a beluga

voici le rapport de about:buster: pour hijackthis, ou est le rapport? AboutBuster 6.02 Scan started on [2006-06-16] at [21:39:59] ------------------------------------------------------------- Internet Explorer Instances Terminated! HomeSearch Service stopped if present ------------------------------------------------------------- No Ads Found! ------------------------------------------------------------- No Files Found! ------------------------------------------------------------- Scan was COMPLETED SUCCESSFULLY at 21:46:16 AboutBuster 6.02 Scan started on [2006-06-16] at [21:46:48] ------------------------------------------------------------- Internet Explorer Instances Terminated! HomeSearch Service stopped if present ------------------------------------------------------------- No Ads Found! ------------------------------------------------------------- No Files Found! ------------------------------------------------------------- Scan was COMPLETED SUCCESSFULLY at 21:52:42

bon, je n'ai pas de fichier comctl32.ocx, j'ai un fichier comctl32.dll.... j'ai essayé de copier ce fichier et de changer l'extention par ocx (juste pour voir si ça allait marcher) mais ça n'a pas marcher

hum... non j'ai pas de problème... j'ai fais exactement ce que tu m'a dis et tout a fonctionné (en fait j'ai pas vérifié si les fichiers étaient éffacés mais il a eu aucun message d'erreur)

quand le scan de about:buster a fini, il a eu un message d'erreur, j'ai noter le message que voici : run-time error '339' component 'comctl32.ocx' or one of its dependencies not correctly registered: a file is missing or invalid. pour le rapport de windatfind, Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\ 2006-06-15 18:20 0 dirdat.txt 2006-06-15 18:19 467 845 120 hiberfil.sys 2006-06-15 18:19 704 643 072 pagefile.sys 2006-06-11 22:33 12 630 AVSCAN-20060611-214534-A86CA4F8.LOG 2006-06-10 14:38 158 908 SpybotSD.Results.txt 2006-06-06 19:19 6 351 Nouveau Document texte.txt 2006-06-06 19:19 10 816 112 antivir_workstation_win7u_en_h.exe 2006-05-17 02:20 17 d.bat 2006-04-26 23:16 184 320 PlayerHost.dll 2006-04-26 17:05 216 boot.ini 2006-04-10 16:56 156 054 SpybotSD.Report.txt 2006-02-28 12:55 1 463 ip.txt 2005-12-09 19:51 25 AUTOEXEC.BAT 2005-12-09 17:57 2 174 400 2mo-file 2005-09-28 21:19 6 764 Lisez Moi.htm 2005-09-22 09:28 0 MSDOS.SYS 2005-09-22 09:28 0 AUTOEXEC.SYD 2005-09-22 09:28 0 IO.SYS 2004-08-05 08:00 4 952 Bootfont.bin 2004-08-05 08:00 251 712 ntldr 2004-08-05 08:00 47 564 NTDETECT.COM 21 fichier(s) 1 186 309 680 octets 0 R‚p(s) 35 708 841 984 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\WINDOWS\system32 2006-06-15 18:20 2 206 wpa.dbl 2006-06-15 15:00 20 480 Thumbs.db 2006-06-15 12:34 2 550 Uninstall.ico 2006-06-15 12:34 1 406 Help.ico 2006-06-15 12:34 30 590 pavas.ico 2006-06-14 20:14 45 initdebug.nfo 2006-06-11 11:53 57 384 avsda.dll 2006-06-05 18:30 0 asfiles.txt 2006-06-02 23:49 158 752 FNTCACHE.DAT 2006-05-29 21:28 87 ssprs.tgz 2006-05-29 21:28 73 ssprs.dll 2006-05-29 21:28 219 lsprst7.tgz 2006-05-29 21:28 205 lsprst7.dll 2006-05-29 21:28 1 025 clauth1.dll 2006-05-29 21:28 1 025 clauth2.dll 2006-05-29 21:28 1 025 sysprs7.dll 2006-05-29 21:28 1 025 sysprs7.tgz 2006-05-23 17:26 579 888 LegitCheckControl.dll 2006-05-23 17:25 402 736 WgaLogon.dll 2006-05-23 17:25 285 488 WgaTray.exe 2006-05-04 00:26 5 818 784 MRT.exe 2006-04-26 20:04 43 520 CmdLineExt03.dll 2006-04-25 10:28 421 888 RealMediaSplitter.ax 2006-04-24 18:29 9 158 TitanPokerIconDropTRA107.ico 2006-04-07 23:47 3 072 CONFIG.NT 2006-04-06 10:54 73 728 asuninst.exe 2006-04-03 11:40 14 048 spmsg.dll 2006-04-03 10:59 128 xposer.cfg 2006-04-03 10:59 128 asinst.cfg 2006-04-02 09:26 75 464 perfc00C.dat 2006-04-02 09:26 401 262 perfh009.dat 2006-04-02 09:26 468 310 perfh00C.dat 2006-04-02 09:26 1 018 888 PerfStringBackup.INI 2006-04-02 09:26 62 542 perfc009.dat 2006-03-30 05:29 1 495 040 shdocvw.dll 2006-03-29 21:52 25 088 xpsp3res.dll 2006-03-29 16:47 196 712 Targets.dat 2006-03-25 13:53 3 262 win2000.ico 2006-03-23 16:32 3 076 608 mshtml.dll 2006-03-18 07:07 616 448 urlmon.dll 2006-03-17 05:11 679 424 inetcomm.dll 2006-03-17 00:07 8 508 416 shell32.dll 2006-03-16 20:38 28 672 verclsid.exe 2006-03-10 06:09 5 533 696 wmp.dll 2006-03-04 00:00 667 648 wininet.dll 2006-03-04 00:00 474 624 shlwapi.dll 2006-03-04 00:00 39 424 pngfilt.dll 2006-03-04 00:00 532 480 mstime.dll 2006-03-04 00:00 448 512 mshtmled.dll 2006-03-04 00:00 146 432 msrating.dll 2006-03-04 00:00 251 904 iepeers.dll 2006-03-04 00:00 96 768 inseng.dll 2006-03-04 00:00 55 808 extmgr.dll 2006-03-04 00:00 152 064 cdfview.dll 2006-03-04 00:00 205 312 dxtrans.dll 2006-03-04 00:00 1 056 768 danim.dll 2006-03-04 00:00 1 022 976 browseui.dll 2006-03-01 15:42 11 776 xolehlp.dll 2006-03-01 15:42 161 280 msdtcuiu.dll 2006-03-01 15:42 91 136 mtxoci.dll 2006-03-01 15:42 66 560 mtxclu.dll 2006-03-01 15:42 426 496 msdtcprx.dll 2006-03-01 15:42 956 416 msdtctm.dll 2006-02-26 22:52 21 840 SIntfNT.dll 2006-02-26 22:52 17 212 SIntf32.dll 2006-02-26 22:52 12 067 SIntf16.dll 2006-02-23 11:22 1 047 552 mfc71u.dll 2006-02-14 22:53 176 167 rmoc3260.dll 2006-02-14 22:53 6 656 pndx5016.dll 2006-02-14 22:53 5 632 pndx5032.dll 2006-02-14 22:53 278 528 pncrt.dll 2006-01-27 18:38 503 296 aswBoot.exe 2006-01-27 18:30 90 112 AVASTSS.scr 2006-01-25 11:13 492 544 WRLogonNtf.dll 2006-01-25 11:13 8 192 ssiefr.EXE 2006-01-25 11:13 17 920 wrlzma.dll 2006-01-03 23:35 68 096 webclnt.dll 2005-12-28 22:56 280 064 gdi32.dll 2005-12-18 14:53 604 T2 2005-12-14 04:24 118 784 sirenacm.dll 2005-12-02 08:50 238 $winnt$.inf 2005-12-02 08:50 320 results.txt 2005-10-29 01:53 86 016 pintool.exe 2005-10-29 01:53 26 112 bcsprsrc.dll 2005-10-29 01:25 133 120 axaltocm.dll 2005-10-29 01:25 151 552 ifxcardm.dll 2005-10-28 17:40 96 792 basecsp.dll 2005-10-20 18:25 1 097 728 esent.dll 2005-10-17 21:58 65 536 QuickTimeVR.qtx 2005-10-17 21:57 49 152 QuickTime.qts 2005-10-17 17:21 118 272 t2embed.dll 2005-10-17 17:21 80 896 fontsub.dll 2005-10-05 23:08 1 839 616 win32k.sys 2005-09-30 11:51 624 oeminfo.ini 2005-09-23 08:28 74 240 mscories.dll 2005-09-23 08:28 270 848 mscoree.dll 2005-09-23 08:28 150 016 mscorier.dll 2005-09-23 08:28 83 456 dfshim.dll 2005-09-23 01:05 2 918 jupdate-1.5.0_02-b09.log 2005-09-23 00:40 23 392 nscompat.tlb 2005-09-23 00:40 16 832 amcompat.tlb 2005-09-22 18:12 333 $ncsp$.inf 2005-09-22 09:26 488 logonui.exe.manifest 2005-09-22 09:26 488 WindowsLogon.manifest 2005-09-22 09:26 749 cdplayer.exe.manifest 2005-09-22 09:26 749 wuaucpl.cpl.manifest 2005-09-22 09:26 749 sapi.cpl.manifest 2005-09-22 09:26 749 ncpa.cpl.manifest 2005-09-22 09:26 749 nwc.cpl.manifest 2005-09-22 09:25 21 892 emptyregdb.dat 2005-09-22 04:22 0 h323log.txt 2005-09-09 21:55 2 067 968 cdosys.dll 2005-09-07 14:56 24 576 TSBWLS.dll 2005-08-31 21:43 19 968 linkinfo.dll 2005-08-31 21:43 292 352 winsrv.dll 2005-08-29 23:55 1 293 312 quartz.dll 2005-08-25 18:18 118 784 MSSTDFMT.DLL 2005-08-22 23:39 124 928 umpnpmgr.dll 2005-08-22 14:35 197 632 netman.dll 2005-08-12 12:14 1 171 456 TPwrSave.cpl 2005-08-12 12:14 266 240 TPSMain.exe 2005-08-12 12:14 49 152 TPSDel.dll 2005-08-12 12:14 40 960 TPSMainCtl.dll 2005-08-12 12:14 86 016 CpuPerf.dll 2005-08-12 12:14 45 056 TPwrCfg.dll 2005-08-12 12:14 40 960 TPSBattM.exe 2005-08-12 12:14 40 960 TPSAddin.dll 2005-08-12 12:14 49 152 TPSTrace.dll 2005-08-12 12:13 77 824 TPwrReg.dll 2005-08-10 07:02 0 px.ini 2005-08-03 15:09 368 640 HWSetup.cpl 2005-08-02 11:39 40 960 HWS_Ctrl.dll 2005-08-01 06:10 61 500 DLAAPI_W.DLL 2005-07-30 09:27 405 504 Px.dll 2005-07-30 09:26 172 032 PxMas.dll 2005-07-30 09:25 339 968 PxWave.dll 2005-07-26 04:01 430 080 pxdrv.dll 2005-07-26 00:29 101 376 txflog.dll 2005-07-26 00:29 398 336 rpcss.dll 2005-07-26 00:29 75 264 olecli32.dll 2005-07-26 00:29 37 376 olecnv32.dll 2005-07-26 00:29 243 200 es.dll 2005-07-26 00:29 540 160 comuid.dll 2005-07-26 00:29 1 267 200 comsvcs.dll 2005-07-26 00:29 97 792 comrepl.dll 2005-07-26 00:29 60 416 colbact.dll 2005-07-26 00:29 498 688 clbcatq.dll 2005-07-26 00:29 110 080 clbcatex.dll 2005-07-26 00:29 625 152 catsrvut.dll 2005-07-26 00:29 225 792 catsrv.dll 2005-07-25 22:29 1 285 632 ole32.dll 2005-07-12 19:04 23 304 GWFSPidGen.dll 2005-07-08 12:28 249 344 tapisrv.dll 2005-07-08 12:28 76 800 remotesp.tsp 2005-07-05 13:01 307 200 atiiiexx.dll 2005-07-05 12:33 241 664 ATIDEMGR.dll 2005-07-05 11:52 6 684 672 atioglx1.dll 2005-07-05 10:51 4 857 856 atioglxx.dll 2005-07-05 10:36 232 960 ati2dvag.dll 2005-07-05 10:32 94 208 atipdlxx.dll 2005-07-05 10:32 73 728 Oemdspif.dll 2005-07-05 10:31 25 088 Ati2mdxx.exe 2005-07-05 10:31 39 936 ati2edxx.dll 2005-07-05 10:31 46 080 ati2evxx.dll 2005-07-05 10:30 376 832 ati2evxx.exe 2005-07-05 10:30 53 248 ATIDDC.DLL 2005-07-05 10:23 2 360 736 ati3duag.dll 2005-07-05 10:18 648 000 ativvaxx.dll 2005-07-05 10:08 143 360 atikvmag.dll 2005-07-05 09:46 17 408 atitvo32.dll 2005-07-05 09:41 208 896 ati2cqag.dll 2005-06-28 21:49 74 240 mscms.dll 2005-06-28 21:49 254 976 icm32.dll 2005-06-28 09:21 22 752 spupdsvc.exe 2005-06-26 14:13 366 832 msscp.dll 2005-06-22 19:03 151 552 pxwma.dll 2005-06-22 02:00 28 672 VXBLOCK.dll 2005-06-20 11:24 28 672 TPeculiarity.dll 2005-06-15 13:50 295 936 kerberos.dll 2005-06-15 10:55 4 096 speedfan.sys 2005-06-14 04:00 56 832 pxcpya64.exe 2005-06-14 04:00 108 544 pxcpyi64.exe 2005-06-10 19:53 57 856 spoolsv.exe 2005-06-10 04:59 95 617 atiicdxx.dat 2005-06-06 10:58 24 576 ZoomingHook.exe 2005-06-06 10:44 24 576 SPCtl.dll 2005-06-06 10:39 24 576 EKECioCtl.dll 2005-06-03 20:32 28 672 EBLib.DLL 2005-05-31 11:20 79 432 GEARAspi.dll 2005-05-26 22:08 137 216 itss.dll 2005-05-26 22:08 155 136 itircl.dll 2005-05-26 22:08 41 472 hhsetup.dll 2005-05-26 22:08 546 304 hhctrl.ocx 2005-05-26 06:16 195 352 wuaueng1.dll 2005-05-26 06:16 175 896 wuaucpl.cpl 2005-05-26 06:16 128 792 wucltui.dll 2005-05-26 06:16 125 720 wuauclt.exe 2005-05-26 06:16 41 240 wups.dll 2005-05-26 06:16 175 896 wuauclt1.exe 2005-05-26 06:16 18 200 wups2.dll 2005-05-26 06:16 173 536 wuweb.dll 2005-05-26 06:16 1 343 768 wuaueng.dll 2005-05-26 06:16 467 224 wuapi.dll 2005-05-26 06:16 198 424 iuengine.dll 2005-05-26 06:16 75 544 cdm.dll 2005-05-26 05:19 178 408 muweb.dll 2005-05-26 05:16 128 744 mucltui.dll 2005-05-10 22:30 78 336 telnet.exe 2005-05-09 08:47 5 396 atifglpf.xml 2005-05-06 18:33 69 632 TvsCtrl.dll 2005-05-04 15:45 2 890 240 msi.dll 2005-04-25 12:42 278 528 ActiveID.ocx 2005-04-25 05:03 61 440 pxhpinst.exe 2005-04-25 05:03 56 320 pxinsa64.exe 2005-04-25 05:03 109 568 pxinsi64.exe 2005-04-22 07:36 135 168 DVDMenu.dll 2005-04-21 14:16 1 006 080 syssetup.dll 2005-04-15 15:39 1 085 440 ActiveBroadcast.ocx 2005-04-15 14:04 1 032 192 ActiveReceiver.ocx 2005-04-14 12:27 1 712 201 InetClnt.dll 2005-04-11 16:58 516 096 TOSCDSPD.cpl 2005-04-05 21:33 10 177 tosmreg.ini 2005-04-05 18:53 110 592 cselect.exe 2005-03-27 19:36 389 120 athcfg11.dll 2005-03-21 16:00 15 360 msisip.dll 2005-03-21 16:00 884 736 msimsg.dll 2005-03-21 16:00 271 360 msihnd.dll 2005-03-21 16:00 78 848 msiexec.exe 2005-03-04 04:36 127 078 javaws.exe 2005-03-04 04:36 49 265 jpicpl32.cpl 2005-03-04 03:07 49 250 javaw.exe 2005-03-04 03:06 49 248 java.exe 2005-03-02 14:10 56 832 authz.dll 2005-03-02 14:10 578 048 user32.dll 2005-03-02 14:08 2 181 376 ntoskrnl.exe 2005-03-02 14:07 2 058 880 ntkrnlpa.exe 2005-02-24 16:57 32 768 RmWLAN.exe 2005-02-24 16:26 163 840 MFCFirstRemove.exe 2005-01-31 11:54 209 608 Tabctl32.ocx 2005-01-31 11:54 140 096 Comdlg32.ocx 2005-01-31 11:54 647 872 Mscomct2.ocx 2005-01-28 14:44 10 752 wpdtrace.dll 2005-01-28 14:44 173 568 MsPMSP.dll 2005-01-28 14:44 38 912 wpd_ci.dll 2005-01-28 14:44 96 768 logagent.exe 2005-01-28 14:44 6 656 laprxy.dll 2005-01-28 14:44 331 776 wpdmtpdr.dll 2005-01-28 14:44 114 176 wpdmtp.dll 2005-01-28 14:44 142 336 msnetobj.dll 2005-01-28 14:44 224 768 wmasf.dll 2005-01-28 14:44 331 264 wpdsp.dll 2005-01-28 14:44 1 003 008 wmvdmoe2.dll 2005-01-28 14:44 66 560 wpdmtpus.dll 2005-01-28 14:44 895 736 wmvdmod.dll 2005-01-28 14:44 2 370 296 wmvcore.dll 2005-01-28 14:44 25 088 MsPMSNSv.dll 2005-01-28 14:44 1 512 448 WMVADVE.DLL 2005-01-28 14:44 61 952 wpdconns.dll 2005-01-28 14:44 38 912 wdfmgr.exe 2005-01-28 14:44 1 218 808 wmvadvd.dll 2005-01-28 14:44 940 544 wmspdmoe.dll 2005-01-28 14:44 396 528 wmadmod.dll 2005-01-28 14:44 413 944 wmspdmod.dll 2005-01-28 14:44 315 904 MSWMDM.dll 2005-01-28 14:44 47 104 uwdf.exe 2005-01-28 14:44 1 119 744 wmsdmoe2.dll 2005-01-28 14:44 774 904 wmsdmod.dll 2005-01-28 14:44 1 027 072 wmnetmgr.dll 2005-01-28 14:44 150 016 wmidx.dll 2005-01-28 14:44 28 160 WMDMLOG.dll 2005-01-28 14:44 164 864 cewmdm.dll 2005-01-28 14:44 33 792 WMDMPS.dll 2005-01-28 14:44 15 872 wdfapi.dll 2005-01-28 14:44 221 184 qasf.dll 2005-01-28 14:44 716 288 wmadmoe.dll 2005-01-28 14:44 290 816 WMDRMNet.dll 2005-01-28 14:44 502 272 drmv2clt.dll 2005-01-28 14:44 96 768 drmstor.dll 2005-01-28 14:44 258 296 drmclien.dll 2005-01-28 14:44 294 912 blackbox.dll 2005-01-28 14:44 335 872 WMDRMdev.dll 2005-01-26 20:47 1 006 592 msgina.dll 1983 fichier(s) 362 890 450 octets 0 R‚p(s) 35 708 694 528 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\WINDOWS 2006-06-15 18:20 0 0.log 2006-06-15 18:20 1 511 922 WindowsUpdate.log 2006-06-15 18:19 2 048 bootstat.dat 2006-06-15 18:02 2 985 526 ntbtlog.txt 2006-06-15 17:58 32 522 SchedLgU.Txt 2006-06-15 15:04 49 152 Thumbs.db 2006-06-15 14:27 1 125 winamp.ini 2006-06-15 12:34 32 pavsig.txt 2006-06-14 23:10 12 213 mozver.dat 2006-06-14 21:44 311 wiadebug.log 2006-06-14 21:38 4 158 win.ini 2006-06-12 11:07 328 480 setupapi.log 2006-06-11 22:07 35 872 wmsetup.log 2006-06-06 19:32 2 806 setupact.log 2006-06-05 20:14 4 141 spupdsvc.log 2006-06-05 20:12 9 012 WgaNotify.log 2006-06-05 20:12 25 033 updspapi.log 2006-06-05 20:11 7 358 WGA.log 2006-06-05 17:28 4 039 DirectX.log 2006-05-20 22:34 60 GOTO.INI 2006-05-20 16:01 286 720 iun506.exe 2006-05-10 07:20 40 639 iis6.log 2006-05-10 07:20 82 213 comsetup.log 2006-05-10 07:20 49 840 ntdtcsetup.log 2006-05-10 07:20 1 374 imsins.log 2006-05-10 07:20 96 136 tsoc.log 2006-05-10 07:20 13 680 ocmsn.log 2006-05-10 07:20 15 704 KB913580.log 2006-05-10 07:20 116 640 ocgen.log 2006-05-10 07:20 12 360 msgsocm.log 2006-05-10 07:20 247 306 FaxSetup.log 2006-04-26 17:05 327 SYSTEM.INI 2006-04-26 07:03 1 374 imsins.BAK 2006-04-26 07:03 12 135 KB900485.log 2006-04-13 23:50 18 245 KB908531.log 2006-04-13 23:42 15 071 KB911562.log 2006-04-13 23:42 17 671 KB912812.log 2006-04-13 16:22 13 852 KB911565.log 2006-04-13 16:22 11 365 KB911567.log 2006-04-08 11:57 0 win320942-198720232006.exe 2006-04-07 23:07 488 ODBC.INI 2006-03-24 20:44 341 ST6UNST.000 2006-03-24 20:44 73 216 ST6UNST.EXE 2006-03-24 17:35 29 803 DIIUnin.dat 2006-03-10 22:58 335 nsreg.dat 2006-03-02 07:35 0 winsysupd121.dat 2006-02-27 19:31 0 gimmygames.dat 2006-02-27 11:52 2 829 DIIUnin.pif 2006-02-27 11:52 94 208 DIIUnin.exe 2006-02-25 16:45 8 306 ModemLog_TOSHIBA Software Modem.txt 2006-02-15 13:30 11 301 KB911927.log 2006-02-15 13:30 6 861 KB911564.log 2006-02-15 13:29 6 975 KB913446.log 2006-02-12 06:30 0 TPTray.INI 2006-01-27 14:20 479 Uninst2.htm 2006-01-25 11:14 478 720 WRUninstall.dll 2006-01-22 14:37 5 657 192 Hero Editor.CAB 2006-01-12 06:43 10 705 KB908519.log 2006-01-07 18:30 11 662 KB912919.log 2005-12-28 15:04 460 wmsetup10.log 2005-12-28 11:21 4 096 d3dx.dat 2005-12-19 23:38 747 hpwd4500.log 2005-12-19 18:13 90 ARPR.INI 2005-12-18 14:53 604 STLL Notifier 2005-12-18 14:53 604 T3 2005-12-18 14:53 604 T4 2005-12-16 23:10 10 262 KB910437.log 2005-12-16 23:10 16 593 KB905915.log 2005-12-10 22:48 831 ST4UNST.000 2005-12-10 17:34 335 GEARInstall.log 2005-12-09 18:57 349 Suppold.log 2005-12-09 18:57 347 Support.log 2005-12-09 18:35 90 dun.bat 2005-12-09 18:35 436 stci.ini 2005-12-09 12:18 87 NetwkCfg.txt 2005-12-09 12:11 1 468 checkip.dat 2005-12-05 17:36 153 409 setuplog.txt 2005-12-03 16:29 227 SYSTEM.SYD 2005-12-03 00:23 690 OEWABLog.txt 2005-12-02 19:57 0 Sti_Trace.log 2005-12-02 09:01 4 635 KB902344.log 2005-12-02 08:48 1 717 sessmgr.setup.log 2005-12-02 08:48 508 DtcInstall.log 2005-12-02 08:47 3 456 regopt.log 2005-12-02 08:47 0 setuperr.log 2005-12-01 21:51 25 609 WMCSetup.log 2005-12-01 21:51 22 444 basecsp.log 2005-12-01 21:48 25 898 KB896424.log 2005-12-01 21:47 21 830 KB891122.log 2005-12-01 21:47 316 640 WMSysPr9.prx 2005-12-01 21:46 25 191 KB900725.log 2005-12-01 21:46 22 780 KB905749.log 2005-12-01 21:46 23 898 KB896688.log 2005-12-01 21:46 17 308 KB904706.log 2005-12-01 21:46 17 616 KB905414.log 2005-12-01 21:46 16 799 KB901017.log 2005-12-01 21:45 21 163 KB902400.log 2005-12-01 21:42 11 416 KB894391.log 2005-12-01 21:42 11 220 KB896423.log 2005-12-01 21:42 10 705 KB899587.log 2005-12-01 21:42 10 209 KB899591.log 2005-12-01 21:42 10 317 KB893756.log 2005-12-01 21:42 9 135 KB900930.log 2005-12-01 21:42 10 588 KB890859.log 2005-12-01 21:42 5 088 KB898458.log 2005-12-01 21:42 7 097 KB896428.log 2005-12-01 21:42 6 018 KB890046.log 2005-12-01 21:41 5 239 KB887742.log 2005-12-01 21:41 10 775 KB887797.log 2005-12-01 20:51 8 863 KB898461.log 2005-12-01 20:51 6 597 KB893803v2.log 2005-10-10 19:29 510 Unist1.htm 2005-09-23 01:06 0 NDSTray.INI 2005-09-23 01:03 222 wininit.ini 2005-09-23 00:54 0 CeEKey.INI 2005-09-23 00:46 138 Fn-esse.UNI 2005-09-22 18:12 61 smscfg.ini 2005-09-22 14:20 8 192 REGLOCS.OLD 2005-09-22 09:33 193 507 orun32.isu 2005-09-22 09:33 829 orun32.ini 2005-09-22 09:28 0 control.ini 2005-09-22 09:27 4 205 ODBCINST.INI 2005-09-22 09:26 749 WindowsShell.Manifest 2005-09-22 09:25 36 vb.ini 2005-09-22 09:25 37 vbaddin.ini 2005-08-01 06:10 94 263 DLA.EXE 2005-06-10 04:59 95 617 atiicdxx.dat 2005-05-26 19:22 10 752 hh.exe 2005-04-07 18:11 2 949 176 WATER.BMP 2005-04-07 18:10 2 949 176 MASS.BMP 2005-04-07 18:09 3 932 216 ORGANICMETAL.BMP 2005-04-07 18:09 2 949 176 FLUXMETAL.BMP 2005-04-07 18:09 2 949 176 GLASS.BMP 2005-03-02 08:21 200 704 alcrmv.exe 2005-03-01 04:49 192 512 RtlExUpd.dll 2005-02-03 03:13 294 912 alcupd.exe 2005-01-10 04:48 147 456 UNINST32.EXE 205 fichier(s) 56 488 490 octets 0 R‚p(s) 35 708 706 816 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\DOCUME~1\Alexis\LOCALS~1\Temp 2006-06-15 17:56 16 384 ~DFDAA.tmp 2006-06-15 11:26 16 384 ~DF8BA8.tmp 2006-06-14 19:16 693 TWAIN.LOG 2006-06-14 19:16 156 Twunk001.MTX 2006-06-14 19:16 0 Twunk002.MTX 2006-06-14 19:16 2 Twain001.Mtx 2005-06-15 11:27 54 784 sfextra.dll 2003-12-08 10:01 487 424 43gcjvgahnu44.ths 2002-12-02 12:33 107 512 set46.tmp 9 fichier(s) 683 339 octets 0 R‚p(s) 35 708 710 912 octets libres

