'avance pour vos lumières

Salut,
les cd de Windows que l'on fait soit-même sont en format .iso
concernant ta panne tu devrais essayer de booter sur un live cd
pour remplacer le fichier en question après avoir renommé l'ancien
en .bak ou .old tu peux trouver le gdi32.dll ici
http://www.fichier-dll.fr/gdi32.dll,1083
ou là http://www.dll-files.com/dllindex/dll-files.shtml?gdi32

je te remercie de ta réponse mais je ne comprends pas tout
les cds d'installation je peux les mettre en iso sans souci
par contre qu'appelles tu live cd ?
comment faire pour remplacer le fichier et renommer les anciens en bak ou old

est ce que je peux mettre le fichier gdi32.dll sur une clé usb ?

merci d'avance

Un « live CD » est une distribution Linux tenant sur un seul CD ou DVD
qu'il est possible de lancer sans installation.c'est pratique
quand on a plus accès à windows. tu vas à l'emplacement du fichier C:\WINDOWS\system32\gdi32.dll
tu renommes celui-ci en gdi32.dll.old tu le laisses à
sa place.tu copies le nouveau dans le même dossier system32.

tu as tenté une restauration?
http://forum.telecharger.01net.com/microhebdo/questions-techniques-diverses/t(...)

Pour le live cd où peut on l'obtenir ?

Pour aller à l'emplacement du fichier C:\WINDOWS\system32\gdi32.dll
pour renommer celui-ci en gdi32.dll.old et le laisser à
sa place puis copier le nouveau dans le même dossier system32.

Comment faire ? je suis novice : est ce qu'il faut lancer le live cd à ce moment là pour me permettre d'effectuer cette manip ? où peut on accéder à un mod permettant de faire la modif ? Si oui comment faut il s'y prendre ?

un lien direct de téléchargement:
http://ubuntu.mirrors.skynet.be/pub/ubuntu.com/releases/intrepid/ubuntu-8.10-(...)

un tuto http://www.01audio-video.com/live-cd-linux-ubuntu.htm

après une fois que tu seras sous linux (ubuntu) tu explores
le dd à la recherche de ton disque ou est installé windows>tu l'ouvres
et tu suis le chemin (C:\WINDOWS\system32)jusqu'à system32 pour y renommer l'ancien gdi32 en .old et coller le nouveau fichier gdi32.dll au même endroit.

je te remercie beaucoup

je vais télécharger et je verrais ca ce soir...

bonne journée

j'ai réussi à télécharger ubuntu ce qi m'a permis de faire de smanips...

le seul souci c que le fichier user32.dll est infecté par un virus

faut il en chercher un autre sur un site pour remplacer celui que j'ai sur le pc ?

je te conseille de faire un scan avec Dr.Web LiveCD ,si il y a
encore traces de virus il est capable de les supprimer.il connait
bien les fichiers patché,ce qui semble etre le cas pour ton user32.dll
http://www.freedrweb.com/livecd/
si ca ne va pas mieux la dll est ici:
http://www.olinformatique.com/DLL-FILES/FILES/user32.dll.php

en enregistrant le fichier user32.dll, je retrouve mon pc et je peux lancer à nouveau l'antivirus
le seul souci c qu'il reste des virus sur le pc et que des que je fais une recherche de virus ca m'abloqué certains virus et mis en quarantaine par contre à un moment ca plante le pc et une page bleue apparait...

y a t'il d'autres moyens de retirer ces virus dont je ne peux pas connaitre les noms ? est ce que le drweb livecd est efficace pour supprimer ces fichiers ou faut il voir un autre antivirus plus performant et lequel ?

Si tu as de nouveau accès à ton pc c'est cool on peut tenter le nettoyage.


Télécharge ComboFix (de sUBs)renommé en fmh.exe par mes soins.
http://www.sendspace.com/file/kjicyw
- Sauvegarde le sur ton Bureau.
- Double-clique sur fmh.exe et suis les instructions.
- Lorsqu'il aura terminé, un rapport apparaîtra à l'écran (fichier texte).
- Copie/colle le contenu du rapport dans ta prochaine réponse.

Le rapport est également sauvegardé ici : C:\ComboFix.txt

Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ;
ceci provoquerait le gel du programme

le programme que tu me donnes ne veut pas se mettr en route

des messages d'erreur apparaissent :
dwwin.exe - erreur d'application
drwtsn32.exe - erreur d'application
error - runtimeerror 203 at 5A003E99

J'ai avast et quand je lance la recherche de virus ca plante à un moment donné et ca ferme le logiciel

je ne peux pas désinstaller non plus des programmes ni aller dans la restauration du systeme... peut etre que c du a des virus (surement) ou à ces erreurs aussi ?

Fait un scan en ligne en cliquant sur ce bouton :

copie-colle l'intégralité du rapport final.

je ne peux pas le faire car c un pc où je n'ai pas internet car c un pc que l'on ma donné à réparer vu qu'ils n'y connaissent rien

fais ceci alors:
http://www.freedrweb.com/livecd/

je suis en train de lancer dr web scanner
il a trouvé actuellement 3 fichiers :
C:/nwurjr.exe infecté parWin32.virut.56
C:/wgpiqf.exe infecté parWin32.virut.56
C:/acersw/selburn/selfburn.exe infecté parWin32.virut.56

Virut a la particularité d'infecter tous les .exe
c'est un méchant.alors si tu utilises une clé USB pour
transférer les fichiers sur le pc malade,formate-la après
transfert.comme ca quant tu l'introduira dans ton pc propre
(en espérant qu'il le soit) il n'y aura aucun exécutable.
supprime l'ancien Combofix et retélécharge-le à nouveau
et essaye la procédure décrite ici:
http://forum.telecharger.01net.com/microhebdo/questions-techniques-diverses/m(...)


laisse Dr Web terminer son scan.

j'ai vu que drweb cure it proposait de désinfecter ce virus ?

faut il le lancer aussi ?

as-tu laisser le scan se finir ?

j'avais commencé un premier scan où il m'avait repéré les trois fichiers que j'ai indiqué ca a coupé
j'ai donc relancé mais j'ai fait un boot safe ? est ce qu'l fallait faire ca ?
ca donne page noir avec un défle de tous les fichiers

il faut que le scan puisse etre complet pour que l'antivirus
puisse nettoyer au maximum car des fichiers infecté il doit
y en avoir des tas.le preferable pour proceder au scan c'est en
bootant sur le live cd Dr Web comme ca il fait son scan sans
qu'aucun processus ne soit actif,ni windows,ni les bestioles.

c ce que je fais je pense en ayant cliqué sur boot safe c ca ?

une fois le scan fait il va éliminer automatiquement les virus ?

il va désinfecter ce qu'il trouvera car le systeme doit etre
infecté (les fichiers système windows).il va nettoyer au max
mais pour cela boote sur le live cd.ensuite refais le téléchargement
de Combofix après avoir viré l'ancien.

dr web antivirus a bien nettoyé le pc
effectivement l'ensemble des programmes en .exe étaient touchés

par contre des que je refais une analyse le virus réapparait ailleurs donc comment faire pour le supprimet définitivement ? il s'agit de win32.virut.56

j'avais ma rstauration du systeme qui ne marchait pas donc j'ai récupéré le fichier sur un autre pc et je l'ai installé sur celui ci mais à peine mis qu'il a déjà été infecté par ce virus. Pourtant sur mon pc le fichier de restauration rstrui n'est pas infecté car j'arrive à faire une restauration du systeme sur le mien ...

tu n'as pas utilisé Combofix après Dr web comme indiqué plus haut ?
as-tu le cd d'installation de Windows ?

j'ai essayé de mettre combofix mais il m'indique que je ne peux pas l'utiliser et qu'il marche pour windows 2000 et xp hors j'ai xp ???
les cd d'installation je ne l'ai pas car ils étaient sur le pc mais y avait des fichiers infectés

ce genre d'infection mène directement au formatage,la bestiole
infecte plusieurs types de fichiers pas seulement les .exe
sans le cd de windows pour reparer le systeme après nettoyage
(si celui-ci va jusqu'au bout) le windows restera instable.

on peut toujours essayer de chercher les fichiers qui relancent l'infection.

Télécharge >OTListIt2.exe< (par OldTimer).
Enregistre-le sur le Bureau.

Fais un double clic sur OTListIt2.exe pour lancer l'outil.

Si ton PC est sous Windows Vista,faire un clic droit sur OTListIt2.exe
et choisir "Exécuter en tant qu'Administrateur" pour exécuter le tool.


Coche la case Scan All Users

Prends soin de cocher aussi dans le paragraphe Extra Registry : Use SafeList
Puis clique sur le bouton Run Scan



Laisse l'outil travailler sans l'interrompre.
Lorsque le scan sera terminé,le Bloc-notes va s'ouvrir avec le rapport.
Ferme le Bloc-notes.
Le second rapport est visible dans la Barre des tâches.Ferme-le également.
Ferme aussi la fenêtre de OTListIt2.

Poste les deux rapports OTListIt.txt et Extras.txt se trouvant sur le Bureau.

Ensuite refais un scan avec DR web enregistre le rapport de scan et poste-le en réponse.

le fichie extra du bloc note indique :


OTListIt Extras logfile created on: 26/02/2009 11:12:09 - Run 2
OTListIt2 by OldTimer - Version 2.0.2.0 Folder = J:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 332,84 Mb Available Physical Memory | 65,07% Memory free
1,22 Gb Paging File | 0,93 Gb Available in Paging File | 76,32% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,26 Gb Total Space | 157,34 Gb Free Space | 84,47% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 477,11 Mb Total Space | 188,66 Mb Free Space | 39,54% Space Free | Partition Type: FAT

Computer Name: OEM-0AAACAA1E8E
Current User Name: laurent
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\Documents and Settings\Administrateur\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool
File not found -- C:\Documents and Settings\laurent\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B20126-F3C2-11D5-A6D2-00C026001DCA}" = WebEye
"{20B9BC7F-BB40-4A4F-95D6-91E4D8FBE5AF}" = PC CameraN
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}" = Vimicro USB PC Camera (ZC0301PL)
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{5EA24DA8-F398-42C7-8CDC-39273493C514}" = VIMICRO USB PC Camera II
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows
"{88F93347-0F9B-4FED-BA71-6C2A4CDFE61D}" = Ulead DVD MovieFactory 2 SE
"{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}" = VIMICRO USB PC Camera V
"{926B578B-505F-4820-A62D-088E1124FED4}" = USB Video Camera Driver v1.10a
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live
"{B76F485C-447A-4988-8E5F-5DB5C9C5CFDE}" = ZionPCC_CIF
"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{DC67641A-05C4-4FED-A462-1EB1DC6CF2F5}" = NTI Photo Suite
"{E9AD37F8-B010-47ED-9CE1-2FC9200CA7D2}" = Cyclon Webcam
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera
"{EF20F568-9EA5-466D-8F7C-708707259AD9}" = Micro Application - Faire-Part Edition Classic
"{F8847BED-04E7-4924-B1CE-D9CA5CDE7420}" = Samsung PC Studio 3
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"avast!" = avast! Antivirus
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner (remove only)
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20B9BC7F-BB40-4A4F-95D6-91E4D8FBE5AF}" = PC CameraN
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold
"Messager Wanadoo" = Messager Wanadoo
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"QcDrv" = Programme de gestion Camera de Labtec®
"RealPlayer 6.0" = RealPlayer Basic
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ViewpointMediaPlayer" = Viewpoint Media Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 24/02/2009 19:06:20 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 25/02/2009 02:39:56 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 25/02/2009 02:39:56 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 25/02/2009 03:13:56 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 25/02/2009 03:13:56 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 25/02/2009 13:25:31 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 25/02/2009 13:25:31 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 26/02/2009 02:53:42 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 26/02/2009 02:53:42 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 26/02/2009 06:03:46 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

[ Application Events ]
Error - 24/02/2009 18:40:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
drwtsn32.exe, version 5.1.2600.0, adresse de défaillance 0x00006ec0.

