Hi,
MSE detected this trojan, and now my computer keeps rebooting each time it's detected.
It's running windows 7 x64.
Broni I saw your post so here is the result for the FRST scan (first part):
Scan result of Farbar Recovery Scan Tool Version: 19-06-2012
Ran by SYSTEM at 20-06-2012 01:45:08
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6629480 2011-04-14] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [312936 2011-04-21] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167704 2011-08-05] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392472 2011-08-05] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [416024 2011-08-05] (Intel Corporation)
HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-11-01] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe [4500640 2011-03-10] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] ()
HKLM\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2922496 2011-06-16] (Eastman Kodak Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10357008 2011-10-18] (Intel Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [75064 2011-07-07] ()
HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [2835443 2012-02-01] ()
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2922496 2011-06-16] (Eastman Kodak Company)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [Conime] %windir%\system32\conime.exe [x]
HKLM-x32\...\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot [296056 2012-06-06] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKU\nacer\...\Run: [AdobeBridge] [x]
HKU\nacer\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [12163568 2012-06-13] (Google)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll
==================== Services (Whitelisted) ======
3 Adobe Version Cue CS4; "C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service [284016 2008-08-15] (Adobe Systems Incorporated)
2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [661504 2011-10-19] (Intel Corporation)
2 Bluetooth Device Monitor; "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" [936272 2011-10-18] (Intel Corporation)
3 Bluetooth Media Service; "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe" [1354064 2011-10-18] (Intel Corporation)
2 Bluetooth OBEX Service; "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" [1001808 2011-10-18] (Intel Corporation)
2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [135440 2011-10-20] (Intel(R) Corporation)
2 DellDigitalDelivery; "C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [166912 2012-04-09] (Dell Products, LP.)
3 FLEXnet Licensing Service 64; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" [1038088 2012-04-02] (Acresso Software Inc.)
2 Kodak AiO Network Discovery Service; C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [394672 2011-12-19] (Eastman Kodak Company)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()
2 NOBU; "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE [2823000 2010-08-25] (Dell, Inc.)
2 NovacomD; C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [71168 2011-03-15] (Palm)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-03-19] ()
2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2012-03-19] ()
3 RoxMediaDB12OEM; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe" [1116656 2010-11-25] (Sonic Solutions)
2 RoxWatch12; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe" [219632 2010-11-25] (Sonic Solutions)
2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [2656280 2010-12-20] (Intel Corporation)
========================== Drivers (Whitelisted) =============
2 adfs; C:\Windows\SysWow64\Drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
3 AMPPAL; C:\Windows\System32\Drivers\AMPPAL.sys [195072 2011-10-19] (Windows (R) Win 7 DDK provider)
3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [195072 2011-10-19] (Windows (R) Win 7 DDK provider)
3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [51712 2011-05-19] (Intel Corporation)
3 btmaux; C:\Windows\System32\Drivers\btmaux.sys [53760 2011-08-29] (Intel Corporation)
3 btmhsf; C:\Windows\System32\Drivers\btmhsf.sys [288768 2011-10-10] (Intel Corporation)
3 iBtFltCoex; C:\Windows\System32\Drivers\iBtFltCoex.sys [59904 2011-10-11] (Intel Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [250984 2010-12-01] (Realtek Semiconductor Corp.)