voici le rapport spy sweeper: ******** 14:08: | Début de session, 15 juin 2006 | 14:08: Spy Sweeper démarrée 14:08: Analyse lancée avec la version des définitions 699 14:08: Démarrage de l’analyse de la mémoire 14:12: Analyse de la mémoire terminée, temps passé : 00:03:36 14:12: Démarrage de l’analyse du Registre 14:13: Analyse du Registre terminée, temps passé :00:01:11 14:13: Démarrage de l’analyse des cookies 14:13: Trouvé Spy Cookie: 50881381 cookie 14:13: alexis@50881381[1].txt (ID = 1981) 14:13: Trouvé Spy Cookie: 888 cookie 14:13: alexis@888[1].txt (ID = 2019) 14:13: Trouvé Spy Cookie: yieldmanager cookie 14:13: alexis@ad.yieldmanager[1].txt (ID = 3751) 14:13: Trouvé Spy Cookie: hbmediapro cookie 14:13: alexis@adopt.hbmediapro[2].txt (ID = 2768) 14:13: Trouvé Spy Cookie: adprofile cookie 14:13: alexis@adprofile[2].txt (ID = 2084) 14:13: Trouvé Spy Cookie: apmebf cookie 14:13: alexis@apmebf[2].txt (ID = 2229) 14:13: Trouvé Spy Cookie: searchingbooth cookie 14:13: alexis@banners.searchingbooth[2].txt (ID = 3322) 14:13: Trouvé Spy Cookie: enhance cookie 14:13: alexis@c.enhance[1].txt (ID = 2614) 14:13: Trouvé Spy Cookie: cassava cookie 14:13: alexis@cassava[1].txt (ID = 2362) 14:13: Trouvé Spy Cookie: humanclick cookie 14:13: alexis@hc2.humanclick[1].txt (ID = 2810) 14:13: Trouvé Spy Cookie: top-banners cookie 14:13: alexis@media.top-banners[1].txt (ID = 3548) 14:13: Trouvé Spy Cookie: revenue.net cookie 14:13: alexis@revenue[1].txt (ID = 3257) 14:13: Trouvé Spy Cookie: statcounter cookie 14:13: alexis@statcounter[1].txt (ID = 3447) 14:13: Trouvé Spy Cookie: xiti cookie 14:13: alexis@xiti[1].txt (ID = 3717) 14:13: Trouvé Spy Cookie: zedo cookie 14:13: alexis@zedo[2].txt (ID = 3762) 14:13: Trouvé Spy Cookie: 2o7.net cookie 14:13: réjean@2o7[1].txt (ID = 1957) 14:13: réjean@50881381[2].txt (ID = 1981) 14:13: réjean@888[1].txt (ID = 2019) 14:13: réjean@ad.yieldmanager[1].txt (ID = 3751) 14:13: Trouvé Spy Cookie: addynamix cookie 14:13: réjean@ads.addynamix[2].txt (ID = 2062) 14:13: réjean@banners.searchingbooth[1].txt (ID = 3322) 14:13: Trouvé Spy Cookie: bluestreak cookie 14:13: réjean@bluestreak[1].txt (ID = 2314) 14:13: réjean@cassava[1].txt (ID = 2362) 14:13: Trouvé Spy Cookie: findwhat cookie 14:13: réjean@findwhat[1].txt (ID = 2674) 14:13: réjean@hc2.humanclick[1].txt (ID = 2810) 14:13: réjean@media.top-banners[1].txt (ID = 3548) 14:13: réjean@partygaming.122.2o7[1].txt (ID = 1958) 14:13: Trouvé Spy Cookie: realmedia cookie 14:13: réjean@realmedia[1].txt (ID = 3235) 14:13: réjean@revenue[1].txt (ID = 3257) 14:13: réjean@statcounter[2].txt (ID = 3447) 14:13: Trouvé Spy Cookie: reliablestats cookie 14:13: réjean@stats1.reliablestats[1].txt (ID = 3254) 14:13: Trouvé Spy Cookie: paypopup cookie 14:13: réjean@www.paypopup[2].txt (ID = 3120) 14:13: réjean@zedo[2].txt (ID = 3762) 14:13: Analyse des cookies terminée, temps passé : 00:00:03 14:13: Démarrage de l’analyse des fichiers 14:17: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 14:17: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 14:27: La Protection anti-communication d’espions a bloqué l’accès à : paypopup.com 14:27: La Protection anti-communication d’espions a bloqué l’accès à : paypopup.com 14:27: La Protection anti-communication d’espions a bloqué l’accès à : paypopup.com 14:27: La Protection anti-communication d’espions a bloqué l’accès à : paypopup.com 14:27: La Protection anti-communication d’espions a bloqué l’accès à : www.searchfeed.com 14:27: La Protection anti-communication d’espions a bloqué l’accès à : www.searchfeed.com 14:29: Trouvé Adware: meetstream dialer 14:29: a0001719.dll (ID = 69345) 14:44: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 14:44: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 14:45: Trouvé Adware: surfsidekick 14:45: a0001726.exe (ID = 212831) 14:45: a0001725.config (ID = 212361) 14:45: Trouvé Adware: ezula ilookup 14:45: a0001728.dll (ID = 273239) 14:45: Trouvé Adware: fullcontext 14:45: a0001721.exe (ID = 268846) 14:48: Trouvé Trojan Horse: trojan-dh 14:48: a0001729.exe (ID = 303233) 14:50: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 14:50: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 14:51: a0001723.bat (ID = 212353) 14:51: a0001722.config (ID = 212358) 14:51: Trouvé Adware: command 14:51: a0001720.vbs (ID = 185675) 14:51: Trouvé System Monitor: potentially rootkit-masked files 14:54: Analyse des fichiers terminée, temps passé : 00:41:12 14:54: Analyse complète terminée. Durée 00:46:12 14:54: Traces trouvées : 43 14:55: Processus de suppression lancé. 14:55: Mise en quarantaine de toutes les traces : fullcontext 14:55: Mise en quarantaine de toutes les traces : potentially rootkit-masked files 14:55: potentially rootkit-masked files est en cours d'utilisation. Il sera supprimé au redémarrage. 14:55: Mise en quarantaine de toutes les traces : surfsidekick 14:55: Mise en quarantaine de toutes les traces : trojan-dh 14:55: Mise en quarantaine de toutes les traces : command 14:55: Mise en quarantaine de toutes les traces : ezula ilookup 14:55: Mise en quarantaine de toutes les traces : meetstream dialer 14:55: Mise en quarantaine de toutes les traces : 2o7.net cookie 14:55: Mise en quarantaine de toutes les traces : 50881381 cookie 14:55: Mise en quarantaine de toutes les traces : 888 cookie 14:55: Mise en quarantaine de toutes les traces : addynamix cookie 14:55: Mise en quarantaine de toutes les traces : adprofile cookie 14:55: Mise en quarantaine de toutes les traces : apmebf cookie 14:55: Mise en quarantaine de toutes les traces : bluestreak cookie 14:55: Mise en quarantaine de toutes les traces : cassava cookie 14:55: Mise en quarantaine de toutes les traces : enhance cookie 14:55: Mise en quarantaine de toutes les traces : findwhat cookie 14:55: Mise en quarantaine de toutes les traces : hbmediapro cookie 14:55: Mise en quarantaine de toutes les traces : humanclick cookie 14:55: Mise en quarantaine de toutes les traces : paypopup cookie 14:55: Mise en quarantaine de toutes les traces : realmedia cookie 14:55: Mise en quarantaine de toutes les traces : reliablestats cookie 14:55: Mise en quarantaine de toutes les traces : revenue.net cookie 14:55: Mise en quarantaine de toutes les traces : searchingbooth cookie 14:55: Mise en quarantaine de toutes les traces : statcounter cookie 14:55: Mise en quarantaine de toutes les traces : top-banners cookie 14:55: Mise en quarantaine de toutes les traces : xiti cookie 14:55: Mise en quarantaine de toutes les traces : yieldmanager cookie 14:55: Mise en quarantaine de toutes les traces : zedo cookie 14:55: Préparation du redémarrage de votre ordinateur. Veuillez patienter... 14:55: Processus de suppression lancé. Durée 00:00:36

