> Tous les forums > Forum Sécurité
 Infection par win32.Banker.fs Trojan.Spy.Agent.DASujet résolu
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
JED972
  Posté le 15/02/2009 @ 18:55 
Aller en bas de la page 
Nouvel astucien

Bonsoir à toutes et à tous,

En surfant sur le net, cet aprem j'ai été infecté par un trojan (win32.Banker.fs Trojan.Spy.Agent.DA). Celui ci à modifier la fond d'écran et m'empeche de le rétablir. De plus, il me génère des infobulles pour m'informer que mon pc est infesté.

J'ai lancé une analyse via Kaspersky mais rien n'y fait, le le pc est toujours infesté.

Quelqu'un pourrait-il m'aider ?

Par avance merci pour le temps que vous passerez pour me répondre.

Publicité
philae
 Posté le 15/02/2009 à 19:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir et bienvenue sur PCA Sécurité

Télécharge random's system information tool (RSIT) par random/random
TUTO

et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSITle téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
JED972
 Posté le 15/02/2009 à 19:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Ci-dessous le log.txt.

Par contre je n'arrive pas à extraitre le text.txt

Logfile of random's system information tool 1.05 (written by random/random)
Run by Julien at 2009-02-15 19:20:53
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 60 GB (58%) free of 103 GB
Total RAM: 3070 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:20:55, on 15/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\ansyslmd.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\UGSPLM\I-DEAS11\sec\eds_id11.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\rundll32.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\svzip.exe
C:\WINDOWS\vlc.exe
C:\WINDOWS\svx.exe
C:\WINDOWS\wdmon.exe
C:\WINDOWS\svw.exe
C:\WINDOWS\runsql.exe
C:\WINDOWS\sv.exe
C:\WINDOWS\svhoster.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\odb.exe
C:\WINDOWS\svc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Julien\Bureau\RSIT.exe
C:\Program Files\trend micro\Julien.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Wmuja] rundll32.exe "C:\WINDOWS\Irahup.dll",e
O4 - HKLM\..\Run: [odb] C:\WINDOWS\odb.exe
O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe
O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
O4 - HKLM\..\Run: [vlc] C:\WINDOWS\vlc.exe
O4 - HKLM\..\Run: [netx] C:\WINDOWS\svx.exe
O4 - HKLM\..\Run: [wdmon] C:\WINDOWS\wdmon.exe
O4 - HKLM\..\Run: [netw] C:\WINDOWS\svw.exe
O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe
O4 - HKCU\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe
O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?e=1226232667142&h=ab2aca49d347c362b5f63bec1008b6ac/&filename=jinstall-6u10-windows-i586-jc.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~2\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~2\KASPER~1\kloehk.dll
O20 - Winlogon Notify: gemsafe - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Julien\LOCALS~1\Temp\wndutl32.dll
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: I-DEAS License Manager 11.0 - GLOBEtrotter Software Inc. - C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
O23 - Service: IT iona_services.config_rep.jed cfr-MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
O23 - Service: IT iona_services.locator.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
O23 - Service: IT iona_services.naming.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
O23 - Service: IT iona_services.node_daemon.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ansys JobManager Service V11 (JobManagerService110) - Ansys, Inc - C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Ansys ScriptHost Service V11 (ScriptHostService110) - Ansys, Inc. - C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: NTRU TSS v1.2.1.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: WaveEnrollmentService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 17234 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1229255857.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-20 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-21 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-05-17 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-20 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-09 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-05-17 806912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-20 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-05-24 851968]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-08-06 8466432]
"nwiz"=nwiz.exe /installquiet []
"NVHotkey"=C:\WINDOWS\system32\nvHotkey.dll [2007-08-06 67584]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-08-06 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-09 136600]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-12-05 405504]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-07-25 823296]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-07-25 974848]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2007-07-03 1228800]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2007-09-10 92160]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2007-09-14 218424]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-08-17 1116920]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-05-08 29744]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-01-17 17920]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Wmuja"=C:\WINDOWS\Irahup.dll [2009-02-15 39936]
"odb"=C:\WINDOWS\odb.exe [2009-02-15 233984]
"UpdateWin"=C:\WINDOWS\system32\acelpdecl.exe [2009-02-15 43008]
"netzip"=C:\WINDOWS\svzip.exe [2009-02-15 283136]
"vlc"=C:\WINDOWS\vlc.exe [2009-02-15 234496]
"netx"=C:\WINDOWS\svx.exe [2009-02-15 235008]
"wdmon"=C:\WINDOWS\wdmon.exe [2009-02-15 235008]
"netw"=C:\WINDOWS\svw.exe [2009-02-15 234496]
"runsql"=C:\WINDOWS\runsql.exe [2009-02-15 282624]
"netc"=C:\WINDOWS\svc.exe [2009-02-15 234496]
"netsv32"=C:\WINDOWS\sv.exe [2009-02-15 282112]
"net64"=C:\WINDOWS\svhoster.exe [2009-02-15 281088]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-15 206088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2006-03-01 90112]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-03 68856]
"UpdateWin"=C:\WINDOWS\system32\acelpdecl.exe [2009-02-15 43008]
"userinit"=C:\WINDOWS\system32\ntos.exe [2008-04-14 90112]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~2\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~2\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gemsafe]
C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll [2006-11-16 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
IPC Configuration Utility - IPC Configuration Utility
Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Julien\LOCALS~1\Temp\wndutl32.dll [2009-02-15 13736]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\ideas\ideast.exe"="C:\UGSPLM\I-DEAS11\ideas\ideast.exe:*:Enabled:I-deas NX Series"
"C:\UGSPLM\I-DEAS11\oarun\dpsmgr.exe"="C:\UGSPLM\I-DEAS11\oarun\dpsmgr.exe:*:Enabled:dpsmgr"
"C:\UGSPLM\I-DEAS11\stb\suptab.exe"="C:\UGSPLM\I-DEAS11\stb\suptab.exe:*:Enabled:I-deas NX Series"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe:*:Enabled:ac4catia5.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe:*:Enabled:ansconug10.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe:*:Enabled:ansconug30.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe:*:Enabled:ansconug180.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe:*:Enabled:ansconug190.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\DOCUME~1\Julien\LOCALS~1\Temp\pinnew.exe"="C:\DOCUME~1\Julien\LOCALS~1\Temp\pinnew.exe:*:Enabled:Enabled"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe:*:Enabled:ac4catia5.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe:*:Enabled:ansconug10.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe:*:Enabled:ansconug30.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe:*:Enabled:ansconug180.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe:*:Enabled:ansconug190.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42e62afa-7fd5-11dd-ac38-001e37aefc11}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe


======List of files/folders created in the last 1 months======

2009-02-15 18:25:21 ----D---- C:\Program Files\trend micro
2009-02-15 18:25:20 ----D---- C:\rsit
2009-02-15 14:50:00 ----SHD---- C:\Config.Msi
2009-02-15 14:48:59 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-15 13:53:25 ----A---- C:\WINDOWS\svhoster.exe
2009-02-15 13:53:23 ----A---- C:\WINDOWS\sv.exe
2009-02-15 13:53:22 ----A---- C:\WINDOWS\svw.exe
2009-02-15 13:53:22 ----A---- C:\WINDOWS\svc.exe
2009-02-15 13:53:22 ----A---- C:\WINDOWS\runsql.exe
2009-02-15 13:53:21 ----A---- C:\WINDOWS\wdmon.exe
2009-02-15 13:53:20 ----A---- C:\WINDOWS\vlc.exe
2009-02-15 13:53:20 ----A---- C:\WINDOWS\svx.exe
2009-02-15 13:53:19 ----A---- C:\WINDOWS\svzip.exe
2009-02-15 13:50:47 ----RSH---- C:\WINDOWS\system32\acelpdecl.exe
2009-02-15 13:50:47 ----A---- C:\WINDOWS\odb.exe
2009-02-15 13:50:45 ----SHD---- C:\WINDOWS\system32\wsnpoem
2009-02-15 13:50:45 ----A---- C:\WINDOWS\Irahup.dll
2009-02-12 06:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-16 22:20:17 ----D---- C:\Tuto