2 TurboB; C:\Windows\System32\Drivers\TurboB.sys [16120 2010-11-29] (Intel(R) Corporation)
3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-06-19 21:05 - 2012-06-19 21:05 - 00065536 __ASH C:\Windows\System32\config\components{56d800df-8bba-11e1-9301-4ceb421039a1}.TxR.blf
2012-06-18 22:04 - 2012-06-18 22:04 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-18 22:04 - 2012-06-18 22:04 - 00000000 ____D C:\Users\All Users\Application Data\HitmanPro
2012-06-17 16:42 - 2012-06-17 16:42 - 00000000 ____D C:\Users\nacer\Application Data\Malwarebytes
2012-06-17 16:42 - 2012-06-17 16:42 - 00000000 ____D C:\Users\nacer\AppData\Roaming\Malwarebytes
2012-06-17 16:39 - 2012-06-19 23:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-17 16:39 - 2012-06-17 16:39 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-17 16:39 - 2012-06-17 16:39 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-17 16:39 - 2012-06-17 16:39 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-17 16:39 - 2012-06-17 16:39 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-06-17 16:39 - 2012-04-04 14:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-17 09:16 - 2012-06-19 23:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-17 09:16 - 2012-06-19 23:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-16 15:13 - 2012-06-16 15:14 - 00000000 ____D C:\Users\nacer\Desktop\Nouveau dossier
2012-06-15 07:40 - 2012-06-15 07:40 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Another.Happy.Day.2011.TRUEFRENCH.DVDRip.XviD.AC3-DesTroY
2012-06-14 02:02 - 2012-06-14 02:02 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2012-06-14 02:02 - 2012-06-14 02:02 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2012-06-14 02:01 - 2012-05-17 21:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-14 02:01 - 2012-05-17 21:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-14 02:01 - 2012-05-17 21:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-14 02:01 - 2012-05-17 20:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-14 02:01 - 2012-05-17 20:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-14 02:01 - 2012-05-17 20:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-14 02:01 - 2012-05-17 20:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-14 02:01 - 2012-05-17 20:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-14 02:01 - 2012-05-17 20:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-14 02:01 - 2012-05-17 20:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-14 02:01 - 2012-05-17 20:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-14 02:01 - 2012-05-17 20:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-14 02:01 - 2012-05-17 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-14 02:01 - 2012-05-17 20:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-14 02:01 - 2012-05-17 18:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-14 02:01 - 2012-05-17 17:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-14 02:01 - 2012-05-17 17:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-14 02:01 - 2012-05-17 17:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-14 02:01 - 2012-05-17 17:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-14 02:01 - 2012-05-17 17:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-14 02:01 - 2012-05-17 17:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-14 02:01 - 2012-05-17 17:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-14 02:01 - 2012-05-17 17:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-14 02:01 - 2012-05-17 17:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-14 02:01 - 2012-05-17 17:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-14 02:01 - 2012-05-17 17:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-14 02:01 - 2012-05-17 17:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-14 02:01 - 2012-05-17 17:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-13 09:21 - 2012-05-14 20:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 09:21 - 2012-05-04 06:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-13 09:21 - 2012-05-04 05:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-13 09:21 - 2012-05-04 05:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-13 09:21 - 2012-05-01 00:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-13 09:21 - 2012-04-27 22:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 09:21 - 2012-04-26 00:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-13 09:21 - 2012-04-26 00:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-13 09:21 - 2012-04-26 00:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-13 09:21 - 2012-04-24 00:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-13 09:21 - 2012-04-24 00:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-13 09:21 - 2012-04-24 00:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-13 09:21 - 2012-04-23 23:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-13 09:21 - 2012-04-23 23:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-13 09:21 - 2012-04-23 23:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-13 09:21 - 2012-04-07 07:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-13 09:21 - 2012-04-07 06:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-12 23:53 - 2012-06-19 00:01 - 00000000 ___SD C:\Users\nacer\Google Drive