voici le rapport de windatfind (j'ai enlever les 2004 et - car ça rentrait pas dans le forum p.s. non, mon explorer plantait avant que j'installe killbox. Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\ 2006-06-15 15:01 0 dirdat.txt 2006-06-15 14:57 467 845 120 hiberfil.sys 2006-06-15 14:57 704 643 072 pagefile.sys 2006-06-11 22:33 12 630 AVSCAN-20060611-214534-A86CA4F8.LOG 2006-06-10 14:38 158 908 SpybotSD.Results.txt 2006-06-06 19:19 6 351 Nouveau Document texte.txt 2006-06-06 19:19 10 816 112 antivir_workstation_win7u_en_h.exe 2006-05-17 02:20 17 d.bat 2006-04-26 23:16 184 320 PlayerHost.dll 2006-04-26 17:05 216 boot.ini 2006-04-10 16:56 156 054 SpybotSD.Report.txt 2006-02-28 12:55 1 463 ip.txt 2005-12-09 19:51 25 AUTOEXEC.BAT 2005-12-09 17:57 2 174 400 2mo-file 2005-09-28 21:19 6 764 Lisez Moi.htm 2005-09-22 09:28 0 MSDOS.SYS 2005-09-22 09:28 0 AUTOEXEC.SYD 2005-09-22 09:28 0 IO.SYS 2004-08-05 08:00 4 952 Bootfont.bin 2004-08-05 08:00 251 712 ntldr 2004-08-05 08:00 47 564 NTDETECT.COM 21 fichier(s) 1 186 309 680 octets 0 R‚p(s) 35 732 889 600 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\WINDOWS\system32 2006-06-15 15:00 20 480 Thumbs.db 2006-06-15 14:58 2 206 wpa.dbl 2006-06-15 12:34 2 550 Uninstall.ico 2006-06-15 12:34 1 406 Help.ico 2006-06-15 12:34 30 590 pavas.ico 2006-06-14 20:14 45 initdebug.nfo 2006-06-11 11:53 57 384 avsda.dll 2006-06-05 18:30 0 asfiles.txt 2006-06-02 23:49 158 752 FNTCACHE.DAT 2006-05-29 21:28 87 ssprs.tgz 2006-05-29 21:28 73 ssprs.dll 2006-05-29 21:28 219 lsprst7.tgz 2006-05-29 21:28 205 lsprst7.dll 2006-05-29 21:28 1 025 clauth1.dll 2006-05-29 21:28 1 025 clauth2.dll 2006-05-29 21:28 1 025 sysprs7.dll 2006-05-29 21:28 1 025 sysprs7.tgz 2006-05-23 17:26 579 888 LegitCheckControl.dll 2006-05-23 17:25 402 736 WgaLogon.dll 2006-05-23 17:25 285 488 WgaTray.exe 2006-05-04 00:26 5 818 784 MRT.exe 2006-04-26 20:04 43 520 CmdLineExt03.dll 2006-04-25 10:28 421 888 RealMediaSplitter.ax 2006-04-24 18:29 9 158 TitanPokerIconDropTRA107.ico 2006-04-07 23:47 3 072 CONFIG.NT 2006-04-06 10:54 73 728 asuninst.exe 2006-04-03 11:40 14 048 spmsg.dll 2006-04-03 10:59 128 xposer.cfg 2006-04-03 10:59 128 asinst.cfg 2006-04-02 09:26 75 464 perfc00C.dat 2006-04-02 09:26 401 262 perfh009.dat 2006-04-02 09:26 468 310 perfh00C.dat 2006-04-02 09:26 1 018 888 PerfStringBackup.INI 2006-04-02 09:26 62 542 perfc009.dat 2006-03-30 05:29 1 495 040 shdocvw.dll 2006-03-29 21:52 25 088 xpsp3res.dll 2006-03-29 16:47 196 712 Targets.dat 2006-03-25 13:53 3 262 win2000.ico 2006-03-23 16:32 3 076 608 mshtml.dll 2006-03-18 07:07 616 448 urlmon.dll 2006-03-17 05:11 679 424 inetcomm.dll 2006-03-17 00:07 8 508 416 shell32.dll 2006-03-16 20:38 28 672 verclsid.exe 2006-03-10 06:09 5 533 696 wmp.dll 2006-03-04 00:00 667 648 wininet.dll 2006-03-04 00:00 474 624 shlwapi.dll 2006-03-04 00:00 39 424 pngfilt.dll 2006-03-04 00:00 532 480 mstime.dll 2006-03-04 00:00 448 512 mshtmled.dll 2006-03-04 00:00 146 432 msrating.dll 2006-03-04 00:00 251 904 iepeers.dll 2006-03-04 00:00 96 768 inseng.dll 2006-03-04 00:00 55 808 extmgr.dll 2006-03-04 00:00 152 064 cdfview.dll 2006-03-04 00:00 205 312 dxtrans.dll 2006-03-04 00:00 1 056 768 danim.dll 2006-03-04 00:00 1 022 976 browseui.dll 2006-03-01 15:42 11 776 xolehlp.dll 2006-03-01 15:42 161 280 msdtcuiu.dll 2006-03-01 15:42 91 136 mtxoci.dll 2006-03-01 15:42 66 560 mtxclu.dll 2006-03-01 15:42 426 496 msdtcprx.dll 2006-03-01 15:42 956 416 msdtctm.dll 2006-02-26 22:52 21 840 SIntfNT.dll 2006-02-26 22:52 17 212 SIntf32.dll 2006-02-26 22:52 12 067 SIntf16.dll 2006-02-23 11:22 1 047 552 mfc71u.dll 2006-02-14 22:53 176 167 rmoc3260.dll 2006-02-14 22:53 6 656 pndx5016.dll 2006-02-14 22:53 5 632 pndx5032.dll 2006-02-14 22:53 278 528 pncrt.dll 2006-01-27 18:38 503 296 aswBoot.exe 2006-01-27 18:30 90 112 AVASTSS.scr 2006-01-25 11:13 492 544 WRLogonNtf.dll 2006-01-25 11:13 8 192 ssiefr.EXE 2006-01-25 11:13 17 920 wrlzma.dll 2006-01-03 23:35 68 096 webclnt.dll 2005-12-28 22:56 280 064 gdi32.dll 2005-12-18 14:53 604 T2 2005-12-14 04:24 118 784 sirenacm.dll 2005-12-02 08:50 238 $winnt$.inf 2005-12-02 08:50 320 results.txt 2005-10-29 01:53 86 016 pintool.exe 2005-10-29 01:53 26 112 bcsprsrc.dll 2005-10-29 01:25 133 120 axaltocm.dll 2005-10-29 01:25 151 552 ifxcardm.dll 2005-10-28 17:40 96 792 basecsp.dll 2005-10-20 18:25 1 097 728 esent.dll 2005-10-17 21:58 65 536 QuickTimeVR.qtx 2005-10-17 21:57 49 152 QuickTime.qts 2005-10-17 17:21 118 272 t2embed.dll 2005-10-17 17:21 80 896 fontsub.dll 2005-10-05 23:08 1 839 616 win32k.sys 2005-09-30 11:51 624 oeminfo.ini 2005-09-23 08:28 74 240 mscories.dll 2005-09-23 08:28 270 848 mscoree.dll 2005-09-23 08:28 150 016 mscorier.dll 2005-09-23 08:28 83 456 dfshim.dll 2005-09-23 01:05 2 918 jupdate-1.5.0_02-b09.log 2005-09-23 00:40 23 392 nscompat.tlb 2005-09-23 00:40 16 832 amcompat.tlb 2005-09-22 18:12 333 $ncsp$.inf 2005-09-22 09:26 488 logonui.exe.manifest 2005-09-22 09:26 488 WindowsLogon.manifest 2005-09-22 09:26 749 cdplayer.exe.manifest 2005-09-22 09:26 749 wuaucpl.cpl.manifest 2005-09-22 09:26 749 sapi.cpl.manifest 2005-09-22 09:26 749 ncpa.cpl.manifest 2005-09-22 09:26 749 nwc.cpl.manifest 2005-09-22 09:25 21 892 emptyregdb.dat 2005-09-22 04:22 0 h323log.txt 2005-09-09 21:55 2 067 968 cdosys.dll 2005-09-07 14:56 24 576 TSBWLS.dll 2005-08-31 21:43 19 968 linkinfo.dll 2005-08-31 21:43 292 352 winsrv.dll 2005-08-29 23:55 1 293 312 quartz.dll 2005-08-25 18:18 118 784 MSSTDFMT.DLL 2005-08-22 23:39 124 928 umpnpmgr.dll 2005-08-22 14:35 197 632 netman.dll 2005-08-12 12:14 1 171 456 TPwrSave.cpl 2005-08-12 12:14 266 240 TPSMain.exe 2005-08-12 12:14 49 152 TPSDel.dll 2005-08-12 12:14 40 960 TPSMainCtl.dll 2005-08-12 12:14 86 016 CpuPerf.dll 2005-08-12 12:14 45 056 TPwrCfg.dll 2005-08-12 12:14 40 960 TPSBattM.exe 2005-08-12 12:14 40 960 TPSAddin.dll 2005-08-12 12:14 49 152 TPSTrace.dll 2005-08-12 12:13 77 824 TPwrReg.dll 2005-08-10 07:02 0 px.ini 2005-08-03 15:09 368 640 HWSetup.cpl 2005-08-02 11:39 40 960 HWS_Ctrl.dll 2005-08-01 06:10 61 500 DLAAPI_W.DLL 2005-07-30 09:27 405 504 Px.dll 2005-07-30 09:26 172 032 PxMas.dll 2005-07-30 09:25 339 968 PxWave.dll 2005-07-26 04:01 430 080 pxdrv.dll 2005-07-26 00:29 101 376 txflog.dll 2005-07-26 00:29 398 336 rpcss.dll 2005-07-26 00:29 75 264 olecli32.dll 2005-07-26 00:29 37 376 olecnv32.dll 2005-07-26 00:29 243 200 es.dll 2005-07-26 00:29 540 160 comuid.dll 2005-07-26 00:29 1 267 200 comsvcs.dll 2005-07-26 00:29 97 792 comrepl.dll 2005-07-26 00:29 60 416 colbact.dll 2005-07-26 00:29 498 688 clbcatq.dll 2005-07-26 00:29 110 080 clbcatex.dll 2005-07-26 00:29 625 152 catsrvut.dll 2005-07-26 00:29 225 792 catsrv.dll 2005-07-25 22:29 1 285 632 ole32.dll 2005-07-12 19:04 23 304 GWFSPidGen.dll 2005-07-08 12:28 249 344 tapisrv.dll 2005-07-08 12:28 76 800 remotesp.tsp 2005-07-05 13:01 307 200 atiiiexx.dll 2005-07-05 12:33 241 664 ATIDEMGR.dll 2005-07-05 11:52 6 684 672 atioglx1.dll 2005-07-05 10:51 4 857 856 atioglxx.dll 2005-07-05 10:36 232 960 ati2dvag.dll 2005-07-05 10:32 94 208 atipdlxx.dll 2005-07-05 10:32 73 728 Oemdspif.dll 2005-07-05 10:31 25 088 Ati2mdxx.exe 2005-07-05 10:31 39 936 ati2edxx.dll 2005-07-05 10:31 46 080 ati2evxx.dll 2005-07-05 10:30 376 832 ati2evxx.exe 2005-07-05 10:30 53 248 ATIDDC.DLL 2005-07-05 10:23 2 360 736 ati3duag.dll 2005-07-05 10:18 648 000 ativvaxx.dll 2005-07-05 10:08 143 360 atikvmag.dll 2005-07-05 09:46 17 408 atitvo32.dll 2005-07-05 09:41 208 896 ati2cqag.dll 2005-06-28 21:49 74 240 mscms.dll 2005-06-28 21:49 254 976 icm32.dll 2005-06-28 09:21 22 752 spupdsvc.exe 2005-06-26 14:13 366 832 msscp.dll 2005-06-22 19:03 151 552 pxwma.dll 2005-06-22 02:00 28 672 VXBLOCK.dll 2005-06-20 11:24 28 672 TPeculiarity.dll 2005-06-15 13:50 295 936 kerberos.dll 2005-06-15 10:55 4 096 speedfan.sys 2005-06-14 04:00 56 832 pxcpya64.exe 2005-06-14 04:00 108 544 pxcpyi64.exe 2005-06-10 19:53 57 856 spoolsv.exe 2005-06-10 04:59 95 617 atiicdxx.dat 2005-06-06 10:58 24 576 ZoomingHook.exe 2005-06-06 10:44 24 576 SPCtl.dll 2005-06-06 10:39 24 576 EKECioCtl.dll 2005-06-03 20:32 28 672 EBLib.DLL 2005-05-31 11:20 79 432 GEARAspi.dll 2005-05-26 22:08 137 216 itss.dll 2005-05-26 22:08 155 136 itircl.dll 2005-05-26 22:08 41 472 hhsetup.dll 2005-05-26 22:08 546 304 hhctrl.ocx 2005-05-26 06:16 195 352 wuaueng1.dll 2005-05-26 06:16 175 896 wuaucpl.cpl 2005-05-26 06:16 128 792 wucltui.dll 2005-05-26 06:16 125 720 wuauclt.exe 2005-05-26 06:16 41 240 wups.dll 2005-05-26 06:16 175 896 wuauclt1.exe 2005-05-26 06:16 18 200 wups2.dll 2005-05-26 06:16 173 536 wuweb.dll 2005-05-26 06:16 1 343 768 wuaueng.dll 2005-05-26 06:16 467 224 wuapi.dll 2005-05-26 06:16 198 424 iuengine.dll 2005-05-26 06:16 75 544 cdm.dll 2005-05-26 05:19 178 408 muweb.dll 2005-05-26 05:16 128 744 mucltui.dll 2005-05-10 22:30 78 336 telnet.exe 2005-05-09 08:47 5 396 atifglpf.xml 2005-05-06 18:33 69 632 TvsCtrl.dll 2005-05-04 15:45 2 890 240 msi.dll 2005-04-25 12:42 278 528 ActiveID.ocx 2005-04-25 05:03 61 440 pxhpinst.exe 2005-04-25 05:03 56 320 pxinsa64.exe 2005-04-25 05:03 109 568 pxinsi64.exe 2005-04-22 07:36 135 168 DVDMenu.dll 2005-04-21 14:16 1 006 080 syssetup.dll 2005-04-15 15:39 1 085 440 ActiveBroadcast.ocx 2005-04-15 14:04 1 032 192 ActiveReceiver.ocx 2005-04-14 12:27 1 712 201 InetClnt.dll 2005-04-11 16:58 516 096 TOSCDSPD.cpl 2005-04-05 21:33 10 177 tosmreg.ini 2005-04-05 18:53 110 592 cselect.exe 2005-03-27 19:36 389 120 athcfg11.dll 2005-03-21 16:00 15 360 msisip.dll 2005-03-21 16:00 884 736 msimsg.dll 2005-03-21 16:00 271 360 msihnd.dll 2005-03-21 16:00 78 848 msiexec.exe 2005-03-04 04:36 127 078 javaws.exe 2005-03-04 04:36 49 265 jpicpl32.cpl 2005-03-04 03:07 49 250 javaw.exe 2005-03-04 03:06 49 248 java.exe 2005-03-02 14:10 56 832 authz.dll 2005-03-02 14:10 578 048 user32.dll 2005-03-02 14:08 2 181 376 ntoskrnl.exe 2005-03-02 14:07 2 058 880 ntkrnlpa.exe 2005-02-24 16:57 32 768 RmWLAN.exe 2005-02-24 16:26 163 840 MFCFirstRemove.exe 2005-01-31 11:54 209 608 Tabctl32.ocx 2005-01-31 11:54 140 096 Comdlg32.ocx 2005-01-31 11:54 647 872 Mscomct2.ocx 2005-01-28 14:44 10 752 wpdtrace.dll 2005-01-28 14:44 173 568 MsPMSP.dll 2005-01-28 14:44 38 912 wpd_ci.dll 2005-01-28 14:44 96 768 logagent.exe 2005-01-28 14:44 6 656 laprxy.dll 2005-01-28 14:44 331 776 wpdmtpdr.dll 2005-01-28 14:44 114 176 wpdmtp.dll 2005-01-28 14:44 142 336 msnetobj.dll 2005-01-28 14:44 224 768 wmasf.dll 2005-01-28 14:44 331 264 wpdsp.dll 2005-01-28 14:44 1 003 008 wmvdmoe2.dll 2005-01-28 14:44 66 560 wpdmtpus.dll 2005-01-28 14:44 895 736 wmvdmod.dll 2005-01-28 14:44 2 370 296 wmvcore.dll 2005-01-28 14:44 25 088 MsPMSNSv.dll 2005-01-28 14:44 1 512 448 WMVADVE.DLL 2005-01-28 14:44 61 952 wpdconns.dll 2005-01-28 14:44 38 912 wdfmgr.exe 2005-01-28 14:44 1 218 808 wmvadvd.dll 2005-01-28 14:44 940 544 wmspdmoe.dll 2005-01-28 14:44 396 528 wmadmod.dll 2005-01-28 14:44 413 944 wmspdmod.dll 2005-01-28 14:44 315 904 MSWMDM.dll 2005-01-28 14:44 47 104 uwdf.exe 2005-01-28 14:44 1 119 744 wmsdmoe2.dll 2005-01-28 14:44 774 904 wmsdmod.dll 2005-01-28 14:44 1 027 072 wmnetmgr.dll 2005-01-28 14:44 150 016 wmidx.dll 2005-01-28 14:44 28 160 WMDMLOG.dll 2005-01-28 14:44 164 864 cewmdm.dll 2005-01-28 14:44 33 792 WMDMPS.dll 2005-01-28 14:44 15 872 wdfapi.dll 2005-01-28 14:44 221 184 qasf.dll 2005-01-28 14:44 716 288 wmadmoe.dll 2005-01-28 14:44 290 816 WMDRMNet.dll 2005-01-28 14:44 502 272 drmv2clt.dll 2005-01-28 14:44 96 768 drmstor.dll 2005-01-28 14:44 258 296 drmclien.dll 2005-01-28 14:44 294 912 blackbox.dll 2005-01-28 14:44 335 872 WMDRMdev.dll 2005-01-26 20:47 1 006 592 msgina.dll 1983 fichier(s) 362 890 450 octets 0 R‚p(s) 35 732 750 336 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\WINDOWS 2006-06-15 15:00 49 152 Thumbs.db 2006-06-15 14:59 1 508 865 WindowsUpdate.log 2006-06-15 14:58 0 0.log 2006-06-15 14:57 2 048 bootstat.dat 2006-06-15 14:57 32 522 SchedLgU.Txt 2006-06-15 14:27 1 125 winamp.ini 2006-06-15 12:34 32 pavsig.txt 2006-06-14 23:10 12 213 mozver.dat 2006-06-14 21:47 2 860 508 ntbtlog.txt 2006-06-14 21:44 311 wiadebug.log 2006-06-14 21:38 4 158 win.ini 2006-06-12 11:07 328 480 setupapi.log 2006-06-11 22:07 35 872 wmsetup.log 2006-06-06 19:32 2 806 setupact.log 2006-06-05 20:14 4 141 spupdsvc.log 2006-06-05 20:12 9 012 WgaNotify.log 2006-06-05 20:12 25 033 updspapi.log 2006-06-05 20:11 7 358 WGA.log 2006-06-05 17:28 4 039 DirectX.log 2006-05-28 09:34 1 635 cfg32.exe 2006-05-20 22:34 60 GOTO.INI 2006-05-20 16:01 286 720 iun506.exe 2006-05-11 09:56 148 kebxsmed.ini 2006-05-10 07:20 40 639 iis6.log 2006-05-10 07:20 49 840 ntdtcsetup.log 2006-05-10 07:20 82 213 comsetup.log 2006-05-10 07:20 96 136 tsoc.log 2006-05-10 07:20 1 374 imsins.log 2006-05-10 07:20 13 680 ocmsn.log 2006-05-10 07:20 15 704 KB913580.log 2006-05-10 07:20 116 640 ocgen.log 2006-05-10 07:20 12 360 msgsocm.log 2006-05-10 07:20 247 306 FaxSetup.log 2006-04-26 17:05 327 SYSTEM.INI 2006-04-26 07:03 1 374 imsins.BAK 2006-04-26 07:03 12 135 KB900485.log 2006-04-13 23:50 18 245 KB908531.log 2006-04-13 23:42 15 071 KB911562.log 2006-04-13 23:42 17 671 KB912812.log 2006-04-13 16:22 13 852 KB911565.log 2006-04-13 16:22 11 365 KB911567.log 2006-04-08 11:57 0 win320942-198720232006.exe 2006-04-08 08:22 148 slhmpgwv.ini 2006-04-07 23:07 488 ODBC.INI 2006-03-27 21:18 148 fjnlrtwn.ini 2006-03-24 20:44 341 ST6UNST.000 2006-03-24 20:44 73 216 ST6UNST.EXE 2006-03-24 17:35 29 803 DIIUnin.dat 2006-03-23 20:45 0 sys02987202342-12006.exe 2006-03-21 17:46 0 sys011987202342-2006.exe 2006-03-21 17:45 0 win32102-1987202342006.exe 2006-03-10 22:58 335 nsreg.dat 2006-03-02 07:35 0 winsysupd121.dat 2006-02-27 19:31 0 gimmygames.dat 2006-02-27 11:52 2 829 DIIUnin.pif 2006-02-27 11:52 94 208 DIIUnin.exe 2006-02-25 16:45 8 306 ModemLog_TOSHIBA Software Modem.txt 2006-02-15 13:30 11 301 KB911927.log 2006-02-15 13:30 6 861 KB911564.log 2006-02-15 13:29 6 975 KB913446.log 2006-02-12 06:30 0 TPTray.INI 2006-01-27 14:20 479 Uninst2.htm 2006-01-25 11:14 478 720 WRUninstall.dll 2006-01-22 14:37 5 657 192 Hero Editor.CAB 2006-01-12 06:43 10 705 KB908519.log 2006-01-07 18:30 11 662 KB912919.log 2005-12-28 15:04 460 wmsetup10.log 2005-12-28 11:21 4 096 d3dx.dat 2005-12-19 23:38 747 hpwd4500.log 2005-12-19 18:13 90 ARPR.INI 2005-12-18 14:53 604 STLL Notifier 2005-12-18 14:53 604 T4 2005-12-18 14:53 604 T3 2005-12-16 23:10 10 262 KB910437.log 2005-12-16 23:10 16 593 KB905915.log 2005-12-10 22:48 831 ST4UNST.000 2005-12-10 17:34 335 GEARInstall.log 2005-12-09 18:57 347 Support.log 2005-12-09 18:57 349 Suppold.log 2005-12-09 18:35 90 dun.bat 2005-12-09 18:35 436 stci.ini 2005-12-09 12:18 87 NetwkCfg.txt 2005-12-09 12:11 1 468 checkip.dat 2005-12-05 17:36 153 409 setuplog.txt 2005-12-03 16:29 227 SYSTEM.SYD 2005-12-03 00:23 690 OEWABLog.txt 2005-12-02 19:57 0 Sti_Trace.log 2005-12-02 09:01 4 635 KB902344.log 2005-12-02 08:48 1 717 sessmgr.setup.log 2005-12-02 08:48 508 DtcInstall.log 2005-12-02 08:47 3 456 regopt.log 2005-12-02 08:47 0 setuperr.log 2005-12-01 21:51 25 609 WMCSetup.log 2005-12-01 21:51 22 444 basecsp.log 2005-12-01 21:48 25 898 KB896424.log 2005-12-01 21:47 21 830 KB891122.log 2005-12-01 21:47 316 640 WMSysPr9.prx 2005-12-01 21:46 25 191 KB900725.log 2005-12-01 21:46 22 780 KB905749.log 2005-12-01 21:46 23 898 KB896688.log 2005-12-01 21:46 17 308 KB904706.log 2005-12-01 21:46 17 616 KB905414.log 2005-12-01 21:46 16 799 KB901017.log 2005-12-01 21:45 21 163 KB902400.log 2005-12-01 21:42 11 416 KB894391.log 2005-12-01 21:42 11 220 KB896423.log 2005-12-01 21:42 10 705 KB899587.log 2005-12-01 21:42 10 209 KB899591.log 2005-12-01 21:42 10 317 KB893756.log 2005-12-01 21:42 9 135 KB900930.log 2005-12-01 21:42 10 588 KB890859.log 2005-12-01 21:42 5 088 KB898458.log 2005-12-01 21:42 7 097 KB896428.log 2005-12-01 21:42 6 018 KB890046.log 2005-12-01 21:41 5 239 KB887742.log 2005-12-01 21:41 10 775 KB887797.log 2005-12-01 20:51 8 863 KB898461.log 2005-12-01 20:51 6 597 KB893803v2.log 2005-10-10 19:29 510 Unist1.htm 2005-09-23 01:06 0 NDSTray.INI 2005-09-23 01:03 222 wininit.ini 2005-09-23 00:54 0 CeEKey.INI 2005-09-23 00:46 138 Fn-esse.UNI 2005-09-22 18:12 61 smscfg.ini 2005-09-22 14:20 8 192 REGLOCS.OLD 2005-09-22 09:33 193 507 orun32.isu 2005-09-22 09:33 829 orun32.ini 2005-09-22 09:28 0 control.ini 2005-09-22 09:27 4 205 ODBCINST.INI 2005-09-22 09:26 749 WindowsShell.Manifest 2005-09-22 09:25 37 vbaddin.ini 2005-09-22 09:25 36 vb.ini 2005-08-01 06:10 94 263 DLA.EXE 2005-06-10 04:59 95 617 atiicdxx.dat 2005-05-26 19:22 10 752 hh.exe 2005-04-07 18:11 2 949 176 WATER.BMP 2005-04-07 18:10 2 949 176 MASS.BMP 2005-04-07 18:09 3 932 216 ORGANICMETAL.BMP 2005-04-07 18:09 2 949 176 FLUXMETAL.BMP 2005-04-07 18:09 2 949 176 GLASS.BMP 2005-03-02 08:21 200 704 alcrmv.exe 2005-03-01 04:49 192 512 RtlExUpd.dll 2005-02-03 03:13 294 912 alcupd.exe 2005-01-10 04:48 147 456 UNINST32.EXE 212 fichier(s) 56 362 494 octets 0 R‚p(s) 35 732 754 432 octets libres Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\DOCUME~1\Alexis\LOCALS~1\Temp 2006-06-15 11:26 16 384 ~DF8BA8.tmp 2006-06-14 19:16 693 TWAIN.LOG 2006-06-14 19:16 156 Twunk001.MTX 2006-06-14 19:16 0 Twunk002.MTX 2006-06-14 19:16 2 Twain001.Mtx 2005-06-15 11:27 54 784 sfextra.dll 2003-12-08 10:01 487 424 43gcjvgahnu44.ths 2002-12-02 12:33 107 512 set46.tmp 8 fichier(s) 666 955 octets 0 R‚p(s) 35 732 758 528 octets libres