======List of files/folders modified in the last 1 months======

2009-02-15 19:18:14 ----D---- C:\WINDOWS\Temp
2009-02-15 18:25:21 ----RD---- C:\Program Files
2009-02-15 18:01:52 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-02-15 18:01:50 ----D---- C:\WINDOWS\Registration
2009-02-15 18:01:15 ----D---- C:\WINDOWS
2009-02-15 18:01:15 ----D---- C:\MDT
2009-02-15 18:01:10 ----D---- C:\WINDOWS\system32
2009-02-15 18:01:08 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D330 MDC V.92 Modem.txt
2009-02-15 18:01:03 ----D---- C:\flexlm
2009-02-15 17:59:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-15 15:05:37 ----D---- C:\WINDOWS\system32\drivers
2009-02-15 15:02:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-15 14:54:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-15 14:53:46 ----SHD---- C:\WINDOWS\Installer
2009-02-15 14:52:34 ----D---- C:\Program Files\Kaspersky Lab
2009-02-15 14:51:07 ----HD---- C:\WINDOWS\inf
2009-02-15 14:50:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-15 14:02:44 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-15 14:01:31 ----D---- C:\WINDOWS\Prefetch
2009-02-14 23:43:10 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-12 21:47:33 ----D---- C:\Program Files\Internet Explorer
2009-02-12 06:49:45 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-12 06:49:43 ----A---- C:\WINDOWS\imsins.BAK
2009-02-12 06:49:36 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-08 17:41:45 ----D---- C:\Program Files\IKEA HomePlanner
2009-02-04 00:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-17 12:58:01 ----SD---- C:\WINDOWS\Tasks
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-12-14 82380]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 klif;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-02-15 226832]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-04-26 64896]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-03 21393]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9432]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2007-12-02 12672]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-07-17 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-17 56832]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-07-17 37376]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-05-29 12416]
R2 WavxDMgr;WavxDMgr; C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys [2007-09-10 161280]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-07-17 161792]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [2007-11-28 62208]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-12-02 989952]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-12-02 211200]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NETw4x32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-08-12 2211456]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-08-06 6835744]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-12-05 1222840]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-05-24 202912]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2007-04-26 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-26 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2007-04-26 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-04-26 73600]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2007-04-26 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-26 41856]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WaveFDE;Wave System Power Monitor Device Driver; C:\WINDOWS\system32\DRIVERS\WaveFDE.sys [2007-09-06 18176]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-12-02 731136]
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager; C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe [2006-11-03 1327104]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-15 206088]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-07-25 647168]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-18 168432]
R2 I-DEAS License Manager 11.0;I-DEAS License Manager 11.0; C:\UGSPLM\I-DEAS11\sec\lmgrd.exe [2004-02-09 595456]
R2 IT iona_services.config_rep.jed cfr-MyDomain;IT iona_services.config_rep.jed cfr-MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe [2002-06-17 127030]
R2 IT iona_services.locator.jed MyDomain;IT iona_services.locator.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe [2002-06-17 127030]
R2 IT iona_services.naming.jed MyDomain;IT iona_services.naming.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe [2002-06-17 127030]
R2 IT iona_services.node_daemon.jed MyDomain;IT iona_services.node_daemon.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe [2002-06-17 127030]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-09 152984]
R2 JobManagerService110;Ansys JobManager Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [2007-09-20 20480]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2007-07-03 475136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-08-06 155717]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-07-25 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-07-25 987136]
R2 ScriptHostService110;Ansys ScriptHost Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [2007-09-20 20480]
R2 tcsd_win32.exe;NTRU TSS v1.2.1.25 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2007-11-08 1552384]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2007-09-07 737280]
R2 Wave UCSPlus;Wave UCSPlus; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-07-25 294912]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-05-08 29744]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2007-08-31 486400]
S3 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WaveEnrollmentService;WaveEnrollmentService; C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [2007-09-13 192512]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

philae
 Posté le 15/02/2009 à 20:44 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir

effectivement le pc est bien infecté, dans l'immédiat fait ceci stp

* scan en suivant ce tuto (mais supprime ce qu'il te détectera)

Malwarebyte's (scan rapide)

* poste le rapport ici ensuite

JED972
 Posté le 15/02/2009 à 21:25 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Voici le rapport de Malwarebytes :

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1764
Windows 5.1.2600 Service Pack 3

15/02/2009 21:19:40
mbam-log-2009-02-15 (21-19-40).txt

Type de recherche: Examen rapide
Eléments examinés: 85450
Temps écoulé: 8 minute(s), 4 second(s)

Processus mémoire infecté(s): 10
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 22
Elément(s) de données du Registre infecté(s): 13
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 39

Processus mémoire infecté(s):
C:\WINDOWS\svc.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\svhoster.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\svx.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\vlc.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\wdmon.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\runsql.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\sv.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\svzip.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\svw.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\odb.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Documents and Settings\Julien\Local Settings\Temp\wndutl32.dll (Trojan.FakeAlert) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{020487cc-fc04-4b1e-863f-d9801796230b} (Trojan.FakeAlert) -> Delete on reboot.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{020487cc-fc04-4b1e-863f-d9801796230b} (Trojan.FakeAlert) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wmuja (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netc (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\net64 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\UpdateWin (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\UpdateWin (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netx (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vlc (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wdmon (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runsql (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netsv32 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netzip (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netw (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\odb (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Backdoor.Bot) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Backdoor.Bot) -> Data: c:\windows\system32\ntos.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Backdoor.Bot) -> Data: system32\ntos.exe -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\Julien\Local Settings\Temp\wndutl32.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\Julien\Local Settings\Temp\q1.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q2.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q3.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q5.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q6.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q7.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q8.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q9.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\Irahup.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\svc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\svhoster.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\5_odb.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\6_ldr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\q4.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\teste1_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\teste2_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\teste3_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\teste4_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\avto.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\avto1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\avto2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\avto3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Local Settings\Temp\avto4.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\acelpdecl.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\svx.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\vlc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\wdmon.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\runsql.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\sv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\svzip.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\svw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Application Data\config.cfg (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Julien\Application Data\~tmp.html (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\odb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntos.exe (Backdoor.Bot) -> Delete on reboot.