2012-06-12 23:53 - 2012-06-12 23:53 - 00001673 ____A C:\Users\nacer\Desktop\Google Drive.lnk
2012-06-12 23:47 - 2012-06-12 23:47 - 00000000 ____D C:\Users\nacer\AppData\LocalGoogle
2012-06-12 23:46 - 2012-06-19 22:25 - 00001062 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-12 23:46 - 2012-06-18 21:51 - 00001066 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-12 23:46 - 2012-06-12 23:47 - 00000000 ____D C:\Program Files (x86)\Google
2012-06-11 21:43 - 2012-06-14 23:20 - 00000000 ____D C:\Users\nacer\Desktop\annonce kijiji
2012-06-11 20:18 - 2012-06-11 20:18 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] 21.Jump.Street.2012.FRENCH.BDRip.XviD.REPACK.1CD-ITOMA
2012-06-11 20:13 - 2012-06-11 20:14 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Jeff.Who.Lives.at.Home.2011.LIMITED.FRENCH.DVDRip.XViD-AYMO
2012-06-08 21:46 - 2012-06-08 21:46 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Dance For It 2011 TRUEFRENCH DvDRiP Xvid-TFTD
2012-06-08 18:33 - 2012-06-02 17:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-08 18:33 - 2012-06-02 17:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-08 18:33 - 2012-06-02 17:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-08 18:33 - 2012-06-02 17:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-08 18:33 - 2012-06-02 17:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-08 18:33 - 2012-06-02 17:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-08 18:33 - 2012-06-02 17:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-08 18:33 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-08 18:33 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-07 16:25 - 2012-06-07 16:25 - 00000000 ____D C:\Users\nacer\Documents\Adobe
2012-06-07 11:58 - 2012-06-16 17:58 - 00000000 ____D C:\Users\nacer\Desktop\Exportation sans titre
2012-06-07 10:28 - 2012-06-07 10:28 - 00002029 ____A C:\Users\Public\Desktop\Lightroom 4.1 64-bits.lnk
2012-06-07 10:28 - 2012-06-07 10:28 - 00002029 ____A C:\Users\All Users\Desktop\Lightroom 4.1 64-bits.lnk
2012-06-07 10:23 - 2012-06-07 10:23 - 00000000 ____D C:\Users\nacer\Desktop\Adobe
2012-06-06 23:28 - 2012-06-06 23:28 - 00000000 ____D C:\Users\nacer\Application Data\ElephormDVDPlayer.8FC2E10752433BF8182FC825ABC2922D2AC381F8.1
2012-06-06 23:28 - 2012-06-06 23:28 - 00000000 ____D C:\Users\nacer\AppData\Roaming\ElephormDVDPlayer.8FC2E10752433BF8182FC825ABC2922D2AC381F8.1
2012-06-06 23:28 - 2012-06-06 23:28 - 00000000 ____D C:\Program Files (x86)\Elephorm
2012-06-06 20:13 - 2012-06-06 20:13 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Ingenious.2009.STV.FRENCH.DVDRip.XviD-SHARiNG
2012-06-06 13:48 - 2012-06-06 13:48 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Man.on.a.Ledge.2012.FRENCH.BRRiP.XviD-AUTOPSiE
2012-06-06 11:05 - 2012-06-06 11:05 - 00001096 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2012-06-06 11:05 - 2012-06-06 11:05 - 00001096 ____A C:\Users\All Users\Desktop\RealPlayer.lnk
2012-06-04 11:54 - 2012-06-04 11:55 - 00005120 ____A C:\Users\nacer\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-04 11:54 - 2012-06-04 11:55 - 00005120 ____A C:\Users\nacer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-04 11:54 - 2012-06-04 11:55 - 00005120 ____A C:\Users\nacer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-03 21:20 - 2012-06-03 21:21 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Lord.Of.The.Light.2011.FRENCH.DVDRiP.XViD.AC3-ARTEFAC
2012-06-03 20:40 - 2012-06-04 08:31 - 00000000 ____D C:\Users\nacer\Application Data\DivX
2012-06-03 20:40 - 2012-06-04 08:31 - 00000000 ____D C:\Users\nacer\AppData\Roaming\DivX
2012-06-03 20:39 - 2012-06-04 08:33 - 00000000 ____D C:\Program Files\DivX
2012-06-03 20:38 - 2012-06-04 08:33 - 00000000 ____D C:\Program Files (x86)\DivX
2012-06-03 20:24 - 2012-06-04 08:33 - 00000000 ____D C:\Users\All Users\DivX
2012-06-03 20:24 - 2012-06-04 08:33 - 00000000 ____D C:\Users\All Users\Application Data\DivX
2012-06-03 20:14 - 2012-06-03 20:14 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Project.X.2012.FRENCH.BRRiP.XviD.AC3-AUTOPSiE
2012-06-03 03:34 - 2012-06-03 03:34 - 00001179 ____A C:\Users\Public\Desktop\Capture NX 2.lnk
2012-06-03 03:34 - 2012-06-03 03:34 - 00001179 ____A C:\Users\All Users\Desktop\Capture NX 2.lnk