mon explorer a planté apres avoir tout remplis et j'ai tout perdu les informations des scans je sais pas si je vais être obliger de tout recommencer mais voici un résumé je n'ai pas le fichier nsb8D.dll, pour les autres fichiers, il n'a eu aucune détections, voici le rapport de panda : Incident Statut Analyse Spyware:Cookie/Rn11 No Désinfecté C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\j7lo330n.slt\cookies.txt[.rn11.com/] Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@888[1].txt Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@ad.yieldmanager[1].txt Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@adopt.hbmediapro[2].txt Spyware:Cookie/Apmebf No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@apmebf[2].txt Spyware:Cookie/nCase No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@banners.searchingbooth[2].txt Spyware:Cookie/Cassava No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@cassava[1].txt Spyware:Cookie/Humanclick No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@hc2.humanclick[1].txt Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@revenue[1].txt Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@statcounter[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@xiti[1].txt Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@zedo[2].txt

voici le rapport je n'ai pas réussi à supprimer ce fichier car il était utilisé par un autre fichier : C:\WINDOWS\cfg32.exe je n'ai pas trouvé ce fichier (oui, je voyais les fichiers cachés): C:\WINDOWS\System32\wnstssv.exe ******** 21:55: | Début de session, 14 juin 2006 | 21:55: Spy Sweeper démarrée 21:55: Analyse lancée avec la version des définitions 699 21:55: Démarrage de l’analyse de la mémoire 21:58: Analyse de la mémoire terminée, temps passé : 00:02:11 21:58: Démarrage de l’analyse du Registre 21:58: Trouvé Adware: internetoptimizer 21:58: HKCR\dyfuca_bh_bucket.bucket.1\ (3 traces secondaires) (ID = 128883) 21:58: HKCR\dyfuca_bh_bucket.bucket\ (5 traces secondaires) (ID = 128884) 21:58: HKLM\software\classes\dyfuca_bh_bucket.bucket.1\ (3 traces secondaires) (ID = 128894) 21:58: HKLM\software\classes\dyfuca_bh_bucket.bucket\ (5 traces secondaires) (ID = 128895) 21:58: HKLM\software\classes\typelib\{b999b42b-863d-4a6c-aa2b-ce6d2137d628}\ (9 traces secondaires) (ID = 128897) 21:58: HKLM\software\microsoft\windows\currentversion\uninstall\tcontext\ (2 traces secondaires) (ID = 128926) 21:58: HKCR\typelib\{b999b42b-863d-4a6c-aa2b-ce6d2137d628}\ (9 traces secondaires) (ID = 128933) 21:58: Trouvé Adware: moneytree 21:58: HKCR\typelib\{b999b42b-863d-4a6c-aa2b-ce6d2137d628}\ (9 traces secondaires) (ID = 128933) 21:58: Trouvé Adware: meetstream dialer 21:58: HKCR\newmsgbutton.msgalertbutton\ (5 traces secondaires) (ID = 134908) 21:58: HKCR\clsid\{d32e12a5-f4e1-4f99-8c80-4a0c494430a5}\ (20 traces secondaires) (ID = 134909) 21:58: HKCR\typelib\{fc6fd306-e83b-496c-9a48-bc18a26dfa09}\ (9 traces secondaires) (ID = 134910) 21:58: HKLM\software\classes\newmsgbutton.msgalertbutton\ (5 traces secondaires) (ID = 134911) 21:58: HKLM\software\classes\clsid\{d32e12a5-f4e1-4f99-8c80-4a0c494430a5}\ (20 traces secondaires) (ID = 134912) 21:58: HKLM\software\classes\typelib\{fc6fd306-e83b-496c-9a48-bc18a26dfa09}\ (9 traces secondaires) (ID = 134913) 21:58: HKLM\software\classes\newmsgbutton.msgalertbutton.1\ (3 traces secondaires) (ID = 134914) 21:58: HKCR\newmsgbutton.msgalertbutton.1\ (3 traces secondaires) (ID = 134915) 21:58: HKLM\software\classes\typelib\{b999b42b-863d-4a6c-aa2b-ce6d2137d628}\1.0\0\win32\ (1 traces secondaires) (ID = 135203) 21:58: HKLM\software\classes\typelib\{b999b42b-863d-4a6c-aa2b-ce6d2137d628}\1.0\flags\ (1 traces secondaires) (ID = 135204) 21:58: HKLM\software\classes\typelib\{b999b42b-863d-4a6c-aa2b-ce6d2137d628}\1.0\helpdir\ (1 traces secondaires) (ID = 135205) 21:58: Trouvé Adware: enbrowser 21:58: HKLM\software\system\sysold\ (5 traces secondaires) (ID = 926808) 21:58: Trouvé Adware: command 21:58: HKLM\system\currentcontrolset\services\cmdservice\ (5 traces secondaires) (ID = 958670) 21:58: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\0000\ (6 traces secondaires) (ID = 1016064) 21:58: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\ (8 traces secondaires) (ID = 1016072) 21:58: Trouvé Adware: fullcontext 21:58: HKCR\clsid\{994d478a-45d0-4db4-ae77-288b1e346e99}\ (4 traces secondaires) (ID = 1190252) 21:58: HKCR\typelib\{1b8b502e-455b-4022-be77-fb6d9f808a18}\ (9 traces secondaires) (ID = 1190257) 21:58: HKLM\software\classes\clsid\{994d478a-45d0-4db4-ae77-288b1e346e99}\ (4 traces secondaires) (ID = 1190291) 21:58: HKLM\software\classes\typelib\{1b8b502e-455b-4022-be77-fb6d9f808a18}\ (9 traces secondaires) (ID = 1190296) 21:58: Trouvé Adware: superlogy search hijacker 21:58: HKCR\bmg3.longtooth\ (3 traces secondaires) (ID = 1239270) 21:58: HKCR\clsid\{8110581c-fea4-47ac-adbc-de958dd0f354}\ (13 traces secondaires) (ID = 1239274) 21:58: HKCR\typelib\{41afb9c6-3397-4333-a0d9-6b57f86a7b62}\ (9 traces secondaires) (ID = 1239288) 21:58: HKLM\software\classes\bmg3.longtooth\ (3 traces secondaires) (ID = 1239309) 21:58: HKLM\software\classes\clsid\{8110581c-fea4-47ac-adbc-de958dd0f354}\ (13 traces secondaires) (ID = 1239313) 21:58: HKLM\software\classes\typelib\{41afb9c6-3397-4333-a0d9-6b57f86a7b62}\ (9 traces secondaires) (ID = 1239327) 21:58: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\{8110581c-fea4-47ac-adbc-de958dd0f354}.dll (ID = 1239340) 21:58: HKCR\clsid\{8110581c-fea4-47ac-adbc-de958dd0f354}\inprocserver32\ (ID = 1239342) 21:58: HKU\S-1-5-21-2378468875-2328275169-2517897983-1007\software\system\sysuid\ (1 traces secondaires) (ID = 731748) 21:58: HKU\S-1-5-21-2378468875-2328275169-2517897983-1007\software\eqadvice\ (1 traces secondaires) (ID = 1190273) 21:58: HKU\S-1-5-21-2378468875-2328275169-2517897983-1007\software\fcadvice\ (3 traces secondaires) (ID = 1190282) 21:58: Trouvé Adware: e2g 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\ptech\ (8 traces secondaires) (ID = 125528) 21:58: Trouvé Adware: surfsidekick 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\internet explorer\urlsearchhooks\ || {02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 143397) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\run\ || surfsidekick 3 (ID = 143403) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\internet explorer\urlsearchhooks\ || _{02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 165102) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\system\sysuid\ (1 traces secondaires) (ID = 731748) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\run\ || cu1 (ID = 1140965) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\run\ || cu2 (ID = 1140966) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\eqadvice\ (8 traces secondaires) (ID = 1190273) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\fcadvice\ (3 traces secondaires) (ID = 1190282) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\run\ || eqadvice (ID = 1250537) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\axvenore\ (7 traces secondaires) (ID = 1344816) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\pecarlin\ (10 traces secondaires) (ID = 1344833) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\run\ || axvenore (ID = 1354027) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\run\ || pecarlin (ID = 1354028) 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\run\ || pecarlin (ID = 1382304) 21:58: Trouvé Adware: targetsaver 21:58: HKU\WRSS_Profile_S-1-5-21-2378468875-2328275169-2517897983-1006\software\microsoft\windows\currentversion\policies\explorer\run\ || winupdate.exe (ID = 1503283) 21:58: Analyse du Registre terminée, temps passé :00:00:22 21:58: Démarrage de l’analyse des cookies 21:58: Trouvé Spy Cookie: 50881381 cookie 21:58: réjean@50881381[1].txt (ID = 1981) 21:58: Trouvé Spy Cookie: 888 cookie 21:58: réjean@888[1].txt (ID = 2019) 21:58: Trouvé Spy Cookie: yieldmanager cookie 21:58: réjean@ad.yieldmanager[2].txt (ID = 3751) 21:58: Trouvé Spy Cookie: adknowledge cookie 21:58: réjean@adknowledge[2].txt (ID = 2072) 21:58: Trouvé Spy Cookie: hbmediapro cookie 21:58: réjean@adopt.hbmediapro[2].txt (ID = 2768) 21:58: Trouvé Spy Cookie: addynamix cookie 21:58: réjean@ads.addynamix[1].txt (ID = 2062) 21:58: Trouvé Spy Cookie: apmebf cookie 21:58: réjean@apmebf[2].txt (ID = 2229) 21:58: Trouvé Spy Cookie: searchingbooth cookie 21:58: réjean@banners.searchingbooth[1].txt (ID = 3322) 21:58: Trouvé Spy Cookie: cassava cookie 21:58: réjean@cassava[1].txt (ID = 2362) 21:58: Trouvé Spy Cookie: did-it cookie 21:58: réjean@did-it[1].txt (ID = 2523) 21:58: Trouvé Spy Cookie: exitexchange cookie 21:58: réjean@exitexchange[1].txt (ID = 2633) 21:58: Trouvé Spy Cookie: findwhat cookie 21:58: réjean@findwhat[1].txt (ID = 2674) 21:58: Trouvé Spy Cookie: maxserving cookie 21:58: réjean@maxserving[1].txt (ID = 2966) 21:58: Trouvé Spy Cookie: top-banners cookie 21:58: réjean@media.top-banners[1].txt (ID = 3548) 21:58: Trouvé Spy Cookie: partypoker cookie 21:58: réjean@partypoker[1].txt (ID = 3111) 21:58: Trouvé Spy Cookie: realmedia cookie 21:58: réjean@realmedia[2].txt (ID = 3235) 21:58: Trouvé Spy Cookie: revenue.net cookie 21:58: réjean@revenue[1].txt (ID = 3257) 21:58: Trouvé Spy Cookie: rn11 cookie 21:58: réjean@rn11[2].txt (ID = 3261) 21:58: Trouvé Spy Cookie: statcounter cookie 21:58: réjean@statcounter[2].txt (ID = 3447) 21:58: Trouvé Spy Cookie: videodome cookie 21:58: réjean@videodome[1].txt (ID = 3638) 21:58: Trouvé Spy Cookie: clickxchange adware cookie 21:58: system@www.clickxchange[1].txt (ID = 2409) 21:58: Analyse des cookies terminée, temps passé : 00:00:16 21:58: Démarrage de l’analyse des fichiers 22:01: c:\program files\eqadvice (ID = -2147454476) 22:01: c:\program files\common files\vcclient (7 traces secondaires) (ID = -2147461290) 22:13: newmsgbutton.dll (ID = 69345) 22:27: vocabulary (ID = 78283) 22:27: class-barrel (ID = 78229) 22:28: vcupdate.exe (ID = 212831) 22:28: vcupdate.exe.config (ID = 212361) 22:28: Trouvé Adware: ezula ilookup 22:28: nsb8d.dll (ID = 273239) 22:28: pf78ba.exe (ID = 268846) 22:31: Trouvé Trojan Horse: trojan-dh 22:31: wallp2.exe (ID = 303233) 22:32: sskknwrd.dll (ID = 77733) 22:33: clientupdater.bat (ID = 212353) 22:33: vcclient.exe.config (ID = 212358) 22:33: or5ntqir.vbs (ID = 185675) 22:33: Analyse des fichiers terminée, temps passé : 00:34:34 22:33: Analyse complète terminée. Durée 00:37:38 22:33: Traces trouvées : 360 ******** 21:39: | Début de session, 14 juin 2006 | 21:39: Spy Sweeper démarrée 21:40: Les définitions de logiciels espions ont été mises à jour. 21:40: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 21:40: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 21:40: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 21:40: La Protection anti-communication d’espions a bloqué l’accès à : count.exitexchange.com 21:54: Version du programme : 4.5.9 (Build 709) - Définitions de logiciels espions 699 21:55: | Fin de session, 14 juin 2006 |

humm je vois seulement les nouveaux post apres en avoir fait un sans faire un nouveau post, je vois jusqu'au post ou tu me dis qu'il manque une parti, je vois pas les post d'après bon ben je vais continuer d'éditer ce post jusqu'à ce que tu reponde ..