philae
 Posté le 15/02/2009 à 21:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

re

ok

relance ton pc si ce n'est pas déjà fait, et reposte un rapport RSIT stp

JED972
 Posté le 15/02/2009 à 21:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Le rapport de RSIT après reboot :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Julien at 2009-02-15 21:43:43
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (58%) free of 103 GB
Total RAM: 3070 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:43:46, on 15/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\ansyslmd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\UGSPLM\I-DEAS11\sec\eds_id11.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\Julien\Bureau\RSIT.exe
C:\Program Files\trend micro\Julien.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?e=1226232667142&h=ab2aca49d347c362b5f63bec1008b6ac/&filename=jinstall-6u10-windows-i586-jc.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~2\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~2\KASPER~1\kloehk.dll
O20 - Winlogon Notify: gemsafe - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll
O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: I-DEAS License Manager 11.0 - GLOBEtrotter Software Inc. - C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
O23 - Service: IT iona_services.config_rep.jed cfr-MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
O23 - Service: IT iona_services.locator.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
O23 - Service: IT iona_services.naming.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
O23 - Service: IT iona_services.node_daemon.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ansys JobManager Service V11 (JobManagerService110) - Ansys, Inc - C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Ansys ScriptHost Service V11 (ScriptHostService110) - Ansys, Inc. - C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: NTRU TSS v1.2.1.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: WaveEnrollmentService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 15358 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1229255857.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-20 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-21 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-05-17 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-20 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-09 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-05-17 806912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-20 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-05-24 851968]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-08-06 8466432]
"nwiz"=nwiz.exe /installquiet []
"NVHotkey"=C:\WINDOWS\system32\nvHotkey.dll [2007-08-06 67584]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-08-06 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-09 136600]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-12-05 405504]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-07-25 823296]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-07-25 974848]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2007-07-03 1228800]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2007-09-10 92160]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2007-09-14 218424]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-08-17 1116920]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-05-08 29744]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-01-17 17920]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"UpdateWin"=C:\WINDOWS\system32\acelpdecl.exe []
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-15 206088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2006-03-01 90112]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-03 68856]
"UpdateWin"=C:\WINDOWS\system32\acelpdecl.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~2\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~2\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gemsafe]
C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll [2006-11-16 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
IPC Configuration Utility - IPC Configuration Utility

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\ideas\ideast.exe"="C:\UGSPLM\I-DEAS11\ideas\ideast.exe:*:Enabled:I-deas NX Series"
"C:\UGSPLM\I-DEAS11\oarun\dpsmgr.exe"="C:\UGSPLM\I-DEAS11\oarun\dpsmgr.exe:*:Enabled:dpsmgr"
"C:\UGSPLM\I-DEAS11\stb\suptab.exe"="C:\UGSPLM\I-DEAS11\stb\suptab.exe:*:Enabled:I-deas NX Series"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe:*:Enabled:ac4catia5.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe:*:Enabled:ansconug10.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe:*:Enabled:ansconug30.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe:*:Enabled:ansconug180.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe:*:Enabled:ansconug190.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\DOCUME~1\Julien\LOCALS~1\Temp\pinnew.exe"="C:\DOCUME~1\Julien\LOCALS~1\Temp\pinnew.exe:*:Enabled:Enabled"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe:*:Enabled:ac4catia5.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe:*:Enabled:ansconug10.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe:*:Enabled:ansconug30.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe:*:Enabled:ansconug180.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe:*:Enabled:ansconug190.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42e62afa-7fd5-11dd-ac38-001e37aefc11}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe


======List of files/folders created in the last 1 months======

2009-02-15 21:04:43 ----D---- C:\Documents and Settings\Julien\Application Data\Malwarebytes
2009-02-15 21:04:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-15 21:04:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-15 18:25:21 ----D---- C:\Program Files\trend micro
2009-02-15 18:25:20 ----D---- C:\rsit
2009-02-15 14:50:00 ----SHD---- C:\Config.Msi
2009-02-15 14:48:59 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-12 06:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-16 22:20:17 ----D---- C:\Tuto