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\nacer\Application Data\Textures
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\nacer\AppData\Roaming\Textures
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Transportation
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Trance Pad
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Application Data\Transportation
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Application Data\Trance Pad
2012-06-03 03:34 - 2012-06-03 03:34 - 00000020 ____H C:\Users\All Users\PKP_DLck.DAT
2012-06-03 03:34 - 2012-06-03 03:34 - 00000020 ____H C:\Users\All Users\Application Data\PKP_DLck.DAT
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Command Line Utility
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Colors
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Application Data\Command Line Utility
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Application Data\Colors
2012-06-03 03:31 - 2012-06-10 09:45 - 00000020 ____H C:\Users\All Users\PKP_DLbx.DAT
2012-06-03 03:31 - 2012-06-10 09:45 - 00000020 ____H C:\Users\All Users\Application Data\PKP_DLbx.DAT
2012-06-02 18:40 - 2012-06-02 18:40 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-01 08:30 - 2012-06-01 08:30 - 00000000 ____D C:\Users\nacer\Local Settings\MétéoMédia
2012-06-01 08:30 - 2012-06-01 08:30 - 00000000 ____D C:\Users\nacer\Local Settings\Application Data\MétéoMédia
2012-06-01 08:30 - 2012-06-01 08:30 - 00000000 ____D C:\Users\nacer\AppData\Local\MétéoMédia
2012-05-31 14:53 - 2012-05-31 14:53 - 00000000 ____D C:\Program Files\WinZip
2012-05-25 18:40 - 2012-05-25 18:42 - 00000000 ____D C:\Users\nacer\Downloads\ELsirra.Alnabawya.Tarek.Swidan
2012-05-25 17:43 - 2012-05-25 17:43 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Safe.House.2012.FRENCH.BRRiP.XViD-JHB
2012-05-25 17:41 - 2012-05-25 17:41 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Safe.House.2012.VOSTFR.DVDRip.XviD.AC3-KLine
2012-05-23 23:22 - 2012-05-23 23:22 - 00266925 ____A C:\Users\nacer\Desktop\Facture102.pdf
MSE detected this trojan, and now my computer keeps rebooting each time it's detected.
It's running windows 7 x64.
Broni I saw your post so here is the result for the FRST scan (first part):
Scan result of Farbar Recovery Scan Tool Version: 19-06-2012
Ran by SYSTEM at 20-06-2012 01:45:08
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6629480 2011-04-14] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [312936 2011-04-21] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167704 2011-08-05] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392472 2011-08-05] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [416024 2011-08-05] (Intel Corporation)
HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-11-01] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe [4500640 2011-03-10] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] ()
HKLM\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2922496 2011-06-16] (Eastman Kodak Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10357008 2011-10-18] (Intel Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [75064 2011-07-07] ()
HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [2835443 2012-02-01] ()
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2922496 2011-06-16] (Eastman Kodak Company)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [Conime] %windir%\system32\conime.exe [x]
HKLM-x32\...\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot [296056 2012-06-06] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKU\nacer\...\Run: [AdobeBridge] [x]
HKU\nacer\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [12163568 2012-06-13] (Google)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll
==================== Services (Whitelisted) ======
3 Adobe Version Cue CS4; "C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service [284016 2008-08-15] (Adobe Systems Incorporated)
2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [661504 2011-10-19] (Intel Corporation)
2 Bluetooth Device Monitor; "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" [936272 2011-10-18] (Intel Corporation)
3 Bluetooth Media Service; "C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe" [1354064 2011-10-18] (Intel Corporation)
2 Bluetooth OBEX Service; "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" [1001808 2011-10-18] (Intel Corporation)
2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [135440 2011-10-20] (Intel(R) Corporation)
2 DellDigitalDelivery; "C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [166912 2012-04-09] (Dell Products, LP.)
3 FLEXnet Licensing Service 64; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" [1038088 2012-04-02] (Acresso Software Inc.)