merci

2006-06-14 16:44 2 206 wpa.dbl 2006-06-11 21:39 14 336 Thumbs.db 2006-06-11 17:32 2 wnstssv.exe 2006-06-11 11:53 57 384 avsda.dll 2006-06-10 14:12 2 550 Uninstall.ico 2006-06-10 14:12 1 406 Help.ico 2006-06-10 14:12 30 590 pavas.ico 2006-06-07 19:27 0 lo2.txtt 2006-06-05 18:30 0 asfiles.txt 2006-06-02 23:49 158 752 FNTCACHE.DAT 2006-05-29 21:28 73 ssprs.dll 2006-05-29 21:28 87 ssprs.tgz 2006-05-29 21:28 219 lsprst7.tgz 2006-05-29 21:28 205 lsprst7.dll 2006-05-29 21:28 1 025 sysprs7.tgz 2006-05-29 21:28 1 025 clauth1.dll 2006-05-29 21:28 1 025 clauth2.dll 2006-05-29 21:28 1 025 sysprs7.dll 2006-05-24 22:17 91 646 ppicon126.ico 2006-05-24 17:42 1 094 w00eb103.ini 2006-05-23 17:26 579 888 LegitCheckControl.dll 2006-05-23 17:25 285 488 WgaTray.exe 2006-05-23 17:25 402 736 WgaLogon.dll 2006-05-07 00:06 33 012 tpuninstall.exe 2006-05-05 18:11 82 key.~ 2006-05-04 00:26 5 818 784 MRT.exe 2006-04-26 20:04 43 520 CmdLineExt03.dll 2006-04-25 10:28 421 888 RealMediaSplitter.ax 2006-04-24 18:29 9 158 TitanPokerIconDropTRA107.ico 2006-04-07 23:47 3 072 CONFIG.NT 2006-04-07 23:42 669 696 ALX7b.exe 2006-04-06 10:54 73 728 asuninst.exe 2006-04-03 11:40 14 048 spmsg.dll 2006-04-03 10:59 128 xposer.cfg 2006-04-03 10:59 128 asinst.cfg 2006-04-02 09:26 75 464 perfc00C.dat 2006-04-02 09:26 401 262 perfh009.dat 2006-04-02 09:26 468 310 perfh00C.dat 2006-04-02 09:26 62 542 perfc009.dat 2006-04-02 09:26 1 018 888 PerfStringBackup.INI 2006-03-30 05:29 1 495 040 shdocvw.dll 2006-03-29 21:52 25 088 xpsp3res.dll 2006-03-29 16:47 196 712 Targets.dat 2006-03-25 13:53 3 262 win2000.ico 2006-03-23 16:32 3 076 608 mshtml.dll 2006-03-18 07:07 616 448 urlmon.dll 2006-03-17 05:11 679 424 inetcomm.dll 2006-03-17 00:07 8 508 416 shell32.dll 2006-03-16 20:38 28 672 verclsid.exe 2006-03-10 06:09 5 533 696 wmp.dll 2006-03-05 05:15 97 280 nsb8D.dll 2006-03-04 00:00 667 648 wininet.dll 2006-03-04 00:00 474 624 shlwapi.dll 2006-03-04 00:00 532 480 mstime.dll 2006-03-04 00:00 39 424 pngfilt.dll 2006-03-04 00:00 146 432 msrating.dll 2006-03-04 00:00 448 512 mshtmled.dll 2006-03-04 00:00 251 904 iepeers.dll 2006-03-04 00:00 96 768 inseng.dll 2006-03-04 00:00 1 022 976 browseui.dll 2006-03-04 00:00 152 064 cdfview.dll 2006-03-04 00:00 1 056 768 danim.dll 2006-03-04 00:00 55 808 extmgr.dll 2006-03-04 00:00 205 312 dxtrans.dll 2006-03-01 15:42 66 560 mtxclu.dll 2006-03-01 15:42 11 776 xolehlp.dll 2006-03-01 15:42 91 136 mtxoci.dll 2006-03-01 15:42 426 496 msdtcprx.dll 2006-03-01 15:42 956 416 msdtctm.dll 2006-03-01 15:42 161 280 msdtcuiu.dll 2006-02-26 22:52 21 840 SIntfNT.dll 2006-02-26 22:52 17 212 SIntf32.dll 2006-02-26 22:52 12 067 SIntf16.dll 2006-02-23 11:22 1 047 552 mfc71u.dll 2006-02-14 22:53 176 167 rmoc3260.dll 2006-02-14 22:53 5 632 pndx5032.dll 2006-02-14 22:53 6 656 pndx5016.dll 2006-02-14 22:53 278 528 pncrt.dll 2006-01-27 18:38 503 296 aswBoot.exe 2006-01-27 18:30 90 112 AVASTSS.scr 2006-01-03 23:35 68 096 webclnt.dll

p.s. mon pc a d'énormes lenteurs parfois... aussi ça vient juste de m'arriver et c'est la premiere fois : je suis redirigé vers cette page http://www.intercasino.com/ antivir détecte aussi d'autres fichiers, souvent un page html ou un fichier javascript. des fois c'est un fichier zip parfois une fenêtre de téléchargement de internet explorer apparait et disparait. voici un compte rendu du fonctionnement de mon pc

je sais pas si j'ai mis la bonne chose mais voila Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est 898D-B2DA R‚pertoire de C:\ 2006-06-14 17:54 0 dirdat.txt 2006-06-14 10:41 467 845 120 hiberfil.sys 2006-06-14 10:41 704 643 072 pagefile.sys 2006-06-11 22:33 12 630 AVSCAN-20060611-214534-A86CA4F8.LOG 2006-06-10 14:38 158 908 SpybotSD.Results.txt 2006-06-06 19:19 6 351 Nouveau Document texte.txt 2006-06-06 19:19 10 816 112 antivir_workstation_win7u_en_h.exe 2006-05-17 02:20 17 d.bat R‚pertoire de C:\WINDOWS 2006-06-14 14:27 1 125 winamp.ini 2006-06-14 11:28 159 wiadebug.log 2006-06-14 11:27 50 wiaservc.log 2006-06-14 10:48 1 435 118 WindowsUpdate.log 2006-06-14 10:41 0 0.log 2006-06-14 10:41 2 048 bootstat.dat 2006-06-13 23:41 32 522 SchedLgU.Txt 2006-06-12 22:25 41 472 Thumbs.db 2006-06-12 11:07 328 480 setupapi.log 2006-06-11 22:07 35 872 wmsetup.log 2006-06-10 14:12 32 pavsig.txt 2006-06-08 19:39 2 735 490 ntbtlog.txt 2006-06-06 19:32 2 806 setupact.log 2006-06-05 20:14 4 141 spupdsvc.log 2006-06-05 20:12 9 012 WgaNotify.log 2006-06-05 20:12 25 033 updspapi.log 2006-06-05 20:11 7 358 WGA.log 2006-06-05 18:29 4 046 win.ini 2006-06-05 17:28 4 039 DirectX.log 2006-05-28 09:34 1 635 cfg32.exe 2006-05-24 14:32 149 yfesefmf.ini 2006-05-20 22:34 60 GOTO.INI 2006-05-20 22:33 229 REGGOTO.INI 2006-05-20 16:01 286 720 iun506.exe 2006-05-20 13:23 35 862 wallp2.exe R‚pertoire de C:\DOCUME~1\Alexis\LOCALS~1\Temp 2006-06-14 11:58 2 080 java_install_reg.log 2006-06-13 16:14 0 fla5D.tmp 2006-06-11 22:07 717 control.xml