======List of files/folders modified in the last 1 months======

2009-02-15 21:43:32 ----D---- C:\WINDOWS\Temp
2009-02-15 21:43:02 ----D---- C:\WINDOWS\Registration
2009-02-15 21:42:17 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-02-15 21:42:00 ----D---- C:\MDT
2009-02-15 21:41:58 ----D---- C:\WINDOWS\system32
2009-02-15 21:41:58 ----D---- C:\WINDOWS
2009-02-15 21:41:45 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D330 MDC V.92 Modem.txt
2009-02-15 21:41:42 ----D---- C:\flexlm
2009-02-15 21:41:20 ----D---- C:\WINDOWS\system32\drivers
2009-02-15 21:40:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-15 21:04:35 ----RD---- C:\Program Files
2009-02-15 15:02:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-15 14:54:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-15 14:53:46 ----SHD---- C:\WINDOWS\Installer
2009-02-15 14:52:34 ----D---- C:\Program Files\Kaspersky Lab
2009-02-15 14:51:07 ----HD---- C:\WINDOWS\inf
2009-02-15 14:50:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-15 14:02:44 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-15 14:01:31 ----D---- C:\WINDOWS\Prefetch
2009-02-14 23:43:10 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-12 21:47:33 ----D---- C:\Program Files\Internet Explorer
2009-02-12 06:49:45 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-12 06:49:43 ----A---- C:\WINDOWS\imsins.BAK
2009-02-12 06:49:36 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-08 17:41:45 ----D---- C:\Program Files\IKEA HomePlanner
2009-02-04 00:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-17 12:58:01 ----SD---- C:\WINDOWS\Tasks
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-12-14 82380]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 klif;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-02-15 226832]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-04-26 64896]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-03 21393]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9432]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2007-12-02 12672]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-07-17 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-17 56832]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-07-17 37376]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-05-29 12416]
R2 WavxDMgr;WavxDMgr; C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys [2007-09-10 161280]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-07-17 161792]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [2007-11-28 62208]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-12-02 989952]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-12-02 211200]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NETw4x32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-08-12 2211456]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-08-06 6835744]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-12-05 1222840]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-05-24 202912]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2007-04-26 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-26 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2007-04-26 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-04-26 73600]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2007-04-26 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-26 41856]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WaveFDE;Wave System Power Monitor Device Driver; C:\WINDOWS\system32\DRIVERS\WaveFDE.sys [2007-09-06 18176]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-12-02 731136]
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager; C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe [2006-11-03 1327104]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-15 206088]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-07-25 647168]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-18 168432]
R2 I-DEAS License Manager 11.0;I-DEAS License Manager 11.0; C:\UGSPLM\I-DEAS11\sec\lmgrd.exe [2004-02-09 595456]
R2 IT iona_services.config_rep.jed cfr-MyDomain;IT iona_services.config_rep.jed cfr-MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe [2002-06-17 127030]
R2 IT iona_services.locator.jed MyDomain;IT iona_services.locator.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe [2002-06-17 127030]
R2 IT iona_services.naming.jed MyDomain;IT iona_services.naming.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe [2002-06-17 127030]
R2 IT iona_services.node_daemon.jed MyDomain;IT iona_services.node_daemon.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe [2002-06-17 127030]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-09 152984]
R2 JobManagerService110;Ansys JobManager Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [2007-09-20 20480]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2007-07-03 475136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-08-06 155717]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-07-25 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-07-25 987136]
R2 ScriptHostService110;Ansys ScriptHost Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [2007-09-20 20480]
R2 tcsd_win32.exe;NTRU TSS v1.2.1.25 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2007-11-08 1552384]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2007-09-07 737280]
R2 Wave UCSPlus;Wave UCSPlus; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-07-25 294912]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-05-08 29744]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2007-08-31 486400]
S3 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WaveEnrollmentService;WaveEnrollmentService; C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [2007-09-13 192512]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

philae
 Posté le 15/02/2009 à 21:57 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

re

merci

* lance hijackthis "do a system scan only" puis coche ces lignes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/hws/sb/dell-row-rel/fr/side.html?channel=fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=1080403

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\system32\acelpdecl.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?e=1226232667142&h=ab2aca49d347c362b5f63bec1008b6ac/&filename=jinstall-6u10-windows-i586-jc.cab

O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file)

* toutes applications fermées, clique sur FIX CHECKED

ensuite

* Télécharger OTMoveIt3 de (OldTimer)
* Enregistrer le fichier sur le Bureau.

* Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignes de la citation ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

instructions:

:processes
explorer.exe
acelpdecl.exe


:files
c:\windows\system32\acelpdecl.exe

:commands
[emptytemp]
[reboot]

* Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
* Vérifier (dans le menu Format) que "Retour automatique à ligne" n'est pas actif (pas coché).
* Enregistrer le fichier sous le nom OTfichiers.txt
* Fermer le Bloc-notes.
Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: xxxx pseudo xxx
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



* Lance OTMoveIt3 (de OldTimer)
* Faire un double clic sur OTMoveIt3.exe pour lancer l'outil.
* Ouvrir le fichier OTfichiers.txt dans le Bloc-notes.
* En sélectionner toutes les lignes puis appuyer simultanément sur les touches Ctrl et C

* Retourner dans la fenêtre de OTMoveIt3, faire un clic droit dans la fenêtre située sur la gauche nommée "Paste Instructions for Items to be Moved"

* Cliquer sur le bouton MoveIt!:

Attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes


Résultats
Envoyer en réponse:
*- le rapport de OTMoveIt3 (contenu du fichier Lecteur\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[Lecteur représente la partition depuis laquelle OTMoveIt3 a été lancé, généralement C:]

JED972
 Posté le 16/02/2009 à 23:00 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Voila la réponse :

Error: Unable to interpret <instructions:> in the current context!
========== PROCESSES ==========
Process explorer.exe killed successfully.
Unable to kill process: acelpdecl.exe
========== FILES ==========
File/Folder c:\windows\system32\acelpdecl.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Julien\LOCALS~1\Temp\~DF33EA.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Julien\LOCALS~1\Temp\~DF9F5E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Julien\LOCALS~1\Temp\~DFB657.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_288.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02162009_225108

Publicité
philae
 Posté le 17/02/2009 à 00:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

ok, reposte un nouveau rapport RSIT stp

JED972
 Posté le 17/02/2009 à 00:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

Logfile of random's system information tool 1.05 (written by random/random)
Run by Julien at 2009-02-17 00:10:04
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 69 GB (67%) free of 103 GB
Total RAM: 3070 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:10:07, on 17/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\Explorer.EXE
C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\ansyslmd.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
C:\UGSPLM\I-DEAS11\sec\eds_id11.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\UMStor\Res.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\Julien\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Julien.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\WINDOWS\UMStor\Res.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~2\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~2\KASPER~1\kloehk.dll
O20 - Winlogon Notify: gemsafe - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: I-DEAS License Manager 11.0 - GLOBEtrotter Software Inc. - C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
O23 - Service: IT iona_services.config_rep.jed cfr-MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
O23 - Service: IT iona_services.locator.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
O23 - Service: IT iona_services.naming.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
O23 - Service: IT iona_services.node_daemon.jed MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ansys JobManager Service V11 (JobManagerService110) - Ansys, Inc - C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Ansys ScriptHost Service V11 (ScriptHostService110) - Ansys, Inc. - C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: NTRU TSS v1.2.1.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: WaveEnrollmentService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 12366 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1229255857.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-20 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-21 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-05-17 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-20 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-09 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-05-17 806912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-20 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-05-24 851968]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-08-06 8466432]
"NVHotkey"=C:\WINDOWS\system32\nvHotkey.dll [2007-08-06 67584]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-08-06 81920]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-12-05 405504]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-07-25 823296]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-07-25 974848]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2007-07-03 1228800]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2007-09-10 92160]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2007-09-14 218424]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-08-17 1116920]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-05-08 29744]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-01-17 17920]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-15 206088]
"USB Storage Toolbox"=C:\WINDOWS\UMStor\Res.EXE [2005-09-14 65536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-03 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~2\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~2\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~2\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gemsafe]
C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll [2006-11-16 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoDriveAutoRun"=4294967295