Error - 24/02/2009 18:40:43 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
drwtsn32.exe, version 5.1.2600.0, adresse de défaillance 0x00006ec0.

Error - 24/02/2009 18:44:10 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1004
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
drwtsn32.exe, version 5.1.2600.0, adresse de défaillance 0x00006ec0.

Error - 24/02/2009 18:44:12 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1004
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
drwtsn32.exe, version 5.1.2600.0, adresse de défaillance 0x00006ec0.

Error - 24/02/2009 18:44:14 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1004
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
drwtsn32.exe, version 5.1.2600.0, adresse de défaillance 0x00006ec0.

Error - 25/02/2009 17:47:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 25/02/2009 17:47:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 25/02/2009 17:47:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 25/02/2009 17:47:46 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 26/02/2009 06:11:42 | Computer Name = OEM-0AAACAA1E8E | Source = Application Hang | ID = 1002
Description = Application bloquée OTListIt2.exe, version 2.0.2.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7023
Description = Le service Mises à jour automatiques s'est arrêté avec l'erreur :
%%2147952450

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : AFD aswSP aswTdi IPSec MRxSmb NetBIOS NetBT Tcpip

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7023
Description = Le service avast! Web Scanner s'est arrêté avec l'erreur : %%10050

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7000
Description = Le service Pilote IPSEC n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service Pilote du protocole TCP/IP dépend du service Pilote IPSEC
qui n'a pas pu démarrer en raison de l'erreur : %%2

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service aswRdr dépend du service Pilote du protocole TCP/IP qui
n'a pas pu démarrer en raison de l'erreur : %%1068

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7000
Description = Le service Pilote IPSEC n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service Pilote du protocole TCP/IP dépend du service Pilote IPSEC
qui n'a pas pu démarrer en raison de l'erreur : %%2

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7000
Description = Le service AFD n'a pas pu démarrer en raison de l'erreur : %%2

Error - 26/02/2009 06:05:29 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service NLA (Network Location Awareness) dépend du service AFD
qui n'a pas pu démarrer en raison de l'erreur : %%2


< End of report >

le fichier otlistit indique :


OTListIt logfile created on: 26/02/2009 11:12:09 - Run 2
OTListIt2 by OldTimer - Version 2.0.2.0 Folder = J:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 332,84 Mb Available Physical Memory | 65,07% Memory free
1,22 Gb Paging File | 0,93 Gb Available in Paging File | 76,32% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,26 Gb Total Space | 157,34 Gb Free Space | 84,47% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 477,11 Mb Total Space | 188,66 Mb Free Space | 39,54% Space Free | Partition Type: FAT

Computer Name: OEM-0AAACAA1E8E
Current User Name: laurent
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2009/02/05 22:01:26 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/24 23:41:12 | 00,114,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009/02/05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/24 23:39:02 | 01,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/02/24 23:39:06 | 00,067,072 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2009/02/24 23:41:36 | 00,294,912 | ---- | M] (Acer Inc.) -- C:\Windows\System32\USBPlug.exe
PRC - [2009/02/24 23:41:00 | 00,241,664 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2009/02/24 23:41:48 | 00,135,168 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2009/02/05 22:08:46 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/24 23:38:46 | 01,850,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/02/26 10:30:24 | 00,497,152 | ---- | M] (OldTimer Tools) -- J:\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/02/05 22:01:26 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/02/05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/02/05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/02/05 22:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - File not found -- -- (ClipSrv [Disabled | Stopped])
SRV - File not found -- -- (FCI [Auto | Stopped])
SRV - [2004/08/05 05:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - File not found -- -- (ICF [Auto | Stopped])
SRV - [2009/02/24 23:40:50 | 00,149,504 | ---- | M] () -- C:\WINDOWS\system32\imapi.exe -- (ImapiService [On_Demand | Stopped])
SRV - File not found -- -- (LXBTCustomerConnect [Auto | Stopped])
SRV - [2009/02/24 23:41:12 | 00,114,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/02/09 20:47:26 | 00,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\StkSSrv.dll -- (StkSSrv [Auto | Stopped])
SRV - [2004/08/05 05:00:00 | 00,103,936 | ---- | M] () -- C:\WINDOWS\system32\jurwbyy.dll -- (toraatfy [Auto | Stopped])
SRV - [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2009/02/24 23:38:48 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/02/05 22:05:12 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2004/06/29 09:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2004/02/24 11:08:52 | 00,400,384 | ---- | M] (Sensaura) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Running])
DRV - [2004/05/14 23:24:10 | 00,622,172 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2006/06/19 18:06:54 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2009/02/05 22:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Stopped])
DRV - [2009/02/05 22:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009/02/05 22:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
DRV - [2009/02/05 22:07:24 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Stopped])
DRV - [2009/02/05 22:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Stopped])
DRV - [2009/02/06 04:06:42 | 00,136,992 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\CsAud.sys -- (csaudio [On_Demand | Stopped])
DRV - [2004/10/11 19:18:58 | 00,022,016 | R--- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\lvusbsta.sys -- (LVUSBSta [On_Demand | Stopped])
DRV - [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
DRV - [2004/11/22 16:36:40 | 00,018,003 | ---- | M] (Motive, Inc.) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5 [On_Demand | Stopped])
DRV - [2005/04/25 08:50:42 | 00,006,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2004/04/23 12:24:00 | 02,167,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2003/09/20 08:45:48 | 00,021,248 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2004/10/11 19:22:02 | 00,211,712 | R--- | M] (Labtec Inc.) -- C:\WINDOWS\system32\DRIVERS\LV561AV.SYS -- (PID_0928 [On_Demand | Stopped])
DRV - [2004/08/05 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2003/08/04 12:14:34 | 00,065,152 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys -- (RTL8023 [On_Demand | Stopped])
DRV - [2009/01/15 16:17:40 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/01/15 16:17:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/01/15 16:17:38 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005/08/30 01:47:38 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
DRV - [2005/08/30 01:49:34 | 00,008,336 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
DRV - [2005/08/30 01:49:38 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
DRV - [2006/07/24 16:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2006/05/03 09:25:32 | 00,851,265 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\Drivers\StkMini.sys -- (StkMini [On_Demand | Stopped])
DRV - [2006/01/23 11:25:54 | 00,004,769 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\Drivers\StkScan.sys -- (StkScan [On_Demand | Stopped])
DRV - [2003/07/02 04:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1 [Boot | Running])
DRV - [2009/02/10 03:17:00 | 00,137,856 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = Reg Error: Invalid data type.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://GLOBAL.ACER.COM/
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://GLOBAL.ACER.COM/
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://GLOBAL.ACER.COM/
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = Reg Error: Invalid data type.
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\S-1-5-21-1779672970-2969962186-290470409-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\S-1-5-21-1779672970-2969962186-290470409-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 www.tEenPassage.com
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [ATIPTA] File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [dscService] C:\Windows\System32\USBPlug.exe (Acer Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Labtec Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StandardInstall] File not found
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\.DEFAULT..\Run: [jrcydebv.exe] C:\WINDOWS\jrcydebv.exe File not found
O4 - HKU\.DEFAULT..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [xlmopojd.exe] C:\WINDOWS\xlmopojd.exe File not found
O4 - HKU\S-1-5-18..\Run: [jrcydebv.exe] C:\WINDOWS\jrcydebv.exe File not found
O4 - HKU\S-1-5-18..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [xlmopojd.exe] C:\WINDOWS\xlmopojd.exe File not found
O4 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuw(...) (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\svkisnkf: DllName - jurwbyy.dll - C:\WINDOWS\system32\jurwbyy.dll ()
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\pmnnKcDS) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/08 17:42:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{e29b0750-d8f9-11dd-a5c7-00038a000015}\Shell\Auto\command - "" = AdobeR.exe e

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[73 C:\WINDOWS\System32\*.tmp files]
[11 C:\WINDOWS\*.tmp files]
[2009/02/25 22:47:30 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/02/25 08:39:24 | 12,674,224 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\laurent\Bureau\dr web cure it.exe
[2009/02/25 07:46:51 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/02/25 07:46:51 | 00,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2009/02/25 07:46:50 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/02/25 07:46:50 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/02/25 07:46:49 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/02/25 07:46:49 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/02/25 07:46:49 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/02/25 07:46:49 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/02/25 07:46:49 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/02/25 07:46:31 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/02/25 07:46:31 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/02/23 20:15:12 | 00,000,000 | -HSD | C] -- C:\FOUND.016
[2009/02/23 19:53:28 | 00,000,000 | -HSD | C] -- C:\FOUND.015
[2009/02/23 18:51:28 | 00,000,000 | -HSD | C] -- C:\FOUND.014
[2009/02/23 16:18:51 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW.0.tmp
[2009/02/23 16:15:28 | 00,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.execf
[2009/02/23 14:41:49 | 53,639,9872 | -HS- | C] () -- C:\hiberfil.sys
[2009/02/23 14:39:37 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\User32.dll
[2009/02/23 14:39:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/02/23 12:32:13 | 00,000,000 | ---D | C] -- C:\.Trash-999
[2009/02/23 10:50:35 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Gdi32.dll
[2009/02/15 18:41:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/02/15 17:55:36 | 00,000,000 | -HSD | C] -- C:\FOUND.013
[2009/02/15 16:38:30 | 00,000,000 | -HSD | C] -- C:\FOUND.012
[2009/02/15 16:31:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/02/15 13:37:58 | 00,000,000 | -HSD | C] -- C:\FOUND.011
[2009/02/15 13:28:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/02/15 13:27:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/02/15 13:27:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\laurent\Application Data\SUPERAntiSpyware.com
[2009/02/15 13:27:15 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2009/02/15 13:23:56 | 00,000,000 | ---D | C] -- C:\8a2d27e93eae6a471a845a
[2009/02/15 13:19:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/02/15 09:45:10 | 00,000,000 | -HSD | C] -- C:\FOUND.010
[2009/02/13 20:30:06 | 00,000,000 | -HSD | C] -- C:\FOUND.009
[2009/02/13 20:21:15 | 00,000,000 | ---D | C] -- C:\cd6ddb873bf5ec5d3917fb4abb6d
[2009/02/13 14:50:18 | 00,000,000 | -HSD | C] -- C:\FOUND.008
[2009/02/12 15:45:16 | 00,000,000 | -HSD | C] -- C:\FOUND.007
[2009/02/11 18:05:42 | 00,000,000 | -HSD | C] -- C:\FOUND.006
[2009/02/10 20:41:25 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/10 20:41:02 | 00,000,000 | -HSD | C] -- C:\FOUND.005
[2009/02/10 18:57:14 | 00,000,000 | -HSD | C] -- C:\FOUND.004
[2009/02/10 04:21:57 | 00,000,000 | ---D | C] -- C:\a67ce096e928938398b1120f2d7226
[2009/02/10 03:16:59 | 00,137,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2009/02/09 23:58:14 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/02/09 18:49:19 | 00,027,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/02/09 18:34:39 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/02/09 11:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/02/09 11:18:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/02/07 14:50:38 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/02/07 14:13:55 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009/02/07 14:13:40 | 00,001,456 | ---- | C] () -- C:\Documents and Settings\laurent\Bureau\CCleaner.lnk
[2009/02/07 14:13:40 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/02/07 14:04:30 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2009/02/07 14:04:22 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009/02/06 15:28:20 | 00,015,638 | ---- | C] () -- C:\WINDOWS\System32\USBPlugLog.ini
[2009/02/06 15:27:32 | 00,000,000 | -HSD | C] -- C:\FOUND.003
[2009/02/06 14:56:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/02/06 14:55:38 | 00,000,000 | -HSD | C] -- C:\FOUND.002
[2009/02/06 14:10:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/02/06 04:06:40 | 00,136,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\csaud.sys
[2009/02/05 21:05:08 | 00,000,005 | ---- | C] () -- C:\WINDOWS\_id.dat
[2009/02/05 20:27:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mqcd.dbt
[2009/02/05 20:26:54 | 00,000,128 | ---- | C] () -- C:\WINDOWS\adobe.bat
[2009/02/05 20:26:09 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\do8d.sr
[2009/02/05 20:26:08 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\rer.wa
[2009/02/05 20:26:07 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\qzhr1.ant
[2009/02/05 20:26:06 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\dedwf.lp
[2009/02/05 20:26:05 | 00,086,016 | ---- | C] () -- C:\wgqjqf.exe
[2009/02/05 20:26:05 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\re3d.pf
[2009/02/05 20:25:37 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\sccisyse.dll
[2009/02/04 20:23:38 | 01,636,390 | -HS- | C] () -- C:\WINDOWS\System32\tekoufqt.ini
[2009/02/04 20:17:39 | 01,636,390 | -HS- | C] () -- C:\WINDOWS\System32\hjnqpfuy.ini
[2009/02/03 20:16:47 | 01,622,398 | -HS- | C] () -- C:\WINDOWS\System32\xyqqphfb.ini
[2009/02/03 20:10:51 | 01,622,398 | -HS- | C] () -- C:\WINDOWS\System32\gfkagqwo.ini
[2009/02/02 20:10:21 | 01,607,576 | -HS- | C] () -- C:\WINDOWS\System32\kqsctyle.ini
[2009/02/02 20:07:23 | 01,607,576 | -HS- | C] () -- C:\WINDOWS\System32\gcejeqep.ini
[2009/02/01 20:07:09 | 01,563,531 | -HS- | C] () -- C:\WINDOWS\System32\parygxqy.ini
[2009/01/31 20:09:21 | 01,625,888 | -HS- | C] () -- C:\WINDOWS\System32\mtonpqwc.ini
[2009/01/31 20:00:21 | 01,625,888 | -HS- | C] () -- C:\WINDOWS\System32\mugwfhun.ini
[2009/01/30 19:58:57 | 01,625,888 | -HS- | C] () -- C:\WINDOWS\System32\aopvjaru.ini
[2009/01/30 19:52:59 | 01,625,888 | -HS- | C] () -- C:\WINDOWS\System32\msplpmmj.ini
[2009/01/29 19:52:42 | 01,559,168 | -HS- | C] () -- C:\WINDOWS\System32\bmimquld.ini
[2009/01/28 19:51:25 | 01,563,553 | -HS- | C] () -- C:\WINDOWS\System32\ywhdvrwj.ini
[2009/01/27 19:49:11 | 01,561,620 | -HS- | C] () -- C:\WINDOWS\System32\ucfrqdev.ini
[2009/01/27 19:46:12 | 01,561,620 | -HS- | C] () -- C:\WINDOWS\System32\gjthbvml.ini