voici le rapport de spybot, et voici le lien du screenshot de la fenêtre qui me demande d'aller à une adresse : http://img156.imageshack.us/img156/1801/url6oa.jpg --- Search result list --- Command Service: Settings (Registry key, fixing failed) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdService Command Service: Settings (Registry key, fixing failed) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdService Command Service: Settings (Registry key, fixed) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdService --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2006-04-14 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2006-02-06 advcheck.dll (1.0.2.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2006-02-20 Tools.dll (2.0.0.2) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2006-06-10 Includes\Cookies.sbi (*) 2006-06-10 Includes\Dialer.sbi (*) 2006-06-10 Includes\Hijackers.sbi (*) 2006-06-10 Includes\Keyloggers.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2006-06-10 Includes\Malware.sbi (*) 2006-06-10 Includes\PUPS.sbi (*) 2006-06-10 Includes\Revision.sbi (*) 2006-06-10 Includes\Security.sbi (*) 2006-06-10 Includes\Spybots.sbi (*) 2005-02-17 Includes\Tracks.uti 2006-06-10 Includes\Trojans.sbi (*) --- System information --- Windows XP (Build: 2600) Service Pack 2 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) / Step By Step Interactive Training / SP2: Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) / Windows XP / SP3: Correctif Windows XP - KB873333 / Windows XP / SP3: Correctif Windows XP - KB873339 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB883939) / Windows XP / SP3: Correctif Windows XP - KB884018 / Windows XP / SP3: Correctif Windows XP - KB885250 / Windows XP / SP3: Correctif Windows XP - KB885835 / Windows XP / SP3: Correctif Windows XP - KB885836 / Windows XP / SP3: Correctif Windows XP - KB885855 / Windows XP / SP3: Correctif Windows XP - KB886185 / Windows XP / SP3: Correctif Windows XP - KB887472 / Windows XP / SP3: Correctif Windows XP - KB887742 / Windows XP / SP3: Correctif Windows XP - KB887797 / Windows XP / SP3: Correctif Windows XP - KB888113 / Windows XP / SP3: Correctif Windows XP - KB888302 / Windows XP / SP3: Correctif Windows XP - KB889673 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046) / Windows XP / SP3: Correctif Windows XP - KB890047 / Windows XP / SP3: Correctif Windows XP - KB890175 / Windows XP / SP3: Correctif Windows XP - KB890859 / Windows XP / SP3: Correctif Windows XP - KB890923 / Windows XP / SP3: Correctif Windows XP - KB891781 / Windows XP / SP3: Correctif Windows XP - KB893056 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893066) / Windows XP / SP3: Correctif Windows XP - KB893086 / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Mise à jour pour Windows XP (KB894391) / Windows XP / SP3: Correctif pour Windows XP (KB894871) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896688) / Windows XP / SP3: Mise à jour pour Windows XP (KB898461) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591) / Windows XP / SP3: Mise à jour pour Windows XP (KB900485) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725) / Windows XP / SP3: Mise à jour pour Windows XP (KB900930) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB903235) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905915) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908531) / Windows XP / SP3: Mise à jour pour Windows XP (KB910437) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911567) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912812) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913446) / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580) --- Startup entries list --- Located: HK_LM:Run, avgnt command: "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min file: C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe size: 233512 MD5: d05a80b5a605f8b8fb0915d1a4905471 Located: HK_LM:Run, PinnacleDriverCheck command: C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg file: C:\WINDOWS\system32\PSDrvCheck.exe size: 406016 MD5: 39d31d333c39caa9a13b738804b43284 Located: HK_LM:Run, QuickTime Task command: "C:\Program Files\QuickTime\qttask.exe" -atboottime file: C:\Program Files\QuickTime\qttask.exe size: 155648 MD5: 216b3acc656cda8a5a0c3071ec0a408b Located: HK_CU:Run, ctfmon.exe command: C:\WINDOWS\system32\ctfmon.exe file: C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 5584247b568c2e53934873f4b655fe6a Located: Startup (user), WampServer.lnk command: C:\Program Files\wamp\wampserver.exe file: C:\Program Files\wamp\wampserver.exe size: 1101824 MD5: 443ecc7b6b8244678971030906d71382 Located: System.ini, AtiExtEvent command: Ati2evxx.dll file: Ati2evxx.dll Located: System.ini, crypt32chain command: crypt32.dll file: crypt32.dll Located: System.ini, cryptnet command: cryptnet.dll file: cryptnet.dll Located: System.ini, cscdll command: cscdll.dll file: cscdll.dll Located: System.ini, ScCertProp command: wlnotify.dll file: wlnotify.dll Located: System.ini, Schedule command: wlnotify.dll file: wlnotify.dll Located: System.ini, sclgntfy command: sclgntfy.dll file: sclgntfy.dll Located: System.ini, SensLogn command: WlNotify.dll file: WlNotify.dll Located: System.ini, termsrv command: wlnotify.dll file: wlnotify.dll Located: System.ini, WgaLogon command: WgaLogon.dll file: WgaLogon.dll Located: System.ini, wlballoon command: wlnotify.dll file: wlnotify.dll --- Browser helper object list --- --- ActiveX list --- {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) DPF name: CLSID name: ActiveScan Installer Class Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf Codebase: http://acs.pandasoftware.com/activescan/as5free/asinst.cab description: classification: Open for discussion known filename: ASINST.DLL info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\Downloaded Program Files\ Long name: asinst.dll Short name: Date (created): 2006-04-11 17:10:10 Date (last access): 2006-06-12 22:26:38 Date (last write): 2006-04-11 17:10:10 Filesize: 135168 Attributes: archive MD5: 7267AE9C8DF527C30885DC29687D2A9B CRC32: 1B1733A3 Version: 58.5.0.0 --- Process list --- PID: 0 ( 0) [system] PID: 520 ( 4) \SystemRoot\System32\smss.exe PID: 576 ( 520) \??\C:\WINDOWS\system32\csrss.exe PID: 600 ( 520) \??\C:\WINDOWS\system32\winlogon.exe PID: 648 ( 600) C:\WINDOWS\system32\services.exe size: 108544 MD5: 732E0B1ABAACE15D80EC19056B0A2AF9 PID: 660 ( 600) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: 9F3744A5C6F49291A7A685040A013399 PID: 816 ( 648) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA PID: 876 ( 648) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA PID: 916 ( 648) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA PID: 968 ( 648) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA PID: 1044 ( 648) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA PID: 1304 ( 648) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F PID: 1404 ( 648) C:\Program Files\AntiVir PersonalEdition Classic\sched.exe size: 34344 MD5: 756696E86515155A2DB03E1CD7C4EBD0 PID: 1416 ( 648) C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe size: 191016 MD5: F8182E30C3E4904E5C3352449E3BE877 PID: 1456 ( 648) C:\Program Files\ewido anti-malware\ewidoctrl.exe size: 13888 MD5: 26830B750372AB1BF29C95DEEBEB802F PID: 1480 ( 648) C:\Program Files\ewido anti-malware\ewidoguard.exe size: 151616 MD5: 34A50717AD686900F078F5208F8E908E PID: 1600 ( 648) C:\WINDOWS\system32\wdfmgr.exe size: 38912 MD5: AB0A7CA90D9E3D6A193905DC1715DED0 PID: 1676 ( 648) C:\Program Files\wamp\apache2\bin\Apache.exe size: 20541 MD5: 801B28C9171271686D608F112747B107 PID: 1728 ( 648) C:\Program Files\wamp\mysql\bin\mysqld-nt.exe size: 4149248 MD5: 7C33E7EF9B46ED53839CB31CA7676BD6 PID: 1936 (1676) C:\Program Files\wamp\apache2\bin\Apache.exe size: 20541 MD5: 801B28C9171271686D608F112747B107 PID: 2512 ( 648) C:\WINDOWS\System32\alg.exe size: 44544 MD5: 2FE681D10C5FC343DBBC0610B8DD4D24 PID: 3624 ( 648) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA PID: 2800 (3172) C:\WINDOWS\Explorer.EXE size: 1036288 MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA PID: 1468 (2800) C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe size: 233512 MD5: D05A80B5A605F8B8FB0915D1A4905471 PID: 3840 (2800) C:\Program Files\QuickTime\qttask.exe size: 155648 MD5: 216B3ACC656CDA8A5A0C3071EC0A408B PID: 692 (2800) C:\WINDOWS\system32\ctfmon.exe size: 15360 MD5: 5584247B568C2E53934873F4B655FE6A PID: 784 (2800) C:\Program Files\wamp\wampserver.exe size: 1101824 MD5: 443ECC7B6B8244678971030906D71382 PID: 3312 ( 916) C:\WINDOWS\system32\wuauclt.exe size: 125720 MD5: 6CC08152ED8681BC176BE1B0F3C0E908 PID: 3396 (2800) C:\Program Files\MSN Messenger\msnmsgr.exe size: 7094272 MD5: BCD239CB30B5356A019FD81E45D6636B PID: 2672 ( 648) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA PID: 3416 (2800) C:\Program Files\Internet Explorer\iexplore.exe size: 93184 MD5: 833E2B3F0E2484C0F2B804AE871B4381 PID: 3884 (2800) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 4393096 MD5: 09CA174A605B480318731E691DC98539 PID: 4 ( 0) System --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 2006-06-12 22:33:09 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page about:blank HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://ie.search.msn.com HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main\Default_Search_URL about:blank HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.microsoft.com/isapi/redir.dll?p...B_PVER}&ar=home HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- --- Uninstall list --- (AddressBook) Adobe Acrobat 5.0 5.1 (Adobe Acrobat 5.0) version (major): 5 version (minor): 1 install location: C:\Program Files\Adobe\Acrobat 5.0 uninstall cmd: C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" publisher: Adobe Systems, Inc. help link: http://www.adobe.com/prodindex/acrobat/main.html Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) version: 9 version (major): 9 install location: C:\Program Files\Adobe\Adobe Photoshop CS2\ uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} publisher: Adobe Systems, Inc. comments: contact: Customer Support help link: http://www.adobe.com/support/main.html help telephone: 1-555-555-4505 ATI - Utilitaire de désinstallation du logiciel 6.14.10.1012 (All ATI Software) install location: C:\Program Files\ATI Technologies\UninstallAll uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe Avira AntiVir PersonalEdition Classic (AntiVir PersonalEdition Classic) uninstall cmd: C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE publisher: Avira GmbH help link: http://www.avira.com/en/technical_support ATI Display Driver 8.153-050705a1-025176C (ATI Display Driver) uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean BitTorrent 4.0.1 (BitTorrent) uninstall cmd: "C:\Program Files\BitTorrent\uninstall.exe" BuffyGame (BuffyGame) uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BladeGames\BuffyGame\Uninst.isu" (Connection Manager) Diablo II (Diablo II) uninstall cmd: C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat (DirectAnimation) (DirectDrawEx) (dlatray.exe) uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} (DXM_Runtime) Elasto Mania (Elasto Mania) uninstall cmd: C:\PROGRA~1\ELASTO~1\UNWISE.EXE C:\PROGRA~1\ELASTO~1\INSTALL.LOG ewido anti-malware (ewidoantimalware) install location: C:\Program Files\ewido anti-malware uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe publisher: ewido networks help link: http://www.ewido.net TOSHIBA Fn-esse 1.0.1.1114C (Fn-esse) uninstall cmd: C:\WINDOWS\UnInst32.exe Fn-esse.UNI (Fontcore) GetDiz 3.0 3.0 (GetDiz 3.0) uninstall cmd: C:\PROGRA~1\GetDiz\UNINST~1\UNWISE.EXE C:\PROGRA~1\GetDiz\UNINST~1\install.log publisher: Outer Technologies comments: fast and handy text viewer HijackThis 1.99.1 1.99.1 (HijackThis) uninstall cmd: C:\Documents and Settings\Alexis\Local Settings\Temporary Internet Files\Content.IE5\1DEMRAKU\HijackThis.exe /uninstall publisher: Soeperman Enterprises Ltd. PinnacleHollywood FX 5 (Hollywood FX 5) uninstall cmd: C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX 5\uninstal.log Programme de désinstallation de l'imprimante hp deskjet 450 (hp deskjet 450 printer unistaller) uninstall cmd: C:\Program Files\Hewlett-Packard\hp deskjet 450 printer\Uninstall\setup.exe ciuninst.ini (ICW) (IE40) (IE4Data) (IE5BAKEX) (IEData) (InstallShield Uninstall Information) (InstallShield_{0B9E0BD1-328D-415C-80A5-6B0028F0C104}) (InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) QuickTime 7.0.3 (InstallShield_{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}) version: 117440515 version (major): 7 estimated size: 62923 install date: 20051210 install location: C:\Program Files\QuickTime\ install source: C:\DOCUME~1\Alexis\LOCALS~1\Temp\_is584\ uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1036 publisher: Apple Computer, Inc. contact: Assistance AppleCare help link: http://www.apple.com/fr/support/ help telephone: (33) 0825 888 024 TOSHIBA Accessibility 1.35.0.4C (InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}) version: 19070976 version (major): 1 version (minor): 35 estimated size: 137 install date: 20050923 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\_is7D\ uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3A57482F-BEBC-47E4-ADA1-6302403C7E50} /l1036 publisher: TOSHIBA TOSHIBA Mot de passe responsable 1.35.0.1C (InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) version: 19070976 version (major): 1 version (minor): 35 estimated size: 72 install date: 20050923 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\_isB7\ uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1036 publisher: TOSHIBA TOSHIBA Hardware Setup 1.35.0.4C (InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) version: 19070976 version (major): 1 version (minor): 35 estimated size: 416 install date: 20050923 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\_is5C\ uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036 publisher: TOSHIBA (InstallShield_{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}) Utilitaire Hotkey TOSHIBA 1.35.0.6C (InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}) version: 19070976 version (major): 1 version (minor): 35 estimated size: 871 install date: 20050922 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\_is6B\ uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1036 publisher: TOSHIBA Utilitaire TouchPad ON/OFF 1.35.0.1C (InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}) version: 19070976 version (major): 1 version (minor): 35 estimated size: 175 install date: 20050922 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\_is1A7\ uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{80977342-27E8-4FF7-8B6A-D8D89461DA7F} /l1036 publisher: TOSHIBA iTunes 6.0.1.3 (InstallShield_{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}) version: 100663297 version (major): 6 estimated size: 32022 install date: 20051210 install location: C:\Program Files\iTunes\ install source: C:\WINDOWS\Downloaded Installations\{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}\ uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{872653C6-5DDC-488B-B7C2-CF9E4D9335E5} /l1036 publisher: Apple Computer, Inc. contact: Assistance AppleCare help link: http://www.info.apple.com/frfr/index.html help telephone: 1-800-275-2273 (InstallShield_{FCE19796-1ADF-42DF-81D8-3563867FC2C2}) Correctif Windows XP - KB873333 20050114.005213 (KB873333) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=873333 Correctif Windows XP - KB873339 20041117.092459 (KB873339) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=873339 Mise à jour de sécurité pour Windows XP (KB883939) 1 (KB883939) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=883939 (KB884016) Correctif Windows XP - KB884018 20040812.132033 (KB884018) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=884018 Correctif Windows XP - KB885250 20050118.202711 (KB885250) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885250 Correctif Windows XP - KB885835 20041027.181713 (KB885835) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885835 Correctif Windows XP - KB885836 20041028.173203 (KB885836) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885836 Correctif Windows XP - KB885855 20040930.104104 (KB885855) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=885855 Correctif Windows XP - KB886185 20041021.090540 (KB886185) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=886185 Correctif Windows XP - KB887472 20041014.162858 (KB887472) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887472 Correctif Windows XP - KB887742 20041103.095002 (KB887742) uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887742 Correctif Windows XP - KB887797 20041018.133824 (KB887797) uninstall cmd: C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=887797 Correctif Windows XP - KB888113 20041116.131036 (KB888113) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888113 Correctif Windows XP - KB888302 20041207.111426 (KB888302) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=888302 Correctif Windows XP - KB889673 20041116.085848 (KB889673) uninstall cmd: C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=889673 Mise à jour de sécurité pour Windows XP (KB890046) 1 (KB890046) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890046 Correctif Windows XP - KB890047 20041221.124506 (KB890047) uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890047 Correctif Windows XP - KB890175 20041201.233338 (KB890175) uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890175 Correctif Windows XP - KB890859 1 (KB890859) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890859 Correctif Windows XP - KB890923 1 (KB890923) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=890923 Windows Media Format SDK Hotfix - KB891122 (KB891122) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891122 Correctif Windows XP - KB891781 20050110.165439 (KB891781) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=891781 Correctif Windows XP - KB893056 20050126.164313 (KB893056) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893056 Mise à jour de sécurité pour Windows XP (KB893066) 2 (KB893066) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893066 Correctif Windows XP - KB893086 1 (KB893086) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893086 Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=893756 Windows Installer 3.1 (KB893803) 3.1 (KB893803) publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467 Windows Installer 3.1 (KB893803) 3.1 (KB893803v2) uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=42467 Mise à jour pour Windows XP (KB894391) 1 (KB894391) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=894391 Correctif pour Windows XP (KB894871) 1 (KB894871) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=894871 Correctif Windows XP - KB895200 1 (KB895200) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=895200 Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896358 Mise à jour de sécurité pour Windows XP (KB896422) 1 (KB896422) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896422 Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896423 Mise à jour de sécurité pour Windows XP (KB896424) 1 (KB896424) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896424 Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896428 Mise à jour de sécurité pour Windows XP (KB896688) 1 (KB896688) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=896688 Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) 20050502.101010 (KB898458) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/kb/898458 Mise à jour pour Windows XP (KB898461) 1 (KB898461) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=898461 Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899587 Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=899591 Mise à jour pour Windows XP (KB900485) 2 (KB900485) install date: 20060426 uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900485 Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900725 Mise à jour pour Windows XP (KB900930) 1 (KB900930) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB900930$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=900930 Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901017 Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=901214 Hotfix for Windows Media Format SDK (KB902344) (KB902344) uninstall cmd: "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902344 Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=902400 Mise à jour de sécurité pour Windows XP (KB903235) 1 (KB903235) publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=903235 Mise à jour de sécurité pour Windows XP (KB904706) 1 (KB904706) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=904706 Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905414 Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749) install date: 20051201 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905749 Mise à jour de sécurité pour Windows XP (KB905915) 1 (KB905915) install date: 20051217 uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905915 Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519) install date: 20060112 uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908519 Mise à jour de sécurité pour Windows XP (KB908531) 1 (KB908531) install date: 20060414 uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=908531 Package de base Microsoft de service de chiffrement pour cartes à puce (KB909520) uninstall cmd: "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" publisher: Microsoft Corporation Mise à jour pour Windows XP (KB910437) 1 (KB910437) install date: 20051217 uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=910437 Mise à jour de sécurité pour Windows XP (KB911562) 1 (KB911562) install date: 20060414 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911562 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (KB911564) install date: 20060215 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911564 Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) (KB911565) install date: 20060215 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com/?kbid=911565 Mise à jour de sécurité pour Windows XP (KB911567) 1 (KB911567) install date: 20060413 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911567 Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927) install date: 20060215 uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=911927 Mise à jour de sécurité pour Windows XP (KB912812) 1 (KB912812) install date: 20060414 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912812 Mise à jour de sécurité pour Windows XP (KB912919) 1 (KB912919) install date: 20060107 uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=912919 Mise à jour de sécurité pour Windows XP (KB913446) 1 (KB913446) install date: 20060215 uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=913446 Mise à jour de sécurité pour Windows XP (KB913580) 1 (KB913580) install date: 20060510 uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=913580 (KBKB895200) LimeWire PRO 4.10.9 4.10.9 (LimeWire) uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe" publisher: Lime Wire, LLC help link: http://www.limewire.com/support Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903) uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp" Macromedia Shockwave Player 10.1.0.11 (Macromedia Shockwave Player) uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log publisher: Macromedia, Inc. help link: http://www.macromedia.com/fr/support/shockwave Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033)) uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0) install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=45396 (Microsoft Interactive Training) uninstall cmd: C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu mIRC (mIRC) uninstall cmd: "C:\Program Files\mIRC\mirc.exe" -uninstall (MobileOptionPack) (MPlayer2) (MSI30-Beta1) (MSI30-Beta2) (MSI30-KB884016) (MSI30-RC1) (MSI30-RC2) (MSI30a-KB884016) (MSI31-Beta) (MSI31-RC1) MSN (MSNINST) uninstall cmd: C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP Native Instruments Sibelius Player (Native Instruments Sibelius Player) uninstall cmd: C:\PROGRA~1\NATIVE~1\SIBELI~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\SIBELI~1\INSTALL.LOG (NetMeeting) Neuratron PhotoScore Lite 3.00 (Neuratron PhotoScore Lite) uninstall cmd: C:\PROGRA~1\NEURAT~1\UNWISE.EXE C:\PROGRA~1\NEURAT~1\INSTALL.LOG publisher: Neuratron Limited help link: http://www.neuratron.com/support.htm Outil de diagnostic PC TOSHIBA (Outil de diagnostic PC) uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu" (OutlookExpress) Panda ActiveScan (Panda ActiveScan) uninstall cmd: C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan publisher: Panda Software S.L. (PCHealth) uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Gestion d'énergie TOSHIBA 7.03.07.C (Power Saver) uninstall cmd: C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll" QuickSFV (Remove only) (QuickSFV) uninstall cmd: C:\Program Files\QuickSFV\QSFVUNST.EXE C:\Program Files\QuickSFV\ (RealJukebox 1.0) uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 RealPlayer (RealPlayer 6.0) uninstall cmd: C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 (RecordNow.exe) uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} (SchedulingAgent) (Shockwave) Macromedia Flash Player 8 8 (ShockwaveFlash) uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5 publisher: Macromedia help link: http://www.macromedia.com/go/flashplayer_support/ Sibelius v3.1 (Sibelius v3.1) uninstall cmd: C:\PROGRA~1\SIBELI~1\SIBELI~1\UNWISE.EXE C:\PROGRA~1\SIBELI~1\SIBELI~1\INSTALL.LOG Snowball Wars by OIN (Snowball Wars) uninstall cmd: C:\Program Files\Snowball Wars\uninstaller.exe Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1) install location: C:\Program Files\Spybot - Search & Destroy\ uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe" publisher: Safer Networking Limited SpywareBlaster v3.5.1 3.5.1 (SpywareBlaster_is1) install location: C:\Program Files\SpywareBlaster\ uninstall cmd: "C:\Program Files\SpywareBlaster\unins000.exe" publisher: Javacool Software LLC TContext (TContext) uninstall cmd: "C:\Program Files\Internet Optimizer\optimize.exe" /u 8 TOSHIBA Software Modem 2.1.51 (SM2151ALD05) (TOSHIBA Software Modem) uninstall cmd: Tosmreg -U Toshiba Tbiosdrv Driver (Toshiba Tbiosdrv Driver) uninstall cmd: C:\PROGRA~1\TOSHIBA\TOSHIB~1\UNWISE.EXE C:\PROGRA~1\TOSHIBA\TOSHIB~1\INSTALL.LOG Tweak UI (Tweak UI 2.10) uninstall cmd: "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta" vanBasco's Karaoke Player (VMidi) uninstall cmd: C:\Program Files\vanBasco's Karaoke Player\uninst.exe WAMP5 1.6.3 (WAMP5_is1) install location: C:\Program Files\wamp\ uninstall cmd: "C:\Program Files\wamp\unins000.exe" publisher: Romain Bourdon (Roms) help link: http://www.wampserver.com WebCopier (WebCopier_4.3) uninstall cmd: C:\WINDOWS\iun506.exe C:\Program Files\WebCopier\irunin_4.3.ini WebCopier (WebCopier_4.3.1) uninstall cmd: C:\WINDOWS\iun506.exe C:\Program Files\WebCopier\irunin_4.3.1.ini WebExpert 6 6.50.1 (WebExpert 6) version (major): 6 version (minor): 5 install location: C:\Program Files\Visicom Media\WebExpert 6 uninstall cmd: "C:\Program Files\Visicom Media\WebExpert 6\uninst-web.exe" Windows Genuine Advantage Validation Tool (KB892130) 1.5.0530.0 (WGA) install date: 20060606 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=892130 Windows Genuine Advantage Notifications (KB905474) 1.5.0532.0 (WgaNotify) install date: 20060606 publisher: Microsoft Corporation help link: http://support.microsoft.com?kbid=905474 Winamp (remove only) (Winamp) uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe" Windows Media Format Runtime (Windows Media Format Runtime) uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Lecteur Windows Media 10 (Windows Media Player) uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall WinRAR archiver (WinRAR archiver) uninstall cmd: C:\Program Files\WinRAR\uninstall.exe WinZip 9.0 SR-1 (6224f) (WinZip) version (major): 9 install location: C:\PROGRA~1\WINZIP\ uninstall cmd: "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall publisher: WinZip Computing, Inc. help link: http://www.winzip.com/wzredir.cgi?FRSWZX Windows Media Connect (WMCSetup) uninstall cmd: "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" publisher: Microsoft Corporation help link: http://go.microsoft.com/fwlink/?LinkId=47544 Atheros Wireless LAN MiniPCI card Driver ({05832D65-6EDB-4D32-BA78-BCD0E2B91C02}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}\Setup.exe" -l0x40c Macromedia Dreamweaver 8 8.0.0.2734 ({0837A661-FEC3-48B3-876C-91E7D32048A9}) version: 134217728 version (major): 8 estimated size: 169853 install date: 20051216 install location: C:\Program Files\Macromedia\Dreamweaver 8\ install source: C:\WINDOWS\Downloaded Installations\Macromedia Dreamweaver 8\ uninstall cmd: MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9} publisher: Macromedia comments: Language: En help link: http://www.macromedia.com/go/dreamweaver/support Adobe Premiere Pro 7.0 ({084709F7-38C5-4609-B55F-2417939315EB}) version: 117440512 version (major): 7 install location: C:\Program Files\Adobe\Premiere Pro install source: C:\Documents and Settings\Adobe Premiere Pro 7.0 (With Key)\Premiere Pro\ uninstall cmd: RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{084709F7-38C5-4609-B55F-2417939315EB}\setup.exe" publisher: Adobe Systems, Inc. Panneau de contrôle ATI 6.14.10.5157 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" Sonic DLA 5.1.0 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) version: 83951616 version (major): 5 version (minor): 1 estimated size: 2837 install date: 20050923 install source: C:\SW\DLA\ uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} publisher: Sonic Solutions help link: http://www.sonicjapan.co.jp/support/index.html Utility Common Driver 0.0.0.1C ({12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) estimated size: 21 install date: 20050922 install source: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\_is8E\ publisher: TOSHIBA Assist TOSHIBA ({12B3A009-A080-4619-9A2A-C6DB151D8D67}) uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c Adobe Photoshop CS2 9.0 ({236BB7C4-4419-42FD-0409-1E257A25E34D}) version: 150994944 version (major): 9 estimated size: 639892 install date: 20051218 install location: C:\Program Files\Adobe\Adobe Photoshop CS2\ install source: C:\Documents and Settings\Alexis\Photoshop CS2 v9.0 + working KeyGen\Photoshop CS2\Adobe® Photoshop® CS2\ publisher: Adobe Systems, Inc. comments: contact: Customer Support help link: http://www.adobe.com/support/main.html help telephone: 1-555-555-4505 Macromedia Flash 8 8.00.0000 ({2BD5C305-1B27-4D41-B690-7A61172D2FEB}) version: 134217728 version (major): 8 estimated size: 252071 install date: 20051210 install location: C:\Program Files\Macromedia\Flash 8\ install source: C:\Documents and Settings\Alexis\Macromedia Flash 8 PRO\data\ uninstall cmd: MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB} publisher: Macromedia comments: Thank you for choosing Macromedia. contact: Support and Training help link: http://www.macromedia.com/go/flash_support InterVideo WinDVD Creator 2 2.0.14.368 ({2FCE4FC5-6930-40E7-A4F1-F862207424EF}) version (major): 2 install location: C:\Program Files\InterVideo\WCreator2 uninstall cmd: "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL publisher: InterVideo Inc. contact: support@intervideo.com help link: http://www.intervideo.com/jsp/Support.jsp J2SE Runtime Environment 5.0 Update 2 1.5.0.20 ({3248F0A8-6813-11D6-A77B-00B0D0150020}) version: 17104896 version (major): 1 version (minor): 5 estimated size: 154313 install date: 20050923 install source: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}\ uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020} publisher: Sun Microsystems, Inc. contact: http://java.com help link: http://java.com readme: C:\Program Files\Java\jre1.5.0_02\README.txt WebFldrs XP 9.50.7523 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227}) version: 154279267 version (major): 9 version (minor): 50 estimated size: 2608 install date: 20050922 install source: C:\WINDOWS\system32\ publisher: Microsoft Corporation help link: http://www.microsoft.com/windows QuickTime 7.0.3 ({3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}) version: 117440515 version

quand j'ai fait un scan de antivir, il a pas trouv fichier mais voici le rapport : AntiVir PersonalEdition Classic Report file date: 11 juin 2006 21:45 Scanning for 406081 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Alexis Computer name: NOM-8ABC2A6DAF0 Version informations: AVSCAN.EXE : 7.0.0.42 557096 2006-06-06 23:26:22 AVSCAN.DLL : 7.0.0.42 53288 2006-06-06 23:26:22 LUKE.DLL : 7.0.0.42 118824 2006-06-06 23:26:34 LUKERES.DLL : 7.0.0.42 25640 2006-06-06 23:26:34 ANTIVIR0.VDF : 6.35.0.1 7371264 2006-06-06 23:26:22 ANTIVIR1.VDF : 6.35.0.5 2048 2006-06-06 23:26:22 ANTIVIR2.VDF : 6.35.0.7 113664 2006-06-06 23:26:22 ANTIVIR3.VDF : 6.35.0.16 30208 2006-06-06 23:26:22 AVEWIN32.DLL : 7.1.0.10 1511936 2006-06-06 23:26:22 AVPREF.DLL : 7.0.0.1 49192 2006-06-06 23:26:22 AVREP.DLL : 6.35.0.2 659496 2006-06-06 23:26:22 AVRPBASE.DLL : 7.0.0.0 2162728 2006-06-06 23:26:22 AVPACK32.DLL : 7.1.0.1 335912 2006-06-06 23:26:22 AVREG.DLL : 6.31.0.90 27688 2006-06-06 23:26:22 NETNT.DLL : 6.32.0.0 6696 2006-06-06 23:26:34 NETNW.DLL : 6.32.0.0 9768 2006-06-06 23:26:34 RCIMAGE.DLL : 7.0.0.71 1642536 2006-06-06 23:26:36 RCTEXT.DLL : 7.0.0.75 77864 2006-06-06 23:26:36 Configuration settings for the scan: Jobname: '%s'.................: Local Hard Disks Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldiscs.avp Boot sectors..................: C Scan memory...................: 1 Process scan..................: 1 Scan all files................: 2 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Macro heuristic...............: 1 File heuristic................: -1 Primary action................: 1 Secondary action..............: 0 Start of the scan: 11 juin 2006 21:45 The scan over running processes will be started 34 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 8 files ). Starting the file scan: C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Alexis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Program Files\EQAdvice\equpd.exe [DETECTION] Contains signature of the dropper DR/PurityScan.ED [iNFO] The file was deleted! C:\RECYCLER\S-1-5-21-2378468875-2328275169-2517897983-500\Dc11.exe [DETECTION] Contains signature of the dropper DR/Clicker.Small.G.2 [iNFO] The file was deleted! C:\WINDOWS\SoftwareDistribution\EventCache\{1C55B150-3660-4C54-B284-44B492E7F9C5}.bin [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\dtscsi.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd0733.sys [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib2 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib3 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib4 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib5 [WARNING] The file could not be opened! C:\WINDOWS\Temp\ib6 [WARNING] The file could not be opened! End of the scan: 11 juin 2006 22:32 Used time: 46:53 min The scan has been done completely. 7559 Scanning directories 283290 Files were scanned 2 viruses and/or unwanted programs was found 2 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 8075 Archives were scanned 33 Warnings 0 Notes