2 Kodak AiO Network Discovery Service; C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [394672 2011-12-19] (Eastman Kodak Company)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()
2 NOBU; "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE [2823000 2010-08-25] (Dell, Inc.)
2 NovacomD; C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [71168 2011-03-15] (Palm)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-03-19] ()
2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [189248 2012-03-19] ()
3 RoxMediaDB12OEM; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe" [1116656 2010-11-25] (Sonic Solutions)
2 RoxWatch12; "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe" [219632 2010-11-25] (Sonic Solutions)
2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [2656280 2010-12-20] (Intel Corporation)
========================== Drivers (Whitelisted) =============
2 adfs; C:\Windows\SysWow64\Drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
3 AMPPAL; C:\Windows\System32\Drivers\AMPPAL.sys [195072 2011-10-19] (Windows (R) Win 7 DDK provider)
3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [195072 2011-10-19] (Windows (R) Win 7 DDK provider)
3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [51712 2011-05-19] (Intel Corporation)
3 btmaux; C:\Windows\System32\Drivers\btmaux.sys [53760 2011-08-29] (Intel Corporation)
3 btmhsf; C:\Windows\System32\Drivers\btmhsf.sys [288768 2011-10-10] (Intel Corporation)
3 iBtFltCoex; C:\Windows\System32\Drivers\iBtFltCoex.sys [59904 2011-10-11] (Intel Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [250984 2010-12-01] (Realtek Semiconductor Corp.)
2 TurboB; C:\Windows\System32\Drivers\TurboB.sys [16120 2010-11-29] (Intel(R) Corporation)
3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-06-19 21:05 - 2012-06-19 21:05 - 00065536 __ASH C:\Windows\System32\config\components{56d800df-8bba-11e1-9301-4ceb421039a1}.TxR.blf
2012-06-18 22:04 - 2012-06-18 22:04 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-06-18 22:04 - 2012-06-18 22:04 - 00000000 ____D C:\Users\All Users\Application Data\HitmanPro
2012-06-17 16:42 - 2012-06-17 16:42 - 00000000 ____D C:\Users\nacer\Application Data\Malwarebytes
2012-06-17 16:42 - 2012-06-17 16:42 - 00000000 ____D C:\Users\nacer\AppData\Roaming\Malwarebytes
2012-06-17 16:39 - 2012-06-19 23:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-17 16:39 - 2012-06-17 16:39 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-17 16:39 - 2012-06-17 16:39 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-17 16:39 - 2012-06-17 16:39 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-17 16:39 - 2012-06-17 16:39 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-06-17 16:39 - 2012-04-04 14:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-17 09:16 - 2012-06-19 23:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-17 09:16 - 2012-06-19 23:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-16 15:13 - 2012-06-16 15:14 - 00000000 ____D C:\Users\nacer\Desktop\Nouveau dossier
2012-06-15 07:40 - 2012-06-15 07:40 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Another.Happy.Day.2011.TRUEFRENCH.DVDRip.XviD.AC3-DesTroY
2012-06-14 02:02 - 2012-06-14 02:02 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2012-06-14 02:02 - 2012-06-14 02:02 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2012-06-14 02:01 - 2012-05-17 21:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-14 02:01 - 2012-05-17 21:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-14 02:01 - 2012-05-17 21:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-14 02:01 - 2012-05-17 20:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-14 02:01 - 2012-05-17 20:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-14 02:01 - 2012-05-17 20:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-14 02:01 - 2012-05-17 20:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-14 02:01 - 2012-05-17 20:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-14 02:01 - 2012-05-17 20:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-14 02:01 - 2012-05-17 20:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-14 02:01 - 2012-05-17 20:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-14 02:01 - 2012-05-17 20:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-14 02:01 - 2012-05-17 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-14 02:01 - 2012-05-17 20:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-14 