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe"="C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe:*:Enabled:IT Generic Server"
"C:\UGSPLM\I-DEAS11\ideas\ideast.exe"="C:\UGSPLM\I-DEAS11\ideas\ideast.exe:*:Enabled:I-deas NX Series"
"C:\UGSPLM\I-DEAS11\oarun\dpsmgr.exe"="C:\UGSPLM\I-DEAS11\oarun\dpsmgr.exe:*:Enabled:dpsmgr"
"C:\UGSPLM\I-DEAS11\stb\suptab.exe"="C:\UGSPLM\I-DEAS11\stb\suptab.exe:*:Enabled:I-deas NX Series"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe:*:Enabled:ac4catia5.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe:*:Enabled:ansconug10.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe:*:Enabled:ansconug30.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe:*:Enabled:ansconug180.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe:*:Enabled:ansconug190.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\DOCUME~1\Julien\LOCALS~1\Temp\pinnew.exe"="C:\DOCUME~1\Julien\LOCALS~1\Temp\pinnew.exe:*:Enabled:Enabled"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe"="C:\Program Files\Ansys Inc\v100\CommonFiles\CATIAV5\Intel\code\bin\ac4catia5.exe:*:Enabled:ac4catia5.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug10\Intel\ansconug10.exe:*:Enabled:ansconug10.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"
"C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe"="C:\Program Files\Ansys Inc\v100\ANSYS\ac4\bin\ug30\Intel\ansconug30.exe:*:Enabled:ansconug30.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ans_admin.exe:*:Enabled:ans_admin.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970.exe:*:Enabled:ls970.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\ls970_DP.exe:*:Enabled:ls970_DP.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lspost.exe:*:Enabled:lspost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\lsprepostd.exe:*:Enabled:lsprepostd.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitest.exe:*:Enabled:mpitest.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\mpitestmpich.exe:*:Enabled:mpitestmpich.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\sxpost.exe:*:Enabled:sxpost.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYS\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\bin\Intel\DANSYSMPICH\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\tclsh.exe:*:Enabled:tclsh.exe"
"C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe"="C:\Program Files\Ansys Inc\v90\CommonFiles\TCL\bin\Intel\wish.exe:*:Enabled:wish.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\catia\Intel\ac4catia.exe:*:Enabled:ac4catia.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\para\Intel\ac4para.exe:*:Enabled:ac4para.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\pro\Intel\ac4pro.exe:*:Enabled:ac4pro.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\sat\Intel\ac4sat.exe:*:Enabled:ac4sat.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug180\Intel\ansconug180.exe:*:Enabled:ansconug180.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug190\Intel\ansconug190.exe:*:Enabled:ansconug190.exe"
"C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe"="C:\Program Files\Ansys Inc\v90\ANSYS\ac4\bin\ug20\Intel\ansconug20.exe:*:Enabled:ansconug20.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42e62afa-7fd5-11dd-ac38-001e37aefc11}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe


======List of files/folders created in the last 1 months======

2009-02-16 22:51:08 ----D---- C:\_OTMoveIt
2009-02-16 21:48:39 ----D---- C:\Documents and Settings\Julien\Application Data\Roxio
2009-02-16 19:19:45 ----D---- C:\WINDOWS\UMStor
2009-02-16 19:19:40 ----D---- C:\Program Files\USB Disk Win98 Driver
2009-02-15 21:04:43 ----D---- C:\Documents and Settings\Julien\Application Data\Malwarebytes
2009-02-15 21:04:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-15 21:04:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-15 18:25:21 ----D---- C:\Program Files\trend micro
2009-02-15 18:25:20 ----D---- C:\rsit
2009-02-15 14:50:00 ----SHD---- C:\Config.Msi
2009-02-15 14:48:59 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-12 06:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-02-17 00:09:53 ----D---- C:\WINDOWS\Temp
2009-02-16 22:57:37 ----D---- C:\WINDOWS\Prefetch
2009-02-16 22:55:52 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-02-16 22:55:37 ----D---- C:\MDT
2009-02-16 22:55:34 ----D---- C:\WINDOWS
2009-02-16 22:55:17 ----D---- C:\WINDOWS\Registration
2009-02-16 22:54:41 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D330 MDC V.92 Modem.txt
2009-02-16 22:54:37 ----D---- C:\flexlm
2009-02-16 22:53:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-16 19:55:30 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-16 19:54:56 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-16 19:54:02 ----RD---- C:\Program Files
2009-02-16 19:19:45 ----HD---- C:\WINDOWS\inf
2009-02-16 19:19:45 ----D---- C:\WINDOWS\system32\drivers
2009-02-16 19:19:45 ----D---- C:\WINDOWS\system
2009-02-16 19:19:41 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-16 19:19:16 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-02-16 07:13:21 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-15 21:41:58 ----D---- C:\WINDOWS\system32
2009-02-15 15:02:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-15 14:54:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-15 14:53:46 ----SHD---- C:\WINDOWS\Installer
2009-02-15 14:52:34 ----D---- C:\Program Files\Kaspersky Lab
2009-02-12 21:47:33 ----D---- C:\Program Files\Internet Explorer
2009-02-12 06:49:45 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-12 06:49:43 ----A---- C:\WINDOWS\imsins.BAK
2009-02-12 06:49:36 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-08 17:41:45 ----D---- C:\Program Files\IKEA HomePlanner
2009-02-04 00:21:12 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-12-14 82380]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 klif;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-02-15 226832]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-04-26 64896]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-03 21393]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9432]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2007-12-02 12672]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-07-17 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-17 56832]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-07-17 37376]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-05-29 12416]
R2 WavxDMgr;WavxDMgr; C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys [2007-09-10 161280]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-07-17 161792]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [2007-11-28 62208]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-12-02 989952]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-12-02 211200]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NETw4x32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-08-12 2211456]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-08-06 6835744]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-12-05 1222840]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-05-24 202912]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2007-04-26 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-26 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2007-04-26 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-04-26 73600]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2007-04-26 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-26 41856]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WaveFDE;Wave System Power Monitor Device Driver; C:\WINDOWS\system32\DRIVERS\WaveFDE.sys [2007-09-06 18176]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-12-02 731136]
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager; C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\lmgrd.exe [2006-11-03 1327104]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-02-15 206088]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-07-25 647168]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-18 168432]
R2 I-DEAS License Manager 11.0;I-DEAS License Manager 11.0; C:\UGSPLM\I-DEAS11\sec\lmgrd.exe [2004-02-09 595456]
R2 IT iona_services.config_rep.jed cfr-MyDomain;IT iona_services.config_rep.jed cfr-MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe [2002-06-17 127030]
R2 IT iona_services.locator.jed MyDomain;IT iona_services.locator.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe [2002-06-17 127030]
R2 IT iona_services.naming.jed MyDomain;IT iona_services.naming.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe [2002-06-17 127030]
R2 IT iona_services.node_daemon.jed MyDomain;IT iona_services.node_daemon.jed MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe [2002-06-17 127030]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-09 152984]
R2 JobManagerService110;Ansys JobManager Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [2007-09-20 20480]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2007-07-03 475136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-08-06 155717]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-07-25 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-07-25 987136]
R2 ScriptHostService110;Ansys ScriptHost Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [2007-09-20 20480]
R2 tcsd_win32.exe;NTRU TSS v1.2.1.25 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2007-11-08 1552384]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2007-09-07 737280]
R2 Wave UCSPlus;Wave UCSPlus; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-07-25 294912]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-05-08 29744]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2007-08-31 486400]
S3 stllssvr;stllssvr; C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WaveEnrollmentService;WaveEnrollmentService; C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [2007-09-13 192512]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