rapport hijackthis: StartupList report, 2006-06-11, 21:41:43 StartupList version: 1.52.2 Started from : C:\Program Files\Hijackthis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Alexis\Menu Démarrer\Programmes\Démarrage] WampServer.lnk = C:\Program Files\wamp\wampserver.exe Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = userinit.exe [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run PinnacleDriverCheck = C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg avgnt = "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= C:\WINDOWS\system32\rundll.dll -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} -------------------------------------------------- Enumerating Task Scheduler jobs: Spybot - Search & Destroy - Scheduled Task.job -------------------------------------------------- Enumerating Download Program Files: [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204 [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) Pilote de contrôleur intégré Microsoft: system32\DRIVERS\ACPIEC.sys (system) Atheros Configuration Service: C:\WINDOWS\system32\ACS.exe (disabled) Adobe LM Service: "C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe" (manual start) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) TOSHIBA V92 Software Modem: system32\DRIVERS\AGRSM.sys (manual start) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) AntiVir PersonalEdition Classic Scheduler: C:\Program Files\AntiVir PersonalEdition Classic\sched.exe (autostart) AntiVir PersonalEdition Classic Guard: C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe (autostart) Alps Pointing-device Filter Driver: system32\DRIVERS\Apfiltr.sys (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Atheros Wireless Network Adapter Service: system32\DRIVERS\ar5211.sys (manual start) ASAPIW2K: system32\drivers\ASAPIW2k.sys (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (disabled) ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) avgio: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys (system) avgntflt: \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) ConfigFree Service: C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (disabled) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) Pilote pour Batterie à méthode de contrôle ACPI Microsoft: system32\DRIVERS\CmBatt.sys (manual start) Pilote de batterie composite Microsoft: system32\DRIVERS\compbatt.sys (system) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) DLABOIOM: System32\DLA\DLABOIOM.SYS (autostart) DLACDBHM: System32\Drivers\DLACDBHM.SYS (system) DLADResN: System32\DLA\DLADResN.SYS (autostart) DLAIFS_M: System32\DLA\DLAIFS_M.SYS (autostart) DLAOPIOM: System32\DLA\DLAOPIOM.SYS (autostart) DLAPoolM: System32\DLA\DLAPoolM.SYS (autostart) DLARTL_N: System32\Drivers\DLARTL_N.SYS (system) DLAUDFAM: System32\DLA\DLAUDFAM.SYS (autostart) DLAUDF_M: System32\DLA\DLAUDF_M.SYS (autostart) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Pilote MS IEEE-1284.4: system32\DRIVERS\Dot4.sys (manual start) Pilote de classe Imprimante pour IEEE-1284.4: system32\DRIVERS\Dot4Prt.sys (manual start) HP Dot4USB Filter: system32\DRIVERS\hppaufd0.sys (manual start) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) DRVMCDB: System32\Drivers\DRVMCDB.SYS (system) DRVNDDM: System32\Drivers\DRVNDDM.SYS (autostart) dtscsi: \SystemRoot\System32\Drivers\dtscsi.sys (manual start) DVD-RAM_Service: C:\WINDOWS\system32\DVDRAMSV.exe (disabled) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) ewido security suite control: C:\Program Files\ewido anti-malware\ewidoctrl.exe (autostart) ewido security suite driver: \??\C:\Program Files\ewido anti-malware\guard.sys (system) ewido security suite guard: C:\Program Files\ewido anti-malware\ewidoguard.exe (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) GEARAspiWDM: System32\Drivers\GEARAspiWDM.sys (manual start) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) Storage Class Driver for IEEE-1284.4 (HPZ12): System32\Drivers\hpzs2k12.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) InstallDriver Table Manager: "C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" (disabled) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (manual start) Pilote de processeur Intel: system32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: system32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) iPodService: C:\Program Files\iPod\bin\iPodService.exe (disabled) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) IVI ASPI Shell: system32\drivers\iviaspi.sys (manual start) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Pilote HID de clavier: system32\DRIVERS\kbdhid.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) AEGIS Protocol (IEEE 802.1x) v2.3.1.10: system32\DRIVERS\mdc8021x.sys (autostart) meiudf: System32\Drivers\meiudf.sys (system) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) TOSHIBA Network Device Usermode I/O Protocol: system32\DRIVERS\netdevio.sys (autostart) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) npkcrypt: \??\C:\Program Files\Lineage II\system\npkcrypt.sys (manual start) NPPTNT2: \??\C:\WINDOWS\system32\npptNT2.sys (system) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (disabled) Pilote de bus PCI: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) Pcmcia: system32\DRIVERS\pcmcia.sys (system) Padus ASPI Shell: system32\drivers\pfc.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver: system32\DRIVERS\Rtlnicxp.sys (manual start) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C): system32\DRIVERS\RTL8139.SYS (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de filtrage Sony USB (SONYPVU1): system32\DRIVERS\SONYPVU1.SYS (manual start) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) sptd: System32\Drivers\sptd.sys (system) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) SrvcSSIOMngr: System32\Drivers\SSIoMngr.sys (system) Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{81837335-A818-4128-866E-1546A3B11067} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) TBiosDrv: \??\C:\WINDOWS\system32\Drivers\Tbiosdrv.sys (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Common Driver: System32\Drivers\TPwSav.sys (system) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Toshiba Virtual Sound with SRS technologies: system32\DRIVERS\Tvs.sys (manual start) Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: system32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: system32\DRIVERS\usbohci.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) User Privilege Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) wampapache: "C:\Program Files\wamp\apache2\bin\Apache.exe" -k runservice (autostart) wampmysqld: "C:\Program Files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\wamp\mysql\my.ini" wampmysqld (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service Windows Media Connect: C:\Program Files\Windows Media Connect 2\wmccds.exe (manual start) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll||C:\WINDOWS\system32\rundll.dll -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 34 670 bytes Report generated in 0,172 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only

désolé pour double post aussi, il ya souvent une fenêtre qui apparait et qui me demande si je veux aller à une adresse

p.s. spybot détecte toujours command service, sans pouvoir le détruire au complet

mon pc va relativement bien, malgré quelques lenteurs et aussi, antivir détecte souvent ce fichier : rmtag2[1].js

mon pc fonctionne bien mais antivir fait souvent la détection de rmtag2[1].js

voici le rapport de blbeta: 06/09/06 21:09:08 [info]: BlackLight Engine 1.0.37 initialized 06/09/06 21:09:08 [info]: OS: 5.1 build 2600 (Service Pack 2) 06/09/06 21:09:08 [Note]: 7019 4 06/09/06 21:09:08 [Note]: 7005 0 06/09/06 21:09:11 [Note]: 7006 0 06/09/06 21:09:11 [Note]: 7011 2820 06/09/06 21:09:12 [Note]: 7026 0 06/09/06 21:09:12 [Note]: 7026 0 06/09/06 21:09:21 [Note]: FSRAW library version 1.7.1015 06/09/06 21:13:09 [Note]: 2000 1006 06/09/06 21:13:45 [Note]: 7007 0 le rapport de panda : Incident Statut Analyse Spyware:Cookie/Rn11 No Désinfecté C:\Documents and Settings\Alexis\Application Data\Mozilla\Profiles\default\j7lo330n.slt\cookies.txt[.rn11.com/] Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@888[1].txt Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@ad.yieldmanager[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@as-us.falkag[2].txt Spyware:Cookie/nCase No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@banners.searchingbooth[1].txt Spyware:Cookie/Enhance No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@c.enhance[1].txt Spyware:Cookie/Cassava No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@cassava[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@fe.lea.lycos[1].txt Spyware:Cookie/Humanclick No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@hc2.humanclick[2].txt Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@metriweb[1].txt Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@revenue[1].txt Spyware:Cookie/Rn11 No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@rn11[2].txt Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@statcounter[2].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Alexis\Cookies\alexis@xiti[1].txt Spyware:Spyware/SurfSideKick No Désinfecté C:\Documents and Settings\Alexis\Local Settings\Temp\temp.frF9A4\SskBho.dll

p.s. je n,ai réussi a trouver ces fichiers : C:\Program Files\Atsl C:\Program Files\FCAdvice w0019b12.dll (oui j'ai fais une recherche et oui je peux voir les fichiers cachés ) et il n'y avait pas ces ligne dans hijackthis: O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL désolé de ma lenteur rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 21:59:01, on 2006-06-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: wampapache - Unknown owner - C:\Program Files\wamp\apache2\bin\Apache.exe" -k runservice (file missing) O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\wamp\mysql\my.ini" wampmysqld (file missing) rapport ewido : --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 21:53:43, 2006-06-08 + Somme de contrôle: 34E6D311 + Résultats du scan: :mozilla.7:C:\Documents and Settings\Réjean\Application Data\Mozilla\Firefox\Profiles\ours2gc9.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.29:C:\Documents and Settings\Réjean\Application Data\Mozilla\Firefox\Profiles\ours2gc9.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@as-us.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@banners.searchingbooth[2].txt -> TrackingCookie.Searchingbooth : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@data1.perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@media.top-banners[1].txt -> TrackingCookie.Top-banners : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@pmads.valuead[2].txt -> TrackingCookie.Valuead : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@revenue[2].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Program Files\Common Files\svchostsys\svchostupdate.exe -> Downloader.Small : Nettoyer et sauvegarder C:\Program Files\ѕystem\taskmgr.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder C:\RECYCLER\S-1-5-21-2378468875-2328275169-2517897983-500\Dc12.exe -> Trojan.Small : Nettoyer et sauvegarder C:\WINDOWS\win3208342-1987202.exe -> Adware.Enbrow : Nettoyer et sauvegarder C:\WINDOWS\win320942-19872023.exe -> Adware.Enbrow : Nettoyer et sauvegarder ::Fin du rapport

désolé de ma lenteur rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 21:59:01, on 2006-06-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: wampapache - Unknown owner - C:\Program Files\wamp\apache2\bin\Apache.exe" -k runservice (file missing) O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\wamp\mysql\my.ini" wampmysqld (file missing) rapport ewido : --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 21:53:43, 2006-06-08 + Somme de contrôle: 34E6D311 + Résultats du scan: :mozilla.7:C:\Documents and Settings\Réjean\Application Data\Mozilla\Firefox\Profiles\ours2gc9.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.29:C:\Documents and Settings\Réjean\Application Data\Mozilla\Firefox\Profiles\ours2gc9.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@as-us.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@banners.searchingbooth[2].txt -> TrackingCookie.Searchingbooth : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@data1.perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@media.top-banners[1].txt -> TrackingCookie.Top-banners : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@pmads.valuead[2].txt -> TrackingCookie.Valuead : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@revenue[2].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Nettoyer et sauvegarder C:\Documents and Settings\Réjean\Cookies\réjean@zedo[2].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder C:\Program Files\Common Files\svchostsys\svchostupdate.exe -> Downloader.Small : Nettoyer et sauvegarder C:\Program Files\ѕystem\taskmgr.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder C:\RECYCLER\S-1-5-21-2378468875-2328275169-2517897983-500\Dc12.exe -> Trojan.Small : Nettoyer et sauvegarder C:\WINDOWS\win3208342-1987202.exe -> Adware.Enbrow : Nettoyer et sauvegarder C:\WINDOWS\win320942-19872023.exe -> Adware.Enbrow : Nettoyer et sauvegarder ::Fin du rapport

oui je l'ai fait, mais apres mon redémarrage, je l'ai remis. est-ce correct?