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[73 C:\WINDOWS\System32\*.tmp files]
[11 C:\WINDOWS\*.tmp files]
[2009/02/26 11:07:48 | 00,015,638 | ---- | M] () -- C:\WINDOWS\System32\USBPlugLog.ini
[2009/02/26 11:04:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/26 11:04:02 | 00,003,873 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/02/26 11:03:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/26 11:03:44 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/26 11:03:42 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/26 08:06:30 | 00,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/02/26 08:06:30 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/02/26 08:06:28 | 06,797,810 | -H-- | M] () -- C:\Documents and Settings\laurent\Local Settings\Application Data\IconCache.db
[2009/02/25 23:31:04 | 00,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/02/25 23:31:04 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/02/25 22:47:42 | 00,400,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.execf
[2009/02/25 09:12:42 | 00,256,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2009/02/25 09:12:42 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/02/25 09:12:40 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2009/02/25 09:12:40 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hh.exe
[2009/02/25 09:12:38 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/02/25 09:12:38 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/02/25 09:12:36 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiexec.exe
[2009/02/25 09:12:34 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2009/02/25 09:12:32 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/02/25 09:12:32 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009/02/25 09:12:32 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2009/02/25 09:12:32 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2009/02/25 09:12:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2009/02/25 09:12:32 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/02/25 09:12:30 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/02/25 09:12:28 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/02/25 09:12:28 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/02/25 09:12:26 | 00,196,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/02/25 09:12:26 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/02/25 09:12:26 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/02/25 09:12:26 | 00,011,264 | ---- | M] () -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2009/02/25 09:12:26 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2009/02/25 09:12:24 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2009/02/25 09:12:24 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/02/25 09:12:24 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2009/02/25 09:12:22 | 00,438,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaacmgr.exe
[2009/02/25 09:12:22 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/02/25 09:12:22 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2009/02/25 09:12:20 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2009/02/25 09:12:20 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/02/25 09:12:20 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/02/25 09:12:20 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/02/25 09:12:20 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/02/25 09:12:18 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssvc.exe
[2009/02/25 09:12:18 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2009/02/25 09:12:18 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/02/25 09:12:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/02/25 09:12:18 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2009/02/25 09:12:16 | 00,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2009/02/25 09:12:16 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2009/02/25 09:12:16 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ups.exe
[2009/02/25 09:12:16 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2009/02/25 09:12:14 | 00,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/02/25 09:12:14 | 00,126,464 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/02/25 09:12:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/02/25 09:12:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/02/25 09:12:14 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2009/02/25 09:12:12 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/02/25 09:12:12 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2009/02/25 09:12:12 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/02/25 09:12:12 | 00,016,896 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/02/25 09:12:12 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/02/25 09:12:12 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/02/25 09:12:12 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/02/25 09:12:12 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2009/02/25 09:12:10 | 00,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2009/02/25 09:12:10 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2009/02/25 09:12:10 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/02/25 09:12:08 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2009/02/25 09:12:08 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2009/02/25 09:12:08 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/02/25 09:12:08 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2009/02/25 09:12:06 | 00,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/02/25 09:12:06 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2009/02/25 09:12:06 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2009/02/25 09:12:04 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sstext3d.scr
[2009/02/25 09:12:04 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2009/02/25 09:12:04 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2009/02/25 09:12:04 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssstars.scr
[2009/02/25 09:12:04 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2009/02/25 09:12:02 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ss3dfo.scr
[2009/02/25 09:12:02 | 00,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspipes.scr
[2009/02/25 09:12:02 | 00,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssflwbox.scr
[2009/02/25 09:12:02 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmypics.scr
[2009/02/25 09:12:02 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmarque.scr
[2009/02/25 09:12:02 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssbezier.scr
[2009/02/25 09:12:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmyst.scr
[2009/02/25 09:12:00 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/02/25 09:12:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2009/02/25 09:11:58 | 00,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2009/02/25 09:11:58 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/02/25 09:11:58 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/02/25 09:11:58 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2009/02/25 09:11:58 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2009/02/25 09:11:58 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2009/02/25 09:11:56 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/02/25 09:11:56 | 00,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/02/25 09:11:56 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/02/25 09:11:52 | 03,555,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/02/25 09:11:52 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/02/25 09:11:52 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogsvc.exe
[2009/02/25 09:11:52 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/02/25 09:11:52 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2009/02/25 09:11:52 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2009/02/25 09:11:50 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2009/02/25 09:11:50 | 00,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2009/02/25 09:11:50 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/02/25 09:11:50 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2009/02/25 09:11:50 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2009/02/25 09:11:50 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/02/25 09:11:48 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009/02/25 09:11:48 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2009/02/25 09:11:48 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/02/25 09:11:48 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmgrate.exe
[2009/02/25 09:11:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/02/25 09:11:46 | 00,778,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/02/25 09:11:46 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/02/25 09:11:46 | 00,072,704 | ---- | M] () -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/02/25 09:11:46 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2009/02/25 09:11:46 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2009/02/25 09:11:44 | 00,816,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2009/02/25 09:11:44 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz_a.exe
[2009/02/25 09:11:44 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrnsave.scr
[2009/02/25 09:11:42 | 00,786,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/02/25 09:11:42 | 00,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz.exe
[2009/02/25 09:11:42 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2009/02/25 09:11:42 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardsvr.exe
[2009/02/25 09:11:42 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/02/25 09:11:42 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/02/25 09:11:40 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/02/25 09:11:40 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/02/25 09:11:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/02/25 09:11:40 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/02/25 09:11:40 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2009/02/25 09:11:40 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2009/02/25 09:11:38 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2009/02/25 09:11:38 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2009/02/25 09:11:38 | 00,048,128 | ---- | M] () -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2009/02/25 09:11:38 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2009/02/25 09:11:38 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2009/02/25 09:11:38 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2009/02/25 09:11:38 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2009/02/25 09:11:36 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/02/25 09:11:36 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2009/02/25 09:11:36 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/02/25 09:11:36 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2009/02/25 09:11:36 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2009/02/25 09:11:36 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2009/02/25 09:11:36 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/02/25 09:11:36 | 00,004,608 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2009/02/25 09:11:34 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2009/02/25 09:11:34 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/02/25 09:11:34 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/02/25 09:11:34 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2009/02/25 09:11:34 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2009/02/25 09:11:34 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/02/25 09:11:34 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2009/02/25 09:11:34 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2009/02/25 09:11:34 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2009/02/25 09:11:32 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2009/02/25 09:11:32 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2009/02/25 09:11:32 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2009/02/25 09:11:32 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2009/02/25 09:11:30 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2009/02/25 09:11:30 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/02/25 09:11:30 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/02/25 09:11:30 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/02/25 09:11:30 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsass.exe
[2009/02/25 09:11:30 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/02/25 09:11:28 | 00,515,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2009/02/25 09:11:28 | 00,221,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logon.scr
[2009/02/25 09:11:28 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2009/02/25 09:11:28 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2009/02/25 09:11:28 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/02/25 09:11:28 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/02/25 09:11:28 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2009/02/25 09:11:28 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\dllcache\lpq.exe
[2009/02/25 09:11:26 | 00,284,160 | ---- | M] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009/02/25 09:11:26 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\locator.exe
[2009/02/25 09:11:26 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2009/02/25 09:11:26 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2009/02/25 09:11:26 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2009/02/25 09:11:26 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2009/02/25 09:11:26 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2009/02/25 09:11:24 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2009/02/25 09:11:24 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2009/02/25 09:11:24 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2009/02/25 09:11:24 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2009/02/25 09:11:24 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2009/02/25 09:11:22 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/02/25 09:11:22 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2009/02/25 09:11:22 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2009/02/25 09:11:20 | 00,216,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2009/02/25 09:11:20 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/02/25 09:11:20 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2009/02/25 09:11:18 | 00,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdm.exe
[2009/02/25 09:11:18 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsd.exe
[2009/02/25 09:11:16 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2009/02/25 09:11:16 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2009/02/25 09:11:16 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/02/25 09:11:16 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2009/02/25 09:11:14 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2009/02/25 09:11:14 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2009/02/25 09:11:14 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2009/02/25 09:11:12 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2009/02/25 09:11:12 | 00,114,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2009/02/25 09:11:12 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2009/02/25 09:11:12 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2009/02/25 09:11:10 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2009/02/25 09:11:10 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2009/02/25 09:11:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/02/25 09:11:06 | 00,411,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/02/25 09:11:06 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2009/02/25 09:11:04 | 00,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/02/25 09:11:00 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2009/02/25 09:11:00 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2009/02/25 09:11:00 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/02/25 09:10:58 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/02/25 09:10:58 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2009/02/25 09:10:58 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2009/02/25 09:10:58 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/02/25 09:10:58 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2009/02/25 09:10:56 | 00,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi.exe
[2009/02/25 09:10:56 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/02/25 09:10:54 | 00,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/02/25 09:10:54 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/02/25 09:10:54 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/02/25 09:10:52 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/02/25 09:10:52 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/02/25 09:10:52 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/02/25 09:10:52 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/02/25 09:10:50 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2009/02/25 09:10:50 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/02/25 09:10:50 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2009/02/25 09:10:50 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/02/25 09:10:50 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2009/02/25 09:10:48 | 00,768,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/02/25 09:10:48 | 00,743,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/02/25 09:10:48 | 00,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/02/25 09:10:48 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2009/02/25 09:10:46 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2009/02/25 09:10:44 | 00,268,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/02/25 09:10:44 | 00,238,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/02/25 09:10:44 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/02/25 09:10:42 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2009/02/25 09:10:42 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/02/25 09:10:42 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ftp.exe
[2009/02/25 09:10:40 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/02/25 09:10:40 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2009/02/25 09:10:40 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/02/25 09:10:40 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2009/02/25 09:10:40 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2009/02/25 09:10:40 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2009/02/25 09:10:40 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2009/02/25 09:10:38 | 00,093,696 | ---- | M] () -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/02/25 09:10:38 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2009/02/25 09:10:38 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2009/02/25 09:10:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/02/25 09:10:38 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expand.exe
[2009/02/25 09:10:38 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2009/02/25 09:10:38 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2009/02/25 09:10:36 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2009/02/25 09:10:36 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2009/02/25 09:10:34 | 01,298,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009/02/25 09:10:34 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwwin.exe
[2009/02/25 09:10:34 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2009/02/25 09:10:32 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2009/02/25 09:10:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2009/02/25 09:10:30 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009/02/25 09:10:30 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009/02/25 09:10:28 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009/02/25 09:10:28 | 00,015,872 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2009/02/25 09:10:28 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2009/02/25 09:10:28 | 00,004,608 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/02/25 09:10:26 | 00,225,280 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2009/02/25 09:10:26 | 00,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2009/02/25 09:10:26 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2009/02/25 09:10:26 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2009/02/25 09:10:26 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2009/02/25 09:10:26 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2009/02/25 09:10:24 | 00,548,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/02/25 09:10:24 | 00,506,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2009/02/25 09:10:22 | 00,104,960 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgntfs.exe
[2009/02/25 09:10:22 | 00,082,432 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2009/02/25 09:10:20 | 00,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2009/02/25 09:10:20 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/02/25 09:10:20 | 00,025,600 | ---- | M] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2009/02/25 09:10:20 | 00,025,088 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\defrag.exe
[2009/02/25 09:10:20 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/02/25 09:10:18 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/02/25 09:10:18 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctfmon.exe
[2009/02/25 09:10:16 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009/02/25 09:10:16 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2009/02/25 09:10:16 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2009/02/25 09:10:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/02/25 09:10:16 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2009/02/25 09:10:16 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2009/02/25 09:10:16 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/02/25 09:10:16 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2009/02/25 09:10:16 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/02/25 09:10:14 | 01,044,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/02/25 09:10:14 | 01,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2009/02/25 09:10:12 | 00,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2009/02/25 09:10:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2009/02/25 09:10:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cleanmgr.exe
[2009/02/25 09:10:12 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2009/02/25 09:10:12 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2009/02/25 09:10:12 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2009/02/25 09:10:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2009/02/25 09:10:10 | 00,400,896 | ---- | M] (Microsoft Corporation) -