02:01 - 2012-05-17 18:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-14 02:01 - 2012-05-17 17:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-14 02:01 - 2012-05-17 17:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-14 02:01 - 2012-05-17 17:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-14 02:01 - 2012-05-17 17:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-14 02:01 - 2012-05-17 17:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-14 02:01 - 2012-05-17 17:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-14 02:01 - 2012-05-17 17:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-14 02:01 - 2012-05-17 17:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-14 02:01 - 2012-05-17 17:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-14 02:01 - 2012-05-17 17:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-14 02:01 - 2012-05-17 17:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-14 02:01 - 2012-05-17 17:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-14 02:01 - 2012-05-17 17:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-13 09:21 - 2012-05-14 20:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 09:21 - 2012-05-04 06:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-13 09:21 - 2012-05-04 05:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-13 09:21 - 2012-05-04 05:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-13 09:21 - 2012-05-01 00:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-13 09:21 - 2012-04-27 22:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 09:21 - 2012-04-26 00:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-13 09:21 - 2012-04-26 00:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-13 09:21 - 2012-04-26 00:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-13 09:21 - 2012-04-24 00:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-13 09:21 - 2012-04-24 00:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-13 09:21 - 2012-04-24 00:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-13 09:21 - 2012-04-23 23:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-13 09:21 - 2012-04-23 23:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-13 09:21 - 2012-04-23 23:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-13 09:21 - 2012-04-07 07:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-13 09:21 - 2012-04-07 06:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-12 23:53 - 2012-06-19 00:01 - 00000000 ___SD C:\Users\nacer\Google Drive
2012-06-12 23:53 - 2012-06-12 23:53 - 00001673 ____A C:\Users\nacer\Desktop\Google Drive.lnk
2012-06-12 23:47 - 2012-06-12 23:47 - 00000000 ____D C:\Users\nacer\AppData\LocalGoogle
2012-06-12 23:46 - 2012-06-19 22:25 - 00001062 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-12 23:46 - 2012-06-18 21:51 - 00001066 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-12 23:46 - 2012-06-12 23:47 - 00000000 ____D C:\Program Files (x86)\Google
2012-06-11 21:43 - 2012-06-14 23:20 - 00000000 ____D C:\Users\nacer\Desktop\annonce kijiji
2012-06-11 20:18 - 2012-06-11 20:18 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] 21.Jump.Street.2012.FRENCH.BDRip.XviD.REPACK.1CD-ITOMA
2012-06-11 20:13 - 2012-06-11 20:14 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Jeff.Who.Lives.at.Home.2011.LIMITED.FRENCH.DVDRip.XViD-AYMO
2012-06-08 21:46 - 2012-06-08 21:46 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Dance For It 2011 TRUEFRENCH DvDRiP Xvid-TFTD
2012-06-08 18:33 - 2012-06-02 17:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-08 18:33 - 2012-06-02 17:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-08 18:33 - 2012-06-02 17:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-08 18:33 - 2012-06-02 17:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-08 18:33 - 2012-06-02 17:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-08 18:33 - 2012-06-02 17:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-08 18:33 - 2012-06-02 17:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-08 18:33 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-08 18:33 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-07 16:25 - 2012-06-07 16:25 - 00000000 ____D C:\Users\nacer\Documents\Adobe
2012-06-07 11:58 - 2012-06-16 17:58 - 00000000 ____D C:\Users\nacer\Desktop\Exportation sans titre
2012-06-07 10:28 - 2012-06-07 10:28 - 00002029 ____A C:\Users\Public\Desktop\Lightroom 4.1 64-bits.lnk