hum mon autre rapport est pas encore complet... y'a tu un maximum de caractère? L2mfix 051206 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Killing 'smss.exe' \SystemRoot\System32\smss.exe (516) Killing 'winlogon.exe' winlogon.exe (596) Killing 'explorer.exe' C:\WINDOWS\Explorer.EXE (3372) Killing 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] "DLLName"="Ati2evxx.dll" "Asynchronous"=dword:00000000 "Impersonate"=dword:00000001 "Lock"="AtiLockEvent" "Logoff"="AtiLogoffEvent" "Logon"="AtiLogonEvent" "Disconnect"="AtiDisConnectEvent" "Reconnect"="AtiReConnectEvent" "Safe"=dword:00000000 "Shutdown"="AtiShutdownEvent" "StartScreenSaver"="AtiStartScreenSaverEvent" "StartShell"="AtiStartShellEvent" "Startup"="AtiStartupEvent" "StopScreenSaver"="AtiStopScreenSaverEvent" "Unlock"="AtiUnLockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\kt06l7ds1.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] "Logon"="WLEventLogon" "Logoff"="WLEventLogoff" "Startup"="WLEventStartup" "Shutdown"="WLEventShutdown" "StartScreenSaver"="WLEventStartScreenSaver" "StopScreenSaver"="WLEventStopScreenSaver" "Lock"="WLEventLock" "Unlock"="WLEventUnlock" "StartShell"="WLEventStartShell" "PostShell"="WLEventPostShell" "Disconnect"="WLEventDisconnect" "Reconnect"="WLEventReconnect" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000000 "SafeMode"=dword:00000001 "MaxWait"=dword:ffffffff "DllName"=hex(2):57,00,67,00,61,00,4c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Event"=dword:00000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings] "Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,\ 00,00,11,96,45,6d,e8,a1,9b,45,84,42,92,96,ce,7b,31,20,04,00,00,00,04,00,00,\ 00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,cc,12,ef,35,92,13,76,26,\ 15,eb,e6,3e,99,87,61,f2,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,23,\ 8e,f9,13,65,e5,ef,86,fb,d8,a5,09,cf,2f,0f,c1,08,06,00,00,52,a5,6e,7f,8d,63,\ 13,06,29,c3,f5,91,31,97,29,d6,87,ad,f7,7d,a4,ce,d3,61,4f,3c,4c,7d,56,35,04,\ e5,aa,07,24,25,a7,b0,5d,1e,13,f9,e6,06,ee,4c,7c,05,14,6c,05,45,5d,bc,a0,cc,\ fe,c3,c2,59,e6,46,aa,f8,3d,76,85,75,1e,e0,0a,d2,84,ab,9b,b4,1b,77,77,78,b9,\ 9e,6f,8d,c4,54,29,08,96,71,c7,69,5f,b0,1b,58,01,14,ac,c3,33,52,27,0d,14,d4,\ f8,ba,75,0f,55,40,4e,01,e9,5e,cb,f1,70,b1,c9,e3,98,d7,8b,b4,9d,ec,4e,0d,22,\ 2f,9a,e4,f5,25,fd,14,8d,ef,aa,a7,5e,9e,bd,04,6b,45,3c,b7,36,cc,67,9d,c8,63,\ 7a,59,1b,ba,3d,d0,f4,b3,ed,0f,f9,bb,10,24,8d,a6,ea,9f,43,88,8a,d2,8b,4b,0e,\ d3,dd,5e,af,fa,a1,a8,d9,b6,11,16,46,2b,85,eb,4f,03,28,2d,5d,e0,9d,63,51,3b,\ 50,96,e3,a3,a5,33,ef,f2,60,e5,3b,c7,77,c8,47,1e,98,7f,b6,db,65,e0,e5,af,9d,\ c6,cb,70,c4,60,15,4e,e3,78,58,27,e6,04,c5,b8,08,21,27,22,eb,35,fc,86,34,fc,\ e6,93,cd,b1,ac,3e,5a,ec,7e,a8,2d,8b,4f,fe,67,b3,9b,f8,4a,de,51,e5,06,36,51,\ 78,2a,1d,a2,fd,d0,4f,4e,97,96,cc,12,68,5e,71,bd,8c,d3,34,4f,39,01,2e,43,7d,\ 55,ee,33,b1,d8,81,84,8d,df,ec,54,1c,7c,88,d0,7c,ce,ee,de,94,5b,ce,24,45,01,\ 17,2b,33,f6,59,ed,06,3c,7a,2d,be,54,d4,d3,42,25,9b,e9,6d,d8,a7,cd,1a,4d,0a,\ 21,6b,97,33,f3,5f,17,47,68,8d,e4,fc,48,9b,e8,1d,4d,7e,0d,3b,4e,73,7b,c0,8a,\ 2b,93,e6,47,29,6d,ee,59,83,f6,49,15,3a,ae,3e,d9,a3,ea,4d,28,36,75,f0,5c,34,\ 47,05,34,1e,b1,72,99,7d,53,aa,ac,60,4b,8d,8d,f0,d2,59,74,af,c6,b1,f4,21,28,\ b7,3a,5f,f3,6e,58,39,ea,12,46,c3,51,38,5d,b0,bb,26,d6,e6,8c,44,fc,32,6d,28,\ 1c,ae,dd,c8,e4,db,aa,67,80,7d,ea,17,fe,58,2e,80,5b,53,79,88,7a,f9,2f,02,ba,\ fc,92,e4,48,fc,fe,d2,b9,0f,e0,bb,e1,24,ab,e6,57,8a,5b,fd,26,17,8d,6e,60,05,\ b3,d6,fa,9a,ab,54,c6,d3,09,1d,54,b9,b6,17,30,dc,01,9e,67,f5,95,0f,5d,ac,74,\ fe,2d,2a,61,9a,80,e3,4a,68,8d,6f,0c,ad,74,58,86,68,40,6a,b7,fe,4d,92,98,c7,\ 3f,48,83,80,e6,e9,92,f6,83,6f,50,13,b6,73,0a,c2,e0,9e,ea,82,bd,0f,a9,dd,7c,\ be,26,e7,e7,ab,70,88,7e,6a,db,db,66,a4,1d,88,ca,4e,e0,b1,57,b3,49,75,b0,26,\ 89,9a,a3,bb,54,48,1d,8f,72,ec,88,3c,61,31,2c,3a,98,d8,a5,c7,da,c4,63,55,15,\ d0,79,c8,1d,0b,8e,ea,8f,15,1b,80,2a,b5,d5,6e,14,7e,d3,4a,ac,1f,f3,84,9e,64,\ 85,2d,36,62,a0,73,7c,e7,b5,a9,52,38,95,fd,74,0c,bb,fc,2b,8f,68,99,4f,45,f0,\ 47,1e,50,a4,d4,5b,70,5e,50,fe,4f,25,e9,67,81,69,68,c7,3f,fc,90,c3,0b,c6,0b,\ 6d,2a,51,c8,30,a4,cf,db,fe,90,a3,b6,08,bd,1f,1d,7d,21,02,64,53,06,6f,1a,45,\ 94,e6,cb,74,8f,20,1e,bd,90,20,4a,cf,fd,75,70,04,dc,60,71,ad,bd,98,8d,d7,50,\ dc,5c,15,05,ea,5e,d9,d3,bd,28,f4,dc,c4,f8,1f,8a,b7,a1,74,4d,f2,af,04,65,b3,\ 25,f6,54,49,b5,d5,6d,2a,1b,be,7a,7c,00,5d,6b,f0,d9,b8,f4,80,15,34,36,2d,fc,\ 00,a3,9c,94,78,11,ce,4b,17,03,f1,9a,a5,e4,2b,4c,41,b5,f6,6b,d1,af,8b,dc,8f,\ 35,35,6e,fb,01,64,2c,42,b7,83,66,7f,21,7f,df,f7,3e,01,c7,63,95,2f,8b,e5,39,\ 74,51,64,04,27,e0,39,f2,df,d3,3f,52,0d,a1,94,86,e1,c4,ac,57,87,8d,24,ea,bd,\ 62,2f,c2,77,4a,ef,2e,e6,78,0c,49,15,33,fb,10,74,9b,5a,b8,f9,8e,0e,74,c1,b0,\ b3,b0,8f,3e,b7,90,de,92,6c,9c,e0,52,30,f4,06,45,28,eb,c0,2a,ab,d5,59,aa,40,\ 95,e9,df,f0,59,9a,98,78,cb,9e,d8,85,75,e2,46,ad,be,62,93,60,21,70,9c,37,71,\ 86,d5,e9,36,b1,31,46,8d,cc,17,a0,3f,f4,66,5f,c4,94,ab,37,58,f0,20,03,2a,cd,\ fa,00,08,30,7a,91,97,3b,09,d8,95,ae,02,5d,b6,29,cc,9d,af,1e,2b,0f,09,bf,dd,\ b5,f3,ff,d5,6d,49,5d,58,01,b7,5e,89,9c,77,2e,42,59,15,e4,95,38,25,c0,09,65,\ 7b,0e,44,60,31,3c,fa,50,85,51,e5,68,db,44,e2,9d,36,7c,78,5f,31,ea,40,17,85,\ 28,65,c4,48,76,22,3e,73,1a,aa,09,f9,84,42,84,7a,6e,11,a6,28,3d,be,0f,1e,f0,\ 39,a0,6e,86,c6,a7,39,32,ed,3d,a5,91,77,9c,4c,ae,64,be,43,c2,d9,e5,43,3e,e2,\ e5,c6,ed,bd,48,4e,46,e4,a8,85,b2,72,83,a0,34,bf,9f,b6,06,6b,1f,8c,2f,60,cc,\ 36,79,d5,c5,02,6e,6b,b9,ff,4b,af,3d,26,7d,c9,3b,af,f0,14,5f,91,16,f3,4f,24,\ 13,44,03,70,a0,dc,b5,05,17,c6,4b,27,9e,2c,da,03,60,e5,23,cb,48,03,94,34,bd,\ dd,24,61,1f,b2,bf,c6,ce,d0,7f,b1,52,67,fa,08,8b,06,1f,f6,2c,1a,f7,10,4a,97,\ ec,08,b4,89,0e,1e,5e,1d,70,ef,68,07,95,4c,87,52,fd,a4,37,80,a9,9d,1b,40,91,\ 24,c1,e0,10,d0,0e,81,20,ae,08,6b,f6,87,67,57,be,57,5f,07,2e,87,65,80,2e,57,\ 48,be,cc,40,cb,71,cc,45,8a,70,62,e2,9b,16,f5,2c,c1,07,3c,7d,7f,ce,7d,04,4b,\ f4,ef,59,24,22,c8,8e,b1,2f,cf,a9,ea,dd,be,4f,79,36,27,0b,4e,a7,5b,c6,1b,ca,\ 19,d0,8e,5b,8c,96,3e,14,03,a4,46,af,8c,ad,b6,45,d6,70,04,56,21,8a,81,8e,29,\ 0c,5d,09,ae,dc,ee,f2,52,c9,1c,7e,52,d0,6c,36,31,15,b9,fd,ae,2b,97,58,7d,ab,\ 79,f4,15,6a,e2,27,e3,a1,c2,9e,16,e5,5c,94,88,5b,eb,a6,47,a9,74,49,52,dd,2c,\ 9a,f7,10,f0,e7,69,a9,a3,27,2f,72,6d,7e,09,c8,31,c8,84,bf,19,7a,0d,5b,2a,3a,\ 7c,a1,98,ab,56,bd,27,60,99,54,76,97,74,c7,4c,79,f4,2a,a6,01,cd,a1,74,df,86,\ 4e,10,66,2f,fc,11,5f,bd,fa,9d,4e,f1,29,b7,2b,65,a8,8d,71,a0,fc,ea,8c,2a,03,\ 50,84,cb,cb,49,8f,89,5b,82,ce,d3,dc,f2,02,ac,8e,ed,54,67,87,76,53,19,0b,5a,\ 78,c1,32,d2,30,e3,7f,6d,d7,57,6e,d9,f1,27,f6,7c,e9,66,c6,6e,33,75,d3,9b,42,\ 04,0c,ab,8f,8c,79,f9,af,73,6a,a8,b4,4f,e2,14,7d,04,c0,b7,82,87,17,10,03,9b,\ 85,b3,ca,b2,cf,5f,1b,dc,5f,cb,a4,8d,38,14,00,00,00,94,29,75,cc,7a,a9,7f,ab,\ 2a,97,3c,cf,eb,f1,ac,f3,04,e7,2a,cc [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\InprocServer32] @="C:\\WINDOWS\\system32\\sgmpsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\InprocServer32] @="C:\\WINDOWS\\system32\\fedrclnr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\InprocServer32] @="C:\\WINDOWS\\system32\\mjiavi32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\InprocServer32] @="C:\\WINDOWS\\system32\\sbobject.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\InprocServer32] @="C:\\WINDOWS\\system32\\kqdno1.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\InprocServer32] @="C:\\WINDOWS\\system32\\wtbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\InprocServer32] @="C:\\WINDOWS\\system32\\wrbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\InprocServer32] @="C:\\WINDOWS\\system32\\dawave.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\InprocServer32] @="C:\\WINDOWS\\system32\\dRtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\InprocServer32] @="C:\\WINDOWS\\system32\\wuploc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\InprocServer32] @="C:\\WINDOWS\\system32\\mwltus40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\InprocServer32] @="C:\\WINDOWS\\system32\\ndlanui2.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\InprocServer32] @="C:\\WINDOWS\\system32\\iWsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\InprocServer32] @="C:\\WINDOWS\\system32\\dxuiext.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\InprocServer32] @="C:\\WINDOWS\\system32\\iehlpapi.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\InprocServer32] @="C:\\WINDOWS\\system32\\mbcbase.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\InprocServer32] @="C:\\WINDOWS\\system32\\ofbc16gt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\InprocServer32] @="C:\\WINDOWS\\system32\\vqpodbc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\InprocServer32] @="C:\\WINDOWS\\system32\\idgutil.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\InprocServer32] @="C:\\WINDOWS\\system32\\xusp3res.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\InprocServer32] @="C:\\WINDOWS\\system32\\CnEKPolicy.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\InprocServer32] @="C:\\WINDOWS\\system32\\mTpistub.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\InprocServer32] @="C:\\WINDOWS\\system32\\cclbact.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\InprocServer32] @="C:\\WINDOWS\\system32\\pnchdprf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\InprocServer32] @="C:\\WINDOWS\\system32\\mmvcp50.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\InprocServer32] @="C:\\WINDOWS\\system32\\mgieftp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\InprocServer32] @="C:\\WINDOWS\\system32\\sulwid.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\InprocServer32] @="C:\\WINDOWS\\system32\\rfpcfgex.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\InprocServer32] @="C:\\WINDOWS\\system32\\mqxml2r.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\InprocServer32] @="C:\\WINDOWS\\system32\\cxfgnt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\InprocServer32] @="C:\\WINDOWS\\system32\\eftmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\InprocServer32] @="C:\\WINDOWS\\system32\\mqimg32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\InprocServer32] @="C:\\WINDOWS\\system32\\wahatm.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\InprocServer32] @="C:\\WINDOWS\\system32\\atcups.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\InprocServer32] @="C:\\WINDOWS\\system32\\aeferror.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}] @="" [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}\InprocServer32] @="C:\\WINDOWS\\system32\\wtnscard.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}] @="" [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}\InprocServer32] @="C:\\WINDOWS\\system32\\bddispl.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}] @="" [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}\InprocServer32] @="C:\\WINDOWS\\system32\\uxrlbva.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}] @="" [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}\InprocServer32] @="C:\\WINDOWS\\system32\\nO6qlej51ho.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}] @="" [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}\InprocServer32] @="C:\\WINDOWS\\system32\\mvjetoledb40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}] @="" [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{8EB98C67-E8C2-4FD7-8A72-29A443156D13}"=- "{B3B7B150-63F0-4B89-8C86-4D38DC40B800}"=- "{E66B587A-F7BE-42A0-89A6-249FE7248407}"=- "{35B4B170-4DA9-4ED0-9143-04E2496EA8EF}"=- "{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}"=- "{F4B17A29-77D0-41B2-91A8-F434B3F8D377}"=- "{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}"=- "{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}"=- "{2CE994E2-0334-4BE5-A6E4-775C3126E855}"=- "{11246354-781C-4C9D-A154-10803096B595}"=- "{F4ADD824-A055-4D20-98F3-9BF93BC98D86}"=- "{7429B6CA-19C0-4828-8249-885014EB6117}"=- "{AB052CC8-5F2A-4586-B343-276A1D62A029}"=- "{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}"=- "{D758471C-6444-4902-A309-20FBB34C6C29}"=- "{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}"=- "{B869B8A3-5487-4E66-BD55-2D4F82113E55}"=- "{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}"=- "{CABB448D-B3C3-40B3-8999-755E27D87526}"=- "{41BB1CEC-2C98-4C72-A435-D8C992231B0F}"=- "{AE554076-DC24-4DDF-8B33-EE8E40C5CD03}"=- "{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}"=- "{F2E75A9B-1CA6-43EA-B4B8-0EBC6C6C2F26}"=- "{8459987B-63AE-4EA7-940E-193E489BA8F0}"=- "{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}"=- "{E2F871BE-FC98-4A13-943B-9DED24511C59}"=- "{CE470917-6FC4-4089-BB89-6F0F3E67A197}"=- "{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}"=- "{7540EACD-2FD7-43E8-8B44-000073CCFB4B}"=- "{B52B295F-82AE-4490-AB4A-8E6AF5127556}"=- "{A32C087E-C42B-49F5-AAF5-740A2E8D314C}"=- "{472FC619-B096-49AF-ABDB-A090A35C41E3}"=- "{E58A79C8-1CB4-4A66-AADC-48C974D055E9}"=- "{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}"=- "{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}"=- "{446FB161-9D0A-45B3-923E-CE22184567E5}"=- "{15CC146B-EB35-4EFE-BC48-87257475C0AA}"=- "{200D56CC-88C9-4B91-B821-7D81D5480D1B}"=- "{E36D2EA3-A23E-4D06-A20F-472E8936CD17}"=- "{ACCD9FC6-F15A-4A63-8061-741401CA8156}"=- "{93ED735D-AC33-4CF2-AB89-11158A95E3A2}"=- "{A003E524-B123-4627-8267-5EFDFF2BD8F2}"=- "{67DEAD28-5920-4619-996F-2137F889ACB7}"=- "{4A969817-8060-431F-B52D-B0ADA7FA80FA}"=- "{5961D0EF-8FFA-414A-8B2D-28541654442D}"=- "{20600B15-C513-4275-B934-F303AE95303A}"=- "{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}"=- "{A303887A-3C9B-438C-83F5-0242029EB692}"=- "{60F86104-1781-4226-B88F-317ED3FDA8E7}"=- "{4846088B-CDF2-492C-A205-07FC4675DA1A}"=- "{AF02C913-4F87-48C3-9844-05455AFE12A3}"=- [-HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}] [-HKEY_CLASSES_ROOT\CLSID\{B3B7B150-63F0-4B89-8C86-4D38DC40B800}] [-HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}] [-HKEY_CLASSES_ROOT\CLSID\{35B4B170-4DA9-4ED0-9143-04E2496EA8EF}] [-HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}] [-HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}] [-HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}] [-HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}] [-HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}] [-HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}] [-HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}] [-HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}] [-HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}] [-HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}] [-HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}] [-HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}] [-HKEY_CLASSES_ROOT\CLSID\{B869B8A3-5487-4E66-BD55-2D4F82113E55}] [-HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}] [-HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}] [-HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}] [-HKEY_CLASSES_ROOT\CLSID\{AE554076-DC24-4DDF-8B33-EE8E40C5CD03}] [-HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}] [-HKEY_CLASSES_ROOT\CLSID\{F2E75A9B-1CA6-43EA-B4B8-0EBC6C6C2F26}] [-HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}] [-HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}] [-HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}] [-HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}] [-HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}] [-HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}] [-HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}] [-HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}] [-HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}] [-HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}] [-HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}] [-HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}] [-HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}] [-HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}] [-HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}] [-HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}] [-HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}] [-HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}] [-HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}] [-HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}] [-HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}] [-HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}] [-HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}] [-HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}] [-HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}] [-HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}] [-HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}] [-HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "SV1"="" **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: zip warning: name not matched: dlls\*.* zip error: Nothing to do! (backup.zip) adding: backregs/11246354-781C-4C9D-A154-10803096B595.reg (188 bytes security) (deflated 70%) adding: backregs/15CC146B-EB35-4EFE-BC48-87257475C0AA.reg (188 bytes security) (deflated 70%) adding: backregs/200D56CC-88C9-4B91-B821-7D81D5480D1B.reg (188 bytes security) (deflated 70%) adding: backregs/20600B15-C513-4275-B934-F303AE95303A.reg (188 bytes security) (deflated 70%) adding: backregs/289C6D1D-7E13-4C02-BCB8-FECEB004D33A.reg (188 bytes security) (deflated 70%) adding: backregs/2ADBA32B-0262-4B79-B7EE-4D2B0099578B.reg (188 bytes security) (deflated 69%) adding: backregs/2CE994E2-0334-4BE5-A6E4-775C3126E855.reg (188 bytes security) (deflated 70%) adding: backregs/2ECADAEA-88CA-4443-BD2C-5B943575A1EC.reg (188 bytes security) (deflated 70%) adding: backregs/3C2C0A7F-8E09-48D1-928C-DCFE65C1B527.reg (188 bytes security) (deflated 70%) adding: backregs/41BB1CEC-2C98-4C72-A435-D8C992231B0F.reg (188 bytes security) (deflated 70%) adding: backregs/446FB161-9D0A-45B3-923E-CE22184567E5.reg (188 bytes security) (deflated 70%) adding: backregs/472FC619-B096-49AF-ABDB-A090A35C41E3.reg (188 bytes security) (deflated 69%) adding: backregs/4846088B-CDF2-492C-A205-07FC4675DA1A.reg (188 bytes security) (deflated 70%) adding: backregs/4A969817-8060-431F-B52D-B0ADA7FA80FA.reg (188 bytes security) (deflated 69%) adding: backregs/5961D0EF-8FFA-414A-8B2D-28541654442D.reg (188 bytes security) (deflated 69%) adding: backregs/5F16AE66-0DBF-48C4-9C29-6073C411BD0E.reg (188 bytes security) (deflated 70%) adding: backregs/5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0.reg (188 bytes security) (deflated 70%) adding: backregs/60F86104-1781-4226-B88F-317ED3FDA8E7.reg (188 bytes security) (deflated 70%) adding: backregs/67DEAD28-5920-4619-996F-2137F889ACB7.reg (188 bytes security) (deflated 70%) adding: backregs/7429B6CA-19C0-4828-8249-885014EB6117.reg (188 bytes security) (deflated 70%) adding: backregs/7540EACD-2FD7-43E8-8B44-000073CCFB4B.reg (188 bytes security) (deflated 70%) adding: backregs/8459987B-63AE-4EA7-940E-193E489BA8F0.reg (188 bytes security) (deflated 70%) adding: backregs/8691BCF2-5CE9-4C38-9F75-E0C44E9AE272.reg (188 bytes security) (deflated 70%) adding: backregs/8EB98C67-E8C2-4FD7-8A72-29A443156D13.reg (188 bytes security) (deflated 69%) adding: backregs/93ED735D-AC33-4CF2-AB89-11158A95E3A2.reg (188 bytes security) (deflated 70%) adding: backregs/A003E524-B123-4627-8267-5EFDFF2BD8F2.reg (188 bytes security) (deflated 70%) adding: backregs/A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C.reg (188 bytes security) (deflated 70%) adding: backregs/A303887A-3C9B-438C-83F5-0242029EB692.reg (188 bytes security) (deflated 70%) adding: backregs/A32C087E-C42B-49F5-AAF5-740A2E8D314C.reg (188 bytes security) (deflated 70%) adding: backregs/AB052CC8-5F2A-4586-B343-276A1D62A029.reg (188 bytes security) (deflated 70%) adding: backregs/ACCD9FC6-F15A-4A63-8061-741401CA8156.reg (188 bytes security) (deflated 70%) adding: backregs/AF02C913-4F87-48C3-9844-05455AFE12A3.reg (188 bytes security) (deflated 70%) adding: backregs/B52B295F-82AE-4490-AB4A-8E6AF5127556.reg (188 bytes security) (deflated 70%) adding: backregs/C05A972E-5277-4C47-9BD2-405D3C2FD1A4.reg (188 bytes security) (deflated 70%) adding: backregs/CABB448D-B3C3-40B3-8999-755E27D87526.reg (188 bytes security) (deflated 70%) adding: backregs/CC87F4BA-7E7B-480F-B53C-DA4F8212C40D.reg (188 bytes security) (deflated 70%) adding: backregs/CE470917-6FC4-4089-BB89-6F0F3E67A197.reg (188 bytes security) (deflated 70%) adding: backregs/D758471C-6444-4902-A309-20FBB34C6C29.reg (188 bytes security) (deflated 70%) adding: backregs/DBE7166E-3EFE-4BCB-BC65-194D37C29A63.reg (188 bytes security) (deflated 70%) adding: backregs/DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA.reg (188 bytes security) (deflated 69%) adding: backregs/E2F871BE-FC98-4A13-943B-9DED24511C59.reg (188 bytes security) (deflated 70%) adding: backregs/E36D2EA3-A23E-4D06-A20F-472E8936CD17.reg (188 bytes security) (deflated 70%) adding: backregs/E58A79C8-1CB4-4A66-AADC-48C974D055E9.reg (188 bytes security) (deflated 70%) adding: backregs/E66B587A-F7BE-42A0-89A6-249FE7248407.reg (188 bytes security) (deflated 70%) adding: backregs/F4ADD824-A055-4D20-98F3-9BF93BC98D86.reg (188 bytes security) (deflated 70%) adding: backregs/F4B17A29-77D0-41B2-91A8-F434B3F8D377.reg (188 bytes security) (deflated 70%) adding: backregs/notibac.reg (164 bytes security) (deflated 79%) adding: backregs/shell.reg (164 bytes security) (deflated 73%) bon ça a marcher au complet! désolé, j'ai eu un peu de misere