le second rapport est incomplet il devrait se terminer par
bon on voit traces de pas mal de cochonneries.on va dégrossir.


ouvre OTListIt2 puis dans la fenêtre du bas Custom Scans/Fixes
copie-colle le contenu de la citation ci-dessous:


Clique sur le bouton rouge Run Fix
Le tool va peut-être demander à rebooter l'ordi acceptes.copie-
colle le rapport final que tu retrouveras aussi en C:\_OTListIt\MovedFiles


juste derriere refaire un scan avec il faudra faire un scan avec DR Web
si tu ne l'as pas fait et poster son rapport final.
et tenter un nouveau combofix mais avec une version saine:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

la suite du fichier otlistit :

[2009/02/25 09:10:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2009/02/25 09:10:10 | 00,400,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmd.exe
[2009/02/25 09:10:10 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2009/02/25 09:10:10 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2009/02/25 09:10:10 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2009/02/25 09:10:08 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/02/25 09:10:08 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/02/25 09:10:08 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/02/25 09:10:08 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/02/25 09:10:08 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/02/25 09:10:08 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2009/02/25 09:10:08 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2009/02/25 09:10:08 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/02/25 09:10:08 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2009/02/25 09:10:06 | 00,115,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/02/25 09:10:06 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cacls.exe
[2009/02/25 09:10:06 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/02/25 09:10:02 | 00,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/02/25 09:10:02 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/02/25 09:10:02 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/02/25 09:10:02 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/02/25 09:09:58 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2009/02/25 09:09:58 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvrfy.exe
[2009/02/25 09:09:58 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootok.exe
[2009/02/25 09:09:56 | 00,188,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/02/25 09:09:56 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/02/25 09:09:44 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2009/02/25 09:09:44 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/02/25 09:09:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2009/02/25 09:09:42 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alg.exe
[2009/02/25 09:09:42 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2009/02/25 09:09:42 | 00,019,456 | ---- | M] () -- C:\WINDOWS\System32\dllcache\arp.exe
[2009/02/25 09:08:22 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/02/25 09:08:20 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/02/25 09:08:12 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/02/25 09:07:42 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2009/02/25 09:07:08 | 01,166,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2009/02/25 09:06:58 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2009/02/25 09:06:56 | 00,057,344 | ---- | M] () -- C:\WINDOWS\System32\InstMed.exe
[2009/02/25 09:06:54 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/02/25 09:06:54 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/02/25 09:06:52 | 00,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wjview.exe
[2009/02/25 09:06:52 | 00,115,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/02/25 09:06:52 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/02/25 09:06:52 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/02/25 09:06:50 | 00,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/02/25 09:06:50 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/02/25 09:06:50 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/02/25 09:06:50 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/02/25 09:06:50 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/02/25 09:06:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/02/25 09:06:50 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/02/25 09:06:50 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/02/25 09:06:50 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/02/25 09:06:50 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/02/25 09:06:48 | 00,684,544 | ---- | M] () -- C:\WINDOWS\System32\CDUninst.exe
[2009/02/25 09:06:48 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/02/25 09:06:48 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/02/25 09:06:48 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/02/25 09:06:48 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/02/25 09:06:48 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/02/25 09:06:48 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/02/25 09:06:46 | 00,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/02/25 09:06:46 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/02/25 09:06:46 | 00,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/02/25 09:06:46 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/02/25 09:06:46 | 00,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/02/25 09:06:44 | 00,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/02/25 09:06:44 | 00,411,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/02/25 09:06:44 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/02/25 09:06:44 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/02/25 09:06:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/02/25 09:06:42 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/02/25 09:06:42 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/02/25 09:06:28 | 00,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2009/02/25 09:06:28 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/02/25 09:06:22 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/02/25 09:06:16 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscript.exe
[2009/02/25 09:06:16 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2009/02/25 09:06:16 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2009/02/25 09:06:16 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/02/25 09:06:14 | 00,438,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2009/02/25 09:06:14 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2009/02/25 09:06:14 | 00,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2009/02/25 09:06:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2009/02/25 09:06:12 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
[2009/02/25 09:06:12 | 00,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2009/02/25 09:06:12 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2009/02/25 09:06:10 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2009/02/25 09:06:10 | 00,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2009/02/25 09:06:10 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2009/02/25 09:06:10 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2009/02/25 09:06:10 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2009/02/25 09:06:10 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2009/02/25 09:06:10 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2009/02/25 09:06:08 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2009/02/25 09:06:08 | 00,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2009/02/25 09:06:08 | 00,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2009/02/25 09:06:08 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2009/02/25 09:06:08 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2009/02/25 09:06:08 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2009/02/25 09:06:08 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/02/25 09:06:06 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2009/02/25 09:06:06 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2009/02/25 09:06:06 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2009/02/25 09:06:06 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2009/02/25 09:06:06 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2009/02/25 09:06:06 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2009/02/25 09:06:04 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2009/02/25 09:06:04 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2009/02/25 09:06:04 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2009/02/25 09:06:04 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2009/02/25 09:06:04 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2009/02/25 09:06:04 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2009/02/25 09:06:04 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2009/02/25 09:06:04 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2009/02/25 09:06:02 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2009/02/25 09:06:02 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2009/02/25 09:06:02 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/02/25 09:06:02 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2009/02/25 09:06:02 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2009/02/25 09:06:02 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jdbgmgr.exe
[2009/02/25 09:06:02 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2009/02/25 09:06:00 | 00,216,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2009/02/25 09:06:00 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2009/02/25 09:06:00 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2009/02/25 09:06:00 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2009/02/25 09:05:58 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2009/02/25 09:05:58 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2009/02/25 09:05:58 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2009/02/25 09:05:56 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2009/02/25 09:05:56 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clspack.exe
[2009/02/25 09:05:56 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2009/02/25 09:05:52 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mobsync.exe
[2009/02/25 09:05:52 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
[2009/02/25 09:05:50 | 00,816,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2009/02/25 09:05:50 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2009/02/25 09:05:50 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2009/02/25 09:05:50 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2009/02/25 09:05:48 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2009/02/25 09:05:48 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2009/02/25 09:05:46 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2009/02/25 09:05:44 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2009/02/25 09:05:44 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2009/02/25 09:05:42 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2009/02/25 09:05:42 | 00,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/02/25 09:05:42 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2009/02/25 09:05:42 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2009/02/25 09:05:42 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2009/02/25 09:05:40 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2009/02/25 09:05:40 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/02/25 09:05:40 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/02/25 09:05:40 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/02/25 09:05:38 | 00,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2009/02/25 09:05:38 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2009/02/25 09:05:38 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2009/02/25 09:05:38 | 00,015,872 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2009/02/25 09:05:36 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2009/02/25 09:05:36 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2009/02/25 09:05:34 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2009/02/25 09:05:34 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2009/02/25 09:05:34 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2009/02/25 09:05:34 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\javaw.exe
[2009/02/25 09:05:34 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\java.exe
[2009/02/25 09:05:34 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2009/02/25 09:05:34 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2009/02/25 09:05:32 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2009/02/25 09:05:32 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/02/25 09:05:32 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2009/02/25 09:05:30 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\notepad.exe
[2009/02/25 09:05:30 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2009/02/25 09:05:30 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2009/02/25 09:05:28 | 00,104,960 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2009/02/25 09:05:28 | 00,082,432 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2009/02/25 09:05:28 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2009/02/25 09:05:28 | 00,025,088 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2009/02/25 09:05:26 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2009/02/25 09:05:26 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2009/02/25 09:05:26 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2009/02/25 09:05:24 | 00,400,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2009/02/25 09:05:24 | 00,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jview.exe
[2009/02/25 09:05:16 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2009/02/25 09:05:14 | 00,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2009/02/25 09:05:12 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2009/02/25 09:05:10 | 00,077,824 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrmlnka.exe
[2009/02/25 09:05:10 | 00,069,632 | ---- | M] ( U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrshuta.exe
[2009/02/25 09:05:10 | 00,061,440 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrprbda.exe
[2009/02/25 09:05:10 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2009/02/25 09:05:10 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2009/02/25 09:05:10 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2009/02/25 09:05:08 | 01,298,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/02/25 09:05:08 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2009/02/25 09:05:06 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2009/02/25 09:05:06 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2009/02/25 09:05:06 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winhlp32.exe
[2009/02/25 09:05:04 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2009/02/25 09:05:04 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2009/02/25 09:05:04 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2009/02/25 09:05:04 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2009/02/25 09:05:04 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2009/02/25 09:05:04 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2009/02/25 09:05:02 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2009/02/25 09:05:02 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2009/02/25 09:05:02 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe
[2009/02/25 09:05:02 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2009/02/25 09:05:02 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2009/02/25 09:05:02 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2009/02/25 09:05:02 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2009/02/25 09:05:00 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2009/02/25 09:05:00 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2009/02/25 09:05:00 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2009/02/25 09:04:58 | 00,053,248 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2009/02/25 09:04:58 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2009/02/25 09:04:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2009/02/25 09:04:58 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2009/02/25 09:04:58 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2009/02/25 09:04:58 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2009/02/25 09:04:58 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2009/02/25 09:04:58 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2009/02/25 09:04:58 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2009/02/25 09:04:58 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2009/02/25 09:04:58 | 00,004,608 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2009/02/25 09:04:58 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2009/02/25 09:04:56 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2009/02/25 09:04:56 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2009/02/25 09:04:54 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2009/02/25 09:04:54 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2009/02/25 09:04:54 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2009/02/25 09:04:54 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2009/02/25 09:04:52 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2009/02/25 09:04:52 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2009/02/25 09:04:52 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2009/02/25 09:04:52 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2009/02/25 09:04:50 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2009/02/25 09:04:50 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2009/02/25 09:04:48 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsec6.exe
[2009/02/25 09:04:48 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hostname.exe
[2009/02/25 09:04:46 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsutil.exe
[2009/02/25 09:04:46 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\expand.exe
[2009/02/25 09:04:46 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2009/02/25 09:04:46 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fc.exe
[2009/02/25 09:04:46 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\finger.exe
[2009/02/25 09:04:46 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2009/02/25 09:04:46 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fixmapi.exe
[2009/02/25 09:04:44 | 00,059,392 | ---- | M] () -- C:\WINDOWS\System32\dvdplay.exe
[2009/02/25 09:04:44 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\esentutl.exe
[2009/02/25 09:04:44 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskperf.exe
[2009/02/25 09:04:44 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\doskey.exe
[2009/02/25 09:04:44 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventvwr.exe
[2009/02/25 09:04:44 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhst3g.exe
[2009/02/25 09:04:42 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\compact.exe
[2009/02/25 09:04:42 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comp.exe
[2009/02/25 09:04:42 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\convert.exe
[2009/02/25 09:04:42 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\control.exe
[2009/02/25 09:04:38 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2009/02/25 09:04:38 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkdsk.exe
[2009/02/25 09:04:38 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkntfs.exe
[2009/02/25 09:04:38 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cidaemon.exe
[2009/02/25 09:04:38 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ckcnv.exe
[2009/02/25 09:04:36 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2009/02/25 09:04:36 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\arp.exe
[2009/02/25 09:04:36 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2009/02/25 09:04:36 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvrfy.exe
[2009/02/25 09:04:36 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootok.exe
[2009/02/25 09:04:34 | 00,020,480 | ---- | M] () -- C:\WINDOWS\DSNCT511.EXE
[2009/02/25 09:04:34 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\hh.exe
[2009/02/25 09:04:32 | 00,114,688 | ---- | M] (www.zsmc.com.cn) -- C:\WINDOWS\VM305Cap.exe
[2009/02/25 09:04:32 | 00,061,440 | ---- | M] (Vimicro) -- C:\WINDOWS\VM305_STI.exe
[2009/02/25 09:04:32 | 00,053,248 | ---- | M] (VM) -- C:\WINDOWS\Sti305.exe
[2009/02/25 09:04:32 | 00,028,672 | ---- | M] () -- C:\WINDOWS\r315hk.exe
[2009/02/25 09:04:26 | 00,106,496 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\Stk112X.exe
[2009/02/25 09:04:26 | 00,102,400 | ---- | M] (mmedia) -- C:\WINDOWS\mmvem.exe
[2009/02/25 09:04:26 | 00,057,344 | ---- | M] (VM) -- C:\WINDOWS\StillCap.exe
[2009/02/25 09:04:26 | 00,053,248 | ---- | M] (VM) -- C:\WINDOWS\Sti302.exe
[2009/02/25 09:04:26 | 00,053,248 | ---- | M] (Vimicro) -- C:\WINDOWS\Vm_sti.exe
[2009/02/25 09:04:26 | 00,049,152 | ---- | M] () -- C:\WINDOWS\Volumeset.exe
[2009/02/25 09:04:26 | 00,028,672 | ---- | M] () -- C:\WINDOWS\VSNCT511.EXE
[2009/02/25 09:04:24 | 00,094,208 | ---- | M] (www.zsmc.com.cn) -- C:\WINDOWS\VMCap.exe
[2009/02/25 09:04:24 | 00,057,344 | ---- | M] () -- C:\WINDOWS\rmvpeye.exe
[2009/02/25 09:04:10 | 00,094,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\amcap.exe
[2009/02/25 09:04:10 | 00,020,480 | ---- | M] () -- C:\WINDOWS\usnpstd3.exe
[2009/02/25 09:04:08 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\setdebug.exe
[2009/02/25 09:04:06 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2009/02/25 09:04:06 | 00,064,512 | ---- | M] (Agere Systems) -- C:\WINDOWS\agrsmdel.exe
[2009/02/25 09:04:06 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/02/25 09:03:36 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2009/02/25 09:03:34 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\regedit.exe
[2009/02/25 09:03:34 | 00,025,600 | ---- | M] (Twain Working Group) -- C:\WINDOWS\twunk_32.exe
[2009/02/25 08:20:46 | 00,086,016 | ---- | M] () -- C:\wgqjqf.exe
[2009/02/25 07:46:52 | 00,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2009/02/25 07:46:50 | 00,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/02/24 23:41:48 | 00,135,168 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
[2009/02/24 23:41:38 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe
[2009/02/24 23:41:38 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2009/02/24 23:41:36 | 00,294,912 | ---- | M] (Acer Inc.) -- C:\WINDOWS\System32\USBPlug.exe
[2009/02/24 23:41:36 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe
[2009/02/24 23:41:32 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009/02/24 23:41:28 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe
[2009/02/24 23:41:24 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2009/02/24 23:41:22 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/02/24 23:41:20 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scardsvr.exe
[2009/02/24 23:41:20 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe
[2009/02/24 23:41:18 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvp.exe
[2009/02/24 23:41:16 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2009/02/24 23:41:10 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntsd.exe
[2009/02/24 23:41:08 | 00,114,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netdde.exe
[2009/02/24 23:41:06 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msiexec.exe
[2009/02/24 23:41:04 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/02/24 23:41:02 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/02/24 23:41:00 | 00,241,664 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\System32\LVCOMSX.EXE
[2009/02/24 23:40:58 | 00,515,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonui.exe
[2009/02/24 23:40:56 | 00,221,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2009/02/24 23:40:56 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\locator.exe
[2009/02/24 23:40:50 | 00,149,504 | ---- | M] () -- C:\WINDOWS\System32\imapi.exe
[2009/02/24 23:40:48 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/02/24 23:40:40 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dumprep.exe
[2009/02/24 23:40:34 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drwtsn32.exe
[2009/02/24 23:39:28 | 00,225,280 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe
[2009/02/24 23:39:26 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhost.exe
[2009/02/24 23:39:22 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe
[2009/02/24 23:39:18 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cisvc.exe
[2009/02/24 23:39:12 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe
[2009/02/24 23:39:02 | 01,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2009/02/24 20:30:00 | 12,674,224 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\laurent\Bureau\dr web cure it.exe
[2009/02/23 22:30:58 | 00,016,896 | ---- | M] () -- C:\Documents and Settings\laurent\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/23 22:00:44 | 00,000,704 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/02/23 22:00:44 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/02/23 22:00:44 | 00,000,216 | -HS- | M] () -- C:\boot.ini
[2009/02/23 21:37:28 | 00,000,045 | ---- | M] () -- C:\WINDOWS\TLCAPPS.ini
[2009/02/23 18:29:30 | 00,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/02/23 18:29:30 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/02/23 14:30:34 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\User32.dll
[2009/02/22 10:32:28 | 00,281,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Gdi32.dll
[2009/02/15 16:47:24 | 00,775,034 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/02/15 16:47:24 | 00,367,658 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/02/15 16:47:24 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/02/15 16:47:24 | 00,048,616 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/02/15 16:47:24 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/02/15 09:58:54 | 00,000,520 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2009/02/12 14:34:04 | 00,000,128 | ---- | M] () -- C:\WINDOWS\adobe.bat
[2009/02/11 04:29:42 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/02/11 04:29:42 | 00,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/02/10 03:17:00 | 00,137,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2009/02/09 18:34:40 | 00,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2009/02/09 18:25:34 | 00,000,161 | ---- | M] () -- C:\WINDOWS\yesmessenger.ini
[2009/02/07 23:54:22 | 00,053,624 | ---- | M] () -- C:\Documents and Settings\laurent\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/02/07 14:25:28 | 00,194,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/02/07 14:13:42 | 00,001,456 | ---- | M] () -- C:\Documents and Settings\laurent\Bureau\CCleaner.lnk
[2009/02/06 15:22:06 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/02/06 15:22:06 | 00,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/02/06 04:06:42 | 00,136,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\csaud.sys
[2009/02/05 22:11:36 | 01,256,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/02/05 22:08:20 | 00,093,296 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/02/05 22:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/02/05 22:07:24 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/02/05 22:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/02/05 22:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/02/05 22:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/02/05 22:05:12 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/02/05 22:04:46 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/02/05 21:05:18 | 00,000,005 | ---- | M] () -- C:\WINDOWS\_id.dat
[2009/02/05 20:27:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\mqcd.dbt
[2009/02/05 20:26:10 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\rer.wa
[2009/02/05 20:26:10 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\do8d.sr
[2009/02/05 20:26:08 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\qzhr1.ant
[2009/02/05 20:26:08 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\dedwf.lp
[2009/02/05 20:26:06 | 00,077,312 | ---- | M] () -- C:\WINDOWS\System32\re3d.pf
[2009/02/05 20:26:06 | 00,000,002 | ---- | M] () -- C:\839718926
[2009/02/05 20:25:40 | 00,087,552 | ---- | M] () -- C:\WINDOWS\System32\sccisyse.dll
[2009/02/05 20:24:52 | 00,403,973 | -HS- | M] () -- C:\WINDOWS\System32\SDcKnnmp.ini2
[2009/02/05 20:24:08 | 00,403,973 | -HS- | M] () -- C:\WINDOWS\System32\SDcKnnmp.ini
[2009/02/04 20:23:44 | 01,636,390 | -HS- | M] () -- C:\WINDOWS\System32\tekoufqt.ini
[2009/02/04 20:17:52 | 01,636,390 | -HS- | M] () -- C:\WINDOWS\System32\hjnqpfuy.ini
[2009/02/03 20:16:54 | 01,622,398 | -HS- | M] () -- C:\WINDOWS\System32\xyqqphfb.ini
[2009/02/03 20:10:56 | 01,622,398 | -HS- | M] () -- C:\WINDOWS\System32\gfkagqwo.ini
[2009/02/03 13:48:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/02/03 13:48:00 | 00,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/02/03 11:01:48 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/02/03 11:01:48 | 00,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/02/03 04:08:06 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/02/03 04:08:06 | 00,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/02/02 20:14:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/02/02 20:14:00 | 00,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/02/02 20:13:46 | 00,007,564 | ---- | M] () -- C:\Documents and Settings\laurent\Application Data\wklnhst.dat
[2009/02/02 20:10:34 | 01,607,576 | -HS- | M] () -- C:\WINDOWS\System32\kqsctyle.ini
[2009/02/02 20:07:50 | 01,607,576 | -HS- | M] () -- C:\WINDOWS\System32\gcejeqep.ini
[2009/02/02 16:48:14 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/02/02 16:48:14 | 00,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/02/02 16:42:30 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/02/02 16:42:30 | 00,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/02/02 13:59:26 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/02/02 13:59:26 | 00,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/02/01 20:07:12 | 01,563,531 | -HS- | M] () -- C:\WINDOWS\System32\parygxqy.ini
[2009/01/31 20:09:30 | 01,625,888 | -HS- | M] () -- C:\WINDOWS\System32\mtonpqwc.ini
[2009/01/31 20:00:42 | 01,625,888 | -HS- | M] () -- C:\WINDOWS\System32\mugwfhun.ini
[2009/01/30 19:59:04 | 01,625,888 | -HS- | M] () -- C:\WINDOWS\System32\aopvjaru.ini
[2009/01/30 19:53:10 | 01,625,888 | -HS- | M] () -- C:\WINDOWS\System32\msplpmmj.ini
[2009/01/29 19:52:50 | 01,559,168 | -HS- | M] () -- C:\WINDOWS\System32\bmimquld.ini
[2009/01/29 19:52:04 | 01,559,168 | -HS- | M] () -- C:\WINDOWS\System32\ayooajhu.ini
[2009/01/28 19:51:46 | 01,563,553 | -HS- | M] () -- C:\WINDOWS\System32\ywhdvrwj.ini
[2009/01/27 19:49:18 | 01,561,620 | -HS- | M] () -- C:\WINDOWS\System32\ucfrqdev.ini
[2009/01/27 19:46:22 | 01,561,620 | -HS- | M] () -- C:\WINDOWS\System32\gjthbvml.ini
[2009/01/27 18:13:44 | 01,559,177 | -HS- | M] () -- C:\WINDOWS\System32\hrrplgps.ini
< End of report >

