catch1

Bonjour, PC récent. Windows 7. Instllation ZHP 2,49. Semble OK Au démarrage ZHP : avertissement :Network initialization failed. Permission denied. File :C:\PDOXUSRS.NET Directory:C:\. Impossible de faire fonctionner ZHP. Merci de votre aide.

Bonjour Thanos, Merci pour tes judicieux conseils que je vais m'efforcer d'appliquer. Encore merci. A une autre fois peut-être! Catch

Bonjour Thanos, Merci pour ta réponse. Je n'ai pas eu la patience d'attendre. Effectivement, je pense que l'antivirus était endommagé, mais la console aussi : il était impossible de réinstaller Windows sur lui-même, ni par la console, ni par SFC. Finalement, j'ai résolu le problème en sauvegardant au maximum les données auxquelles je tenais et j'ai reformaté le disque dur grâce aux DVD de réinstallation que j'avais gravés lors de la première mise en service. Le PC est maintenant propre comme un sou neuf! Il ne me reste plus qu'à tout réinstaller. Merci encore pour ta réponse qui confirme ce que je pensais. On peut considérer que le problème est résolu!

Bonjour, Windows XP SP3 Antivir Suite à mise en route, démarrage normal Au premier clic, l'explorateur Windows se ferme et l'écran se vide : il ne reste que le papier peint. Antivir Guard reste fermé. Pas de restauration possible. Essai de réinstallation Windows : message : stop : c000021a Fatal System Error Windows Logon 0xc0000034 (0x00000000 0x00000000) : shut down. Fonctionnement possible en mode sans échec. Merci de bien vouloir m'aider. Ci-dessous rapport HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:53, on 04/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Desktop | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing France R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing France R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! Search Marketing France R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search Marketing France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Yahoo! Search Marketing France R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: btorbit.com - Disabled:{000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O2 - BHO: (no name) - Disabled:{0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - (no file) O2 - BHO: (no name) - Disabled:{02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - Disabled:{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [wifi] "C:/Program Files/wifi.com/wifi.exe" -i O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM') O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Startup: setup_9.0.0.722_04.09.2010_20-18.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing) (HKCU) O15 - Trusted Zone: Secuser.com - Sécurité informatique et protection de la vie privée O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/newconf/aurigma5.8.1.0/ImageUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Service Google Update (gupdate1cb018daa32d56) (gupdate1cb018daa32d56) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Microsoft Automated Troubleshooting Service (MatSvc) - Unknown owner - C:\Program Files\Microsoft Fix it Center\Matsvc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 9300 bytes

Bonjour, Réédition message 1 Problème résolu : Bonjour à tous, Etant tout nouveau sur le forum et relativement peu doué en informatique, je viens appeler toutes les bonnes volontés à l'aide. Merci d'avance. Mon PC (Windows XP) est infecté par plusieurs trojans : Downloader.Agent.APQC, SHeur2.WNC, SpamTool.CHC, et Win32/Heur et Win32/Krap et BackGeneric10.ACET ainsi que BacDoor.Generic_c.CLN. Il rame lamentablement et réagit de façon bizarre. Explorer et Internet Explorer 7 se ferment d'une manière anarchique. Mon antivirus est AVG 8.5. J'ai essayé plusieurs moyens de désinfection : HiJackThis, Malwarebytes, CleanUp etc. Finalement, j'ai dû faire une fausse manip et j'ai été obligé de réinstaller Windows. Mais les Malwares sont toujours là. Ils sont dans les fichiers suivants : C:\Windows\system32\drivers\restore.sys C:\Windows\system32\drivers\ndis.sys C:\Windows\system32\drivers\reader_s.exe C:\Windows\services.exe C:\Documents and Settings\HP_Proriétaire\reader_s.exe. Ce serait sympa si quelqu'un avait une solution. Merci encore pour toute aide et bonne soirée à tous. Et Encore 100 fois merci à Pear

Si ça n'a pas marché , consulte le Thread SOS infection dans le même forum. Avec Pear on y est arrivé : au départ infection : Virut.56

Tu as tout à fait raison. On a tenté le coup pour le sport! Le risque était de formater tout de suite ou de formater plus tard. Nous étions au bord du découragement! Il nous a quand même fallu une semaine pouir y arriver. Le forum Sécurité, sous forum: éradication de malware. Bonne soirée