2012-06-07 10:28 - 2012-06-07 10:28 - 00002029 ____A C:\Users\All Users\Desktop\Lightroom 4.1 64-bits.lnk
2012-06-07 10:23 - 2012-06-07 10:23 - 00000000 ____D C:\Users\nacer\Desktop\Adobe
2012-06-06 23:28 - 2012-06-06 23:28 - 00000000 ____D C:\Users\nacer\Application Data\ElephormDVDPlayer.8FC2E10752433BF8182FC825ABC2922D2AC381F8.1
2012-06-06 23:28 - 2012-06-06 23:28 - 00000000 ____D C:\Users\nacer\AppData\Roaming\ElephormDVDPlayer.8FC2E10752433BF8182FC825ABC2922D2AC381F8.1
2012-06-06 23:28 - 2012-06-06 23:28 - 00000000 ____D C:\Program Files (x86)\Elephorm
2012-06-06 20:13 - 2012-06-06 20:13 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Ingenious.2009.STV.FRENCH.DVDRip.XviD-SHARiNG
2012-06-06 13:48 - 2012-06-06 13:48 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Man.on.a.Ledge.2012.FRENCH.BRRiP.XviD-AUTOPSiE
2012-06-06 11:05 - 2012-06-06 11:05 - 00001096 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2012-06-06 11:05 - 2012-06-06 11:05 - 00001096 ____A C:\Users\All Users\Desktop\RealPlayer.lnk
2012-06-04 11:54 - 2012-06-04 11:55 - 00005120 ____A C:\Users\nacer\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-04 11:54 - 2012-06-04 11:55 - 00005120 ____A C:\Users\nacer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-04 11:54 - 2012-06-04 11:55 - 00005120 ____A C:\Users\nacer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-03 21:20 - 2012-06-03 21:21 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Lord.Of.The.Light.2011.FRENCH.DVDRiP.XViD.AC3-ARTEFAC
2012-06-03 20:40 - 2012-06-04 08:31 - 00000000 ____D C:\Users\nacer\Application Data\DivX
2012-06-03 20:40 - 2012-06-04 08:31 - 00000000 ____D C:\Users\nacer\AppData\Roaming\DivX
2012-06-03 20:39 - 2012-06-04 08:33 - 00000000 ____D C:\Program Files\DivX
2012-06-03 20:38 - 2012-06-04 08:33 - 00000000 ____D C:\Program Files (x86)\DivX
2012-06-03 20:24 - 2012-06-04 08:33 - 00000000 ____D C:\Users\All Users\DivX
2012-06-03 20:24 - 2012-06-04 08:33 - 00000000 ____D C:\Users\All Users\Application Data\DivX
2012-06-03 20:14 - 2012-06-03 20:14 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Project.X.2012.FRENCH.BRRiP.XviD.AC3-AUTOPSiE
2012-06-03 03:34 - 2012-06-03 03:34 - 00001179 ____A C:\Users\Public\Desktop\Capture NX 2.lnk
2012-06-03 03:34 - 2012-06-03 03:34 - 00001179 ____A C:\Users\All Users\Desktop\Capture NX 2.lnk
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\nacer\Application Data\Textures
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\nacer\AppData\Roaming\Textures
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Transportation
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Trance Pad
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Application Data\Transportation
2012-06-03 03:34 - 2012-06-03 03:34 - 00000268 ___RH C:\Users\All Users\Application Data\Trance Pad
2012-06-03 03:34 - 2012-06-03 03:34 - 00000020 ____H C:\Users\All Users\PKP_DLck.DAT
2012-06-03 03:34 - 2012-06-03 03:34 - 00000020 ____H C:\Users\All Users\Application Data\PKP_DLck.DAT
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Command Line Utility
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Colors
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Application Data\Command Line Utility
2012-06-03 03:34 - 2012-06-03 03:34 - 00000012 ___RH C:\Users\All Users\Application Data\Colors
2012-06-03 03:31 - 2012-06-10 09:45 - 00000020 ____H C:\Users\All Users\PKP_DLbx.DAT
2012-06-03 03:31 - 2012-06-10 09:45 - 00000020 ____H C:\Users\All Users\Application Data\PKP_DLbx.DAT
2012-06-02 18:40 - 2012-06-02 18:40 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-01 08:30 - 2012-06-01 08:30 - 00000000 ____D C:\Users\nacer\Local Settings\MétéoMédia
2012-06-01 08:30 - 2012-06-01 08:30 - 00000000 ____D C:\Users\nacer\Local Settings\Application Data\MétéoMédia
2012-06-01 08:30 - 2012-06-01 08:30 - 00000000 ____D C:\Users\nacer\AppData\Local\MétéoMédia
2012-05-31 14:53 - 2012-05-31 14:53 - 00000000 ____D C:\Program Files\WinZip
2012-05-25 18:40 - 2012-05-25 18:42 - 00000000 ____D C:\Users\nacer\Downloads\ELsirra.Alnabawya.Tarek.Swidan
2012-05-25 17:43 - 2012-05-25 17:43 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Safe.House.2012.FRENCH.BRRiP.XViD-JHB
2012-05-25 17:41 - 2012-05-25 17:41 - 00000000 ____D C:\Users\nacer\Downloads\[www.Cpasbien.com] Safe.House.2012.VOSTFR.DVDRip.XviD.AC3-KLine
2012-05-23 23:22 - 2012-05-23 23:22 - 00266925 ____A C:\Users\nacer\Desktop\Facture102.pdf