voila le nouveau rapport


Error: Unable to interpret <virut > in the current context!
========== FILES ==========
File/Folder C:\WINDOWS\system32\jurwbyy.dll not found.
File/Folder C:\WINDOWS\_id.dat not found.
File/Folder C:\WINDOWS\mqcd.dbt not found.
File/Folder C:\WINDOWS\adobe.bat not found.
File/Folder C:\WINDOWS\System32\do8d.sr not found.
File/Folder C:\WINDOWS\System32\rer.wa not found.
File/Folder C:\WINDOWS\System32\qzhr1.ant not found.
File/Folder C:\WINDOWS\System32\dedwf.lp not found.
File/Folder C:\wgqjqf.exe not found.
File/Folder C:\WINDOWS\System32\re3d.pf not found.
File/Folder C:\WINDOWS\System32\sccisyse.dll not found.
File/Folder C:\WINDOWS\System32\tekoufqt.ini not found.
File/Folder C:\WINDOWS\System32\hjnqpfuy.ini not found.
File/Folder C:\WINDOWS\System32\xyqqphfb.ini not found.
File/Folder C:\WINDOWS\System32\gfkagqwo.ini not found.
File/Folder C:\WINDOWS\System32\kqsctyle.ini not found.
File/Folder C:\WINDOWS\System32\gcejeqep.ini not found.
File/Folder C:\WINDOWS\System32\parygxqy.ini not found.
File/Folder C:\WINDOWS\System32\mtonpqwc.ini not found.
File/Folder C:\WINDOWS\System32\mugwfhun.ini not found.
File/Folder C:\WINDOWS\System32\aopvjaru.ini not found.
File/Folder C:\WINDOWS\System32\msplpmmj.ini not found.
File/Folder C:\WINDOWS\System32\bmimquld.ini not found.
File/Folder C:\WINDOWS\System32\ywhdvrwj.ini not found.
File/Folder C:\WINDOWS\System32\ucfrqdev.ini not found.
File/Folder C:\WINDOWS\System32\gjthbvml.ini not found.
========== COMMANDS ==========

OTListIt2 by OldTimer - Version 2.0.2.0 log created on 02262009_124757

rapport final apres avoir rebooter :

pour l'extras :


OTListIt Extras logfile created on: 26/02/2009 12:52:08 - Run 5
OTListIt2 by OldTimer - Version 2.0.2.0 Folder = C:\Documents and Settings\laurent\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 265,10 Mb Available Physical Memory | 51,83% Memory free
1,22 Gb Paging File | 0,94 Gb Available in Paging File | 76,76% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,26 Gb Total Space | 157,32 Gb Free Space | 84,46% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OEM-0AAACAA1E8E
Current User Name: laurent
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\Documents and Settings\Administrateur\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool
File not found -- C:\Documents and Settings\laurent\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B20126-F3C2-11D5-A6D2-00C026001DCA}" = WebEye
"{20B9BC7F-BB40-4A4F-95D6-91E4D8FBE5AF}" = PC CameraN
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}" = Vimicro USB PC Camera (ZC0301PL)
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{5EA24DA8-F398-42C7-8CDC-39273493C514}" = VIMICRO USB PC Camera II
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows
"{88F93347-0F9B-4FED-BA71-6C2A4CDFE61D}" = Ulead DVD MovieFactory 2 SE
"{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}" = VIMICRO USB PC Camera V
"{926B578B-505F-4820-A62D-088E1124FED4}" = USB Video Camera Driver v1.10a
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live
"{B76F485C-447A-4988-8E5F-5DB5C9C5CFDE}" = ZionPCC_CIF
"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{DC67641A-05C4-4FED-A462-1EB1DC6CF2F5}" = NTI Photo Suite
"{E9AD37F8-B010-47ED-9CE1-2FC9200CA7D2}" = Cyclon Webcam
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera
"{EF20F568-9EA5-466D-8F7C-708707259AD9}" = Micro Application - Faire-Part Edition Classic
"{F8847BED-04E7-4924-B1CE-D9CA5CDE7420}" = Samsung PC Studio 3
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"avast!" = avast! Antivirus
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner (remove only)
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20B9BC7F-BB40-4A4F-95D6-91E4D8FBE5AF}" = PC CameraN
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold
"Messager Wanadoo" = Messager Wanadoo
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"QcDrv" = Programme de gestion Camera de Labtec®
"RealPlayer 6.0" = RealPlayer Basic
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ViewpointMediaPlayer" = Viewpoint Media Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 25/02/2009 03:13:56 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 25/02/2009 13:25:31 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 25/02/2009 13:25:31 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 26/02/2009 02:53:42 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 26/02/2009 02:53:42 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 26/02/2009 06:03:46 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 26/02/2009 06:03:46 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 26/02/2009 07:44:24 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

Error - 26/02/2009 07:44:24 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: g_tdi.Initialize failed! (logName: C:\Program
Files\Alwil Software\Avast4\DATA\log\nshield.log), 00000000.

Error - 26/02/2009 07:48:48 | Computer Name = OEM-0AAACAA1E8E | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Network Shield provider: driver open
failed, error code: 0x2 , 00000000.

[ Application Events ]
Error - 24/02/2009 18:44:14 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1004
Description = Application défaillante drwtsn32.exe, version 5.1.2600.0, module défaillant
drwtsn32.exe, version 5.1.2600.0, adresse de défaillance 0x00006ec0.

Error - 25/02/2009 17:47:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 25/02/2009 17:47:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 25/02/2009 17:47:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 25/02/2009 17:47:46 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante swreg.exe, version 3.0.0.0, module défaillant
swreg.exe, version 3.0.0.0, adresse de défaillance 0x00089378.

Error - 26/02/2009 06:11:42 | Computer Name = OEM-0AAACAA1E8E | Source = Application Hang | ID = 1002
Description = Application bloquée OTListIt2.exe, version 2.0.2.0, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 26/02/2009 06:14:40 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante notepad.exe, version 5.1.2600.2180, module
défaillant notepad.exe, version 5.1.2600.2180, adresse de défaillance 0x0000739b.

Error - 26/02/2009 06:14:48 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante notepad.exe, version 5.1.2600.2180, module
défaillant notepad.exe, version 5.1.2600.2180, adresse de défaillance 0x0000739b.

Error - 26/02/2009 06:41:53 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante notepad.exe, version 5.1.2600.2180, module
défaillant notepad.exe, version 5.1.2600.2180, adresse de défaillance 0x0000739b.

Error - 26/02/2009 06:43:05 | Computer Name = OEM-0AAACAA1E8E | Source = Application Error | ID = 1000
Description = Application défaillante notepad.exe, version 5.1.2600.2180, module
défaillant notepad.exe, version 5.1.2600.2180, adresse de défaillance 0x0000739b.

[ System Events ]
Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7023
Description = Le service Pare-feu Windows / Partage de connexion Internet s'est
arrêté avec l'erreur : %%2

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : AFD aswSP aswTdi IPSec MRxSmb NetBIOS NetBT Tcpip

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7023
Description = Le service avast! Web Scanner s'est arrêté avec l'erreur : %%10050

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7000
Description = Le service Pilote IPSEC n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service Pilote du protocole TCP/IP dépend du service Pilote IPSEC
qui n'a pas pu démarrer en raison de l'erreur : %%2

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service aswRdr dépend du service Pilote du protocole TCP/IP qui
n'a pas pu démarrer en raison de l'erreur : %%1068

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7000
Description = Le service Pilote IPSEC n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service Pilote du protocole TCP/IP dépend du service Pilote IPSEC
qui n'a pas pu démarrer en raison de l'erreur : %%2

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7000
Description = Le service AFD n'a pas pu démarrer en raison de l'erreur : %%2

Error - 26/02/2009 07:50:30 | Computer Name = OEM-0AAACAA1E8E | Source = Service Control Manager | ID = 7001
Description = Le service NLA (Network Location Awareness) dépend du service AFD
qui n'a pas pu démarrer en raison de l'erreur : %%2


< End of report >

rapport final pour otlistit :