philae
 Posté le 17/02/2009 à 00:24 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

re

apparemment ce n'est pas mal. As tu encore des soucis particuliers ?

JED972
 Posté le 17/02/2009 à 07:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

A prioiri, je n'ai plus de souci.

Je te remercie beaucoup.

Tout de même, me confirmes-tu que mon pc n'est plus infecté ?

Bonne journée

philae
 Posté le 17/02/2009 à 19:14 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

oui tout est ok maintenant.

  • Lance OTmoveIT.
  • Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargé).
    NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder a internet, Autorise le.
  • Une liste apparait dans la partie gauche d'OTmoveIT.
  • Un message apparait pour confirmer le nettoyage. Confirme.

ensuite

IMPORTANT

IMPORTANT
Même si tu n'utilises pas ces logiciels, tu dois les maintenir à jour, car tu n'es pas hors de danger.
Si tu ne les utilises pas, alors désinstalle les.


* Il faut mettre à jour Adobe Reader vers la version 9
http://www.adobe.com/fr/products/acrobat/readstep2_allversions.html

Sélectionne ton système et la version appropriée ainsi que la langue souhaitée.
Cette version désinstalle les précédentes.

-------------


Java Runtime Environment (JRE) 6 Update12
: http://java.sun.com/javase/downloads/index.jsp
-> 1ème lien...Java Runtime Environnement -> JRE:6u12 -> Windows offline
Tuto : https://forum.pcastuces.com/sujet.asp?f=25&s=43715 (suis la version installation offline)

* Enregistre le fichier sur ton Bureau
* Ferme tous tes programmes (surtout les navigateurs Internet)
* Clique sur -> jre-6u11-windows-i586-p-s.exe pour installer la nouvelle version.
* Suis les instructions à l'écran.

* tu pourras en profiter pour lire les liens de ma signature afin d'apprendre à mieux te protéger sur le net

* met ton sujet en resolu stp. Merci

bonne fin de soirée

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
infection rogue et Trojan:Win32/Agent.BI
infection: trojan-proxy.win32.agent.kj
Infection par trojan Ramsom.win32.foreign.ecma
trojan downloader.win32.agent!E2
Infection Win32.FraudLoad / Win32.Agent.ieu
Trojan win32.agent.fbx dangereux?
infection par Trojan:Win32/Lodap!rts
Trojan win32.agent.bkr
Rootkit, trojan agent, Win32/TrojanClicker.Agent.N
comment se débarrasser du virus trojan.win32.agent
Plus de sujets relatifs à Infection par win32.Banker.fs Trojan.Spy.Agent.DA
 > Tous les forums > Forum Sécurité