OTListIt logfile created on: 26/02/2009 12:52:08 - Run 5
OTListIt2 by OldTimer - Version 2.0.2.0 Folder = C:\Documents and Settings\laurent\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 265,10 Mb Available Physical Memory | 51,83% Memory free
1,22 Gb Paging File | 0,94 Gb Available in Paging File | 76,76% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,26 Gb Total Space | 157,32 Gb Free Space | 84,46% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OEM-0AAACAA1E8E
Current User Name: laurent
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2009/02/05 22:01:26 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/24 23:41:12 | 00,114,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009/02/24 23:39:02 | 01,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/02/05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/24 23:39:06 | 00,067,072 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2009/02/24 23:41:36 | 00,294,912 | ---- | M] (Acer Inc.) -- C:\Windows\System32\USBPlug.exe
PRC - [2009/02/24 23:41:00 | 00,241,664 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2009/02/24 23:41:48 | 00,135,168 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2009/02/05 22:08:46 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/24 23:38:46 | 01,850,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/02/26 10:30:24 | 00,497,152 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\laurent\Bureau\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/02/05 22:01:26 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/02/05 22:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/02/05 22:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/02/05 22:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - File not found -- -- (ClipSrv [Disabled | Stopped])
SRV - File not found -- -- (FCI [Auto | Stopped])
SRV - [2004/08/05 05:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - File not found -- -- (ICF [Auto | Stopped])
SRV - [2009/02/24 23:40:50 | 00,149,504 | ---- | M] () -- C:\WINDOWS\system32\imapi.exe -- (ImapiService [On_Demand | Stopped])
SRV - File not found -- -- (LXBTCustomerConnect [Auto | Stopped])
SRV - [2009/02/24 23:41:12 | 00,114,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/02/09 20:47:26 | 00,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\StkSSrv.dll -- (StkSSrv [Auto | Stopped])
SRV - [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2009/02/24 23:38:48 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/02/05 22:05:12 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2004/06/29 09:07:18 | 01,268,204 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2004/02/24 11:08:52 | 00,400,384 | ---- | M] (Sensaura) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Running])
DRV - [2004/05/14 23:24:10 | 00,622,172 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2006/06/19 18:06:54 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM [Auto | Running])
DRV - [2009/02/05 22:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Stopped])
DRV - [2009/02/05 22:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009/02/05 22:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
DRV - [2009/02/05 22:07:24 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Stopped])
DRV - [2009/02/05 22:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Stopped])
DRV - [2009/02/06 04:06:42 | 00,136,992 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\CsAud.sys -- (csaudio [On_Demand | Stopped])
DRV - [2004/10/11 19:18:58 | 00,022,016 | R--- | M] (Labtec Inc.) -- C:\WINDOWS\system32\drivers\lvusbsta.sys -- (LVUSBSta [On_Demand | Stopped])
DRV - [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
DRV - [2004/11/22 16:36:40 | 00,018,003 | ---- | M] (Motive, Inc.) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5 [On_Demand | Stopped])
DRV - [2005/04/25 08:50:42 | 00,006,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2004/04/23 12:24:00 | 02,167,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2003/09/20 08:45:48 | 00,021,248 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2004/10/11 19:22:02 | 00,211,712 | R--- | M] (Labtec Inc.) -- C:\WINDOWS\system32\DRIVERS\LV561AV.SYS -- (PID_0928 [On_Demand | Stopped])
DRV - [2004/08/05 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2003/08/04 12:14:34 | 00,065,152 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys -- (RTL8023 [On_Demand | Stopped])
DRV - [2009/01/15 16:17:40 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/01/15 16:17:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/01/15 16:17:38 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005/08/30 01:47:38 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
DRV - [2005/08/30 01:49:34 | 00,008,336 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
DRV - [2005/08/30 01:49:38 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
DRV - [2006/07/24 16:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2006/05/03 09:25:32 | 00,851,265 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\Drivers\StkMini.sys -- (StkMini [On_Demand | Stopped])
DRV - [2006/01/23 11:25:54 | 00,004,769 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\Drivers\StkScan.sys -- (StkScan [On_Demand | Stopped])
DRV - [2003/07/02 04:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1 [Boot | Running])
DRV - [2009/02/10 03:17:00 | 00,137,856 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\wanatw4.sys -- (wanatw [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = Reg Error: Invalid data type.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://GLOBAL.ACER.COM/
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://GLOBAL.ACER.COM/
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://GLOBAL.ACER.COM/
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = Reg Error: Invalid data type.
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\S-1-5-21-1779672970-2969962186-290470409-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\S-1-5-21-1779672970-2969962186-290470409-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 www.tEenPassage.com
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [ATIPTA] File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [dscService] C:\Windows\System32\USBPlug.exe (Acer Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Labtec Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StandardInstall] File not found
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\.DEFAULT..\Run: [jrcydebv.exe] C:\WINDOWS\jrcydebv.exe File not found
O4 - HKU\.DEFAULT..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [xlmopojd.exe] C:\WINDOWS\xlmopojd.exe File not found
O4 - HKU\S-1-5-18..\Run: [jrcydebv.exe] C:\WINDOWS\jrcydebv.exe File not found
O4 - HKU\S-1-5-18..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [xlmopojd.exe] C:\WINDOWS\xlmopojd.exe File not found
O4 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-21-1779672970-2969962186-290470409-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuw(...) (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\svkisnkf: DllName - jurwbyy.dll - File not found
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\pmnnKcDS) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/08 17:42:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{e29b0750-d8f9-11dd-a5c7-00038a000015}\Shell\Auto\command - "" = AdobeR.exe e

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[73 C:\WINDOWS\System32\*.tmp files]
[11 C:\WINDOWS\*.tmp files]
[2009/02/26 12:47:57 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/02/26 12:47:39 | 00,497,152 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\laurent\Bureau\OTListIt2.exe
[2009/02/25 22:47:30 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/02/25 08:39:24 | 12,674,224 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\laurent\Bureau\dr web cure it.exe
[2009/02/25 07:46:51 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/02/25 07:46:51 | 00,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2009/02/25 07:46:50 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/02/25 07:46:50 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/02/25 07:46:49 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/02/25 07:46:49 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/02/25 07:46:49 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/02/25 07:46:49 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/02/25 07:46:49 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/02/25 07:46:31 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/02/25 07:46:31 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/02/23 20:15:12 | 00,000,000 | -HSD | C] -- C:\FOUND.016
[2009/02/23 19:53:28 | 00,000,000 | -HSD | C] -- C:\FOUND.015
[2009/02/23 18:51:28 | 00,000,000 | -HSD | C] -- C:\FOUND.014
[2009/02/23 16:18:51 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW.0.tmp
[2009/02/23 16:15:28 | 00,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.execf
[2009/02/23 14:41:49 | 53,639,9872 | -HS- | C] () -- C:\hiberfil.sys
[2009/02/23 14:39:37 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\User32.dll
[2009/02/23 14:39:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/02/23 12:32:13 | 00,000,000 | ---D | C] -- C:\.Trash-999
[2009/02/23 10:50:35 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Gdi32.dll
[2009/02/15 18:41:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/02/15 17:55:36 | 00,000,000 | -HSD | C] -- C:\FOUND.013
[2009/02/15 16:38:30 | 00,000,000 | -HSD | C] -- C:\FOUND.012
[2009/02/15 16:31:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/02/15 13:37:58 | 00,000,000 | -HSD | C] -- C:\FOUND.011
[2009/02/15 13:28:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/02/15 13:27:45 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/02/15 13:27:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\laurent\Application Data\SUPERAntiSpyware.com
[2009/02/15 13:27:15 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2009/02/15 13:23:56 | 00,000,000 | ---D | C] -- C:\8a2d27e93eae6a471a845a
[2009/02/15 13:19:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2009/02/15 09:45:10 | 00,000,000 | -HSD | C] -- C:\FOUND.010
[2009/02/13 20:30:06 | 00,000,000 | -HSD | C] -- C:\FOUND.009
[2009/02/13 20:21:15 | 00,000,000 | ---D | C] -- C:\cd6ddb873bf5ec5d3917fb4abb6d
[2009/02/13 14:50:18 | 00,000,000 | -HSD | C] -- C:\FOUND.008
[2009/02/12 15:45:16 | 00,000,000 | -HSD | C] -- C:\FOUND.007
[2009/02/11 18:05:42 | 00,000,000 | -HSD | C] -- C:\FOUND.006
[2009/02/10 20:41:25 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/10 20:41:02 | 00,000,000 | -HSD | C] -- C:\FOUND.005
[2009/02/10 18:57:14 | 00,000,000 | -HSD | C] -- C:\FOUND.004
[2009/02/10 04:21:57 | 00,000,000 | ---D | C] -- C:\a67ce096e928938398b1120f2d7226
[2009/02/10 03:16:59 | 00,137,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2009/02/09 23:58:14 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/02/09 18:49:19 | 00,027,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/02/09 18:34:39 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/02/09 11:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/02/09 11:18:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/02/07 14:50:38 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/02/07 14:13:55 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009/02/07 14:13:40 | 00,001,456 | ---- | C] () -- C:\Documents and Settings\laurent\Bureau\CCleaner.lnk
[2009/02/07 14:13:40 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/02/07 14:04:30 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2009/02/07 14:04:22 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009/02/06 15:28:20 | 00,016,226 | ---- | C] () -- C:\WINDOWS\System32\USBPlugLog.ini
[2009/02/06 15:27:32 | 00,000,000 | -HSD | C] -- C:\FOUND.003
[2009/02/06 14:56:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/02/06 14:55:38 | 00,000,000 | -HSD | C] -- C:\FOUND.002
[2009/02/06 14:10:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/02/06 04:06:40 | 00,136,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\csaud.sys

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[73 C:\WINDOWS\System32\*.tmp files]
[11 C:\WINDOWS\*.tmp files]
[2009/02/26 12:50:20 | 00,016,226 | ---- | M] () -- C:\WINDOWS\System32\USBPlugLog.ini
[2009/02/26 12:49:00 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/02/26 12:48:58 | 00,003,873 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/02/26 12:48:50 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/02/26 12:48:46 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/02/26 12:48:44 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/26 12:48:02 | 07,357,598 | -H-- | M] () -- C:\Documents and Settings\laurent\Local Settings\Application Data\IconCache.db
[2009/02/26 12:48:02 | 00,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/02/26 12:48:02 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/02/26 12:41:18 | 00,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/02/26 12:41:18 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/02/26 10:30:24 | 00,497,152 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\laurent\Bureau\OTListIt2.exe
[2009/02/26 08:06:30 | 00,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/02/26 08:06:30 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/02/25 23:31:04 | 00,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/02/25 23:31:04 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/02/25 22:47:42 | 00,400,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.execf
[2009/02/25 09:31:12 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\notepad.exe
[2009/02/25 09:12:42 | 00,256,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2009/02/25 09:12:42 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/02/25 09:12:40 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2009/02/25 09:12:40 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hh.exe
[2009/02/25 09:12:38 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/02/25 09:12:38 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/02/25 09:12:36 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiexec.exe
[2009/02/25 09:12:34 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2009/02/25 09:12:32 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/02/25 09:12:32 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009/02/25 09:12:32 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2009/02/25 09:12:32 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2009/02/25 09:12:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2009/02/25 09:12:32 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/02/25 09:12:30 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/02/25 09:12:28 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/02/25 09:12:28 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/02/25 09:12:26 | 00,196,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/02/25 09:12:26 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/02/25 09:12:26 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/02/25 09:12:26 | 00,011,264 | ---- | M] () -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2009/02/25 09:12:26 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2009/02/25 09:12:24 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2009/02/25 09:12:24 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/02/25 09:12:24 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2009/02/25 09:12:22 | 00,438,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaacmgr.exe
[2009/02/25 09:12:22 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/02/25 09:12:22 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2009/02/25 09:12:20 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2009/02/25 09:12:20 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/02/25 09:12:20 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/02/25 09:12:20 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/02/25 09:12:20 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/02/25 09:12:18 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssvc.exe
[2009/02/25 09:12:18 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2009/02/25 09:12:18 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/02/25 09:12:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/02/25 09:12:18 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2009/02/25 09:12:16 | 00,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2009/02/25 09:12:16 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2009/02/25 09:12:16 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ups.exe
[2009/02/25 09:12:16 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2009/02/25 09:12:14 | 00,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/02/25 09:12:14 | 00,126,464 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/02/25 09:12:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/02/25 09:12:14 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/02/25 09:12:14 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2009/02/25 09:12:12 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2009/02/25 09:12:12 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2009/02/25 09:12:12 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/02/25 09:12:12 | 00,016,896 | ---- | M] () -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/02/25 09:12:12 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/02/25 09:12:12 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/02/25 09:12:12 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/02/25 09:12:12 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2009/02/25 09:12:10 | 00,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2009/02/25 09:12:10 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2009/02/25 09:12:10 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/02/25 09:12:08 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2009/02/25 09:12:08 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2009/02/25 09:12:08 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/02/25 09:12:08 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2009/02/25 09:12:06 | 00,160,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/02/25 09:12:06 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2009/02/25 09:12:06 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2009/02/25 09:12:04 | 00,684,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sstext3d.scr
[2009/02/25 09:12:04 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2009/02/25 09:12:04 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2009/02/25 09:12:04 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssstars.scr
[2009/02/25 09:12:04 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2009/02/25 09:12:02 | 00,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ss3dfo.scr
[2009/02/25 09:12:02 | 00,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspipes.scr
[2009/02/25 09:12:02 | 00,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssflwbox.scr
[2009/02/25 09:12:02 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmypics.scr
[2009/02/25 09:12:02 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmarque.scr
[2009/02/25 09:12:02 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssbezier.scr
[2009/02/25 09:12:02 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmyst.scr
[2009/02/25 09:12:00 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/02/25 09:12:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2009/02/25 09:11:58 | 00,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2009/02/25 09:11:58 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/02/25 09:11:58 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/02/25 09:11:58 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2009/02/25 09:11:58 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2009/02/25 09:11:58 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2009/02/25 09:11:56 | 00,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/02/25 09:11:56 | 00,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/02/25 09:11:56 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/02/25 09:11:52 | 03,555,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/02/25 09:11:52 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/02/25 09:11:52 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogsvc.exe
[2009/02/25 09:11:52 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/02/25 09:11:52 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2009/02/25 09:11:52 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2009/02/25 09:11:50 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2009/02/25 09:11:50 | 00,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2009/02/25 09:11:50 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/02/25 09:11:50 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2009/02/25 09:11:50 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2009/02/25 09:11:50 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/02/25 09:11:48 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009/02/25 09:11:48 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2009/02/25 09:11:48 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/02/25 09:11:48 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmgrate.exe
[2009/02/25 09:11:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/02/25 09:11:46 | 00,778,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/02/25 09:11:46 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/02/25 09:11:46 | 00,072,704 | ---- | M] () -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/02/25 09:11:46 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2009/02/25 09:11:46 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2009/02/25 09:11:44 | 00,816,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2009/02/25 09:11:44 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz_a.exe
[2009/02/25 09:11:44 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrnsave.scr
[2009/02/25 09:11:42 | 00,786,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/02/25 09:11:42 | 00,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz.exe
[2009/02/25 09:11:42 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2009/02/25 09:11:42 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardsvr.exe
[2009/02/25 09:11:42 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/02/25 09:11:42 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/02/25 09:11:40 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/02/25 09:11:40 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/02/25 09:11:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/02/25 09:11:40 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/02/25 09:11:40 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2009/02/25 09:11:40 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2009/02/25 09:11:38 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2009/02/25 09:11:38 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2009/02/25 09:11:38 | 00,048,128 | ---- | M] () -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2009/02/25 09:11:38 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2009/02/25 09:11:38 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2009/02/25 09:11:38 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2009/02/25 09:11:38 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2009/02/25 09:11:36 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/02/25 09:11:36 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2009/02/25 09:11:36 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/02/25 09:11:36 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2009/02/25 09:11:36 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2009/02/25 09:11:36 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2009/02/25 09:11:36 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/02/25 09:11:36 | 00,004,608 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2009/02/25 09:11:34 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2009/02/25 09:11:34 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/02/25 09:11:34 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/02/25 09:11:34 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2009/02/25 09:11:34 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2009/02/25 09:11:34 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/02/25 09:11:34 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2009/02/25 09:11:34 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2009/02/25 09:11:34 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2009/02/25 09:11:32 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2009/02/25 09:11:32 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2009/02/25 09:11:32 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2009/02/25 09:11:32 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2009/02/25 09:11:30 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2009/02/25 09:11:30 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/02/25 09:11:30 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/02/25 09:11:30 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/02/25 09:11:30 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsass.exe
[2009/02/25 09:11:30 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/02/25 09:11:28 | 00,515,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2009/02/25 09:11:28 | 00,221,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logon.scr
[2009/02/25 09:11:28 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2009/02/25 09:11:28 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2009/02/25 09:11:28 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/02/25 09:11:28 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/02/25 09:11:28 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2009/02/25 09:11:28 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\dllcache\lpq.exe
[2009/02/25 09:11:26 | 00,284,160 | ---- | M] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009/02/25 09:11:26 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\locator.exe
[2009/02/25 09:11:26 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2009/02/25 09:11:26 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2009/02/25 09:11:26 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2009/02/25 09:11:26 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2009/02/25 09:11:26 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2009/02/25 09:11:24 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2009/02/25 09:11:24 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2009/02/25 09:11:24 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2009/02/25 09:11:24 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2009/02/25 09:11:24 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2009/02/25 09:11:22 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/02/25 09:11:22 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2009/02/25 09:11:22 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2009/02/25 09:11:20 | 00,216,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2009/02/25 09:11:20 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/02/25 09:11:20 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2009/02/25 09:11:18 | 00,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdm.exe
[2009/02/25 09:11:18 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsd.exe
[2009/02/25 09:11:16 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2009/02/25 09:11:16 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2009/02/25 09:11:16 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/02/25 09:11:16 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2009/02/25 09:11:14 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2009/02/25 09:11:14 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2009/02/25 09:11:14 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2009/02/25 09:11:12 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2009/02/25 09:11:12 | 00,114,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2009/02/25 09:11:12 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2009/02/25 09:11:12 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2009/02/25 09:11:10 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2009/02/25 09:11:10 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2009/02/25 09:11:08 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/02/25 09:11:06 | 00,411,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2009/02/25 09:11:06 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2009/02/25 09:11:04 | 00,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/02/25 09:11:00 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2009/02/25 09:11:00 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2009/02/25 09:11:00 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/02/25 09:10:58 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/02/25 09:10:58 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2009/02/25 09:10:58 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2009/02/25 09:10:58 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/02/25 09:10:58 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2009/02/25 09:10:56 | 00,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi.exe
[2009/02/25 09:10:56 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/02/25 09:10:54 | 00,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/02/25 09:10:54 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/02/25 09:10:54 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/02/25 09:10:52 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/02/25 09:10:52 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/02/25 09:10:52 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2009/02/25 09:10:52 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/02/25 09:10:50 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2009/02/25 09:10:50 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/02/25 09:10:50 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2009/02/25 09:10:50 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/02/25 09:10:50 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2009/02/25 09:10:48 | 00,768,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/02/25 09:10:48 | 00,743,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/02/25 09:10:48 | 00,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/02/25 09:10:48 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2009/02/25 09:10:46 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2009/02/25 09:10:44 | 00,268,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/02/25 09:10:44 | 00,238,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/02/25 09:10:44 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/02/25 09:10:42 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2009/02/25 09:10:42 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/02/25 09:10:42 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ftp.exe
[2009/02/25 09:10:40 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/02/25 09:10:40 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2009/02/25 09:10:40 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/02/25 09:10:40 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2009/02/25 09:10:40 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2009/02/25 09:10:40 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2009/02/25 09:10:40 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2009/02/25 09:10:38 | 00,093,696 | ---- | M] () -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/02/25 09:10:38 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2009/02/25 09:10:38 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2009/02/25 09:10:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/02/25 09:10:38 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expand.exe
[2009/02/25 09:10:38 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2009/02/25 09:10:38 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2009/02/25 09:10:36 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2009/02/25 09:10:36 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2009/02/25 09:10:34 | 01,298,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009/02/25 09:10:34 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwwin.exe
[2009/02/25 09:10:34 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2009/02/25 09:10:32 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2009/02/25 09:10:32 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2009/02/25 09:10:30 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009/02/25 09:10:30 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009/02/25 09:10:28 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009/02/25 09:10:28 | 00,015,872 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2009/02/25 09:10:28 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2009/02/25 09:10:28 | 00,004,608 | ---- | M] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/02/25 09:10:26 | 00,225,280 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2009/02/25 09:10:26 | 00,167,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2009/02/25 09:10:26 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2009/02/25 09:10:26 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2009/02/25 09:10:26 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2009/02/25 09:10:26 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2009/02/25 09:10:24 | 00,548,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/02/25 09:10:24 | 00,506,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2009/02/25 09:10:22 | 00,104,960 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgntfs.exe
[2009/02/25 09:10:22 | 00,082,432 | ---- | M] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2009/02/25 09:10:20 | 00,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2009/02/25 09:10:20 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/02/25 09:10:20 | 00,025,600 | ---- | M] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2009/02/25 09:10:20 | 00,025,088 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\defrag.exe
[2009/02/25 09:10:20 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/02/25 09:10:18 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/02/25 09:10:18 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctfmon.exe
[2009/02/25 09:10:16 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009/02/25 09:10:16 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2009/02/25 09:10:16 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2009/02/25 09:10:16 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/02/25 09:10:16 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2009/02/25 09:10:16 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2009/02/25 09:10:16 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/02/25 09:10:16 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2009/02/25 09:10:16 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/02/25 09:10:14 | 01,044,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/02/25 09:10:14 | 01,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2009/02/25 09:10:12 | 00,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2009/02/25 09:10:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2009/02/25 09:10:12 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cleanmgr.exe
[2009/02/25 09:10:12 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2009/02/25 09:10:12 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2009/02/25 09:10:12 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2009/02/25 09:10:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2009/02/25 09:10:10 | 00,400,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmd.exe
[2009/02/25 09:10:10 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2009/02/25 09:10:10 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2009/02/25 09:10:10 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2009/02/25 09:10:08 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/02/25 09:10:08 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/02/25 09:10:08 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/02/25 09:10:08 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/02/25 09:10:08 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/02/25 09:10:08 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2009/02/25 09:10:08 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2009/02/25 09:10:08 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/02/25 09:10:08 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2009/02/25 09:10:06 | 00,115,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/02/25 09:10:06

pour combofix y a tjrs un message d'erreur comme koi c'est compatible que pour windows 2000 et xp

Télécharge VundoFix.exe (par Atribune) sur le Bureau.

* Double-clique VundoFix.exe afin de le lancer.
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Fix Vundo.
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
* Démarre ton PC à nouveau.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas,
l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut,
à partir de "clique sur le bouton Scan for Vundo".


Concernant Dr Web il faudra compter le passer à plusieurs reprises
et le laisser finir son scan jusqu'au bout.c'est en plusieurs passages
qu'il parvient à nettoyer un max.

AVEC FIX VUNDO IL N A RIEN TROUVE !!!

télécharge Kaspersky AVP Tool ftp://ftp.kaspersky.com/devbuilds/AVPTool/setup_7.0.0.290_26.02.2009_13-30.e(...)

# Lance l'exécutable intitulé "setup_7.0xxxxx" en double-cliquant dessus
# Répond "Oui" à la question "Do you want to continue installation?"
# Clique sur "Next" pour les deux fenêtres suivantes: AVP TOOL s'installe sur ton Bureau dans un dossier nommé "Kaspersky Lab Tool"
# Si nécessaire, branche tes périphériques amovibles (clés USB, disque dur externe...)
# L'outil se lance tout seul: coche toutes les cases dans l'onglet "Automatic Scan".
# Clique maintenant sur "Security Level": une fenêtre de configuration s'ouvre: paramètre le scanner comme sur l'image:



# Valide avec "Apply" puis "OK"
# L'outil est maintenant configuré: dans la fenêtre principale, clique sur "Scan". Le scan commence, une nouvelle fenêtre s'ouvre indiquant la progression du balayage en pourcentage.
# A la fin du scan, AVP Tool signale les objets infectés par l'intermédiaire d'une pop-up: coche alors "Apply to all" et clique sur "Delete" ou "Disinfect" selon ce que propose la fenêtre:



* Une fois les infections traitées par l'intermédiaire des pop-ups, il se peut que des fichiers malsains n'aient pas été supprimés: ils apparaissent en rouge dans la liste: clique alors sur le bouton "Neutralize all" de la fenêtre de progression du scan: si une pop-up indique qu'il faut redémarrer, accepte en cliquant sur "OK"


Par contre Kasperky s'installe au démarrage pour fonctionner correctement: pas cool. Une fois qu'il a scanné votre machine, il faut donc le désinstaller.

une fois le nettoyage terminé
DESINSTALLER AVP TOOL

* Ferme AVP TOOL s'il était lancé
* Ouvre le dossier "Kaspersky Lab Tool" que tu avais enregistré sur ton Bureau
* Double-clique sur le fichier "Unins000"
* Répond "Oui" à la question posée par l'outil
* Ferme tout ce que tu étais en train de faire (documents textes, navigateurs, etc...)
* Répond "Oui" à la demande : "Would you like to restart now?" afin de redémarrer l'odinateur.

j'ai fait les manips et en recherchant a nouveau sur drweb antivirus il n'a plus rien trouvé
comment vérifier si tout fonctionne normalement ?