Voir le thread : SOS infection traité par Pear et Catch1. Le PC de Catch1 est Clean. La méthode utilisée par Catch1 est dans le dernier message. Sans contact avec Pear (week-end pascal), elle n'est pas encore homologuée, mais pour moi, elle a fonctionné! L'inconvénient est qu'elle est très longue. Kaspersky = 9 heures pour moi. Je crois comme Pear qu'on peut se dispenser de BitDefender en ligne (très long aussi). Pear ne sera pas opérationnel avant mardi. Si tu décides de la pratiquer, tiens moi au courant, j'essaierai de t'aider dans la mesure de mes faibes moyens Catch1 ~~ édité par ipl_001 pour donner le lien vers la discussion SOS Infection.

Bonjour, Apparemment le problème d'éradication de Virut est résolu ( en ce qui me concerne). Voici la méthode que j'ai suivie avec l'aide de Pear : Réinstallation non destructive de Windows à partir d'une copie saine(sur D). Ne pas installer les mises à jour Windows. Dès qu'on met en oeuvre un fichier.exe, Virut se multiplie. Afficher les fichiers cachés et les dossiers Système. Procéder ensuite dans les règles de l'art indiquées par Pear dans les messages précédents : Télécharger DrWeb CureIt. L'exécuter en mode sans échec, enregistrer le rapport sur le bureau et redémarrer. Télécharger ComboFix, appliquer méthode Pear, enregistrer le rapport sur le bureau et redémarrer. Si rapport satisfaisant : Tools Cleaner. Redémarrer. Télécharger Kaspersky, méthode Pear, en mode sans échec. Enregistrer le rapport sur le bureau et l'étudier. S'il existe des fichiers non importants, non traités par Kaspersky, les éliminer manuellement. Vider la poubelle.Chez moi, c'était un dossier C: Progam Files/Aviva qui contenait Virut.CE et un dossier Thun Mail, je ne sais plus où. Les autres Virut étaient en System Volume Information : Je les ai mis en quarantaine. Redémarrer. Par sécurité, j'ai passé l'antivirus en ligne BitDéfender, sans grande utilité : il a quand même encore nettoyé quelques bricoles. Redémarrer. Passer CC Cleaner (méthode Pear) : tout nettoyer, y compris les erreurs de la base de registre. Télécharger Antivir, mise à jour. Mettre en place le Bouclier résidant et lancer immédiatement le contrôle antivirus. Eliminer ou mettre en quarantaine tous les fichiers suspects ou encore infectés. Redémarrer. Recontrôler avec Antivir. Si contrôle satisfaisant : Installer une ou deux applications : pour moi, réinstallation de l'imprimante et du Pack Office. Contrôler à nouveau avec AntiVir. Si contrôle satisfaisant : 0 virus trouvé; On peut commencer à réinstaller les autre applications, les pilotes de Windows d'origine, les applications livrées d'origine avec le PC. Ne pas oublier de recontrôler de temps en temps avec Antivir. Enfin, on peut réinstaller les mises à jour Windows. Note : Pendant toutes ces manoeuvres, il est important de ne rien toucher d'autre : Virut se propageant dans les fichiers .exe. Merci infiniment à Pear de son aide sans laquelle je ne m'en serais jamais sorti . S'il voulait bien contrôler cette procédure et la valider, elle pourrait peut-être servir à d'autres utilisateurs qui ont subi ou subissent encore les mêmes désagréments que moi. En ce qui me concerne, le PC a retrouvé une seconde jeunesse et n'a plus trace de virus. Merci encore Pear et à la prochaine fois, dans des conditions moins embêtantes, j'espère Salutations Catch1

Youpiiie...! apparemment , c'est bon. Voici le dernier scan Antivir après réinstallation de l'imprimante et du Pack Office : Avira AntiVir Personal Date de création du fichier de rapport : vendredi 10 avril 2009 12:29 La recherche porte sur 1346250 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 2) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :NOM-EB85C523610 Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 18:52:33 ANTIVIR2.VDF : 7.1.3.0 1330176 Bytes 01/04/2009 18:52:36 ANTIVIR3.VDF : 7.1.3.40 158720 Bytes 09/04/2009 18:52:36 Version du moteur: 8.2.0.138 AEVDF.DLL : 8.1.1.0 106868 Bytes 09/04/2009 18:52:43 AESCRIPT.DLL : 8.1.1.73 373114 Bytes 09/04/2009 18:52:42 AESCN.DLL : 8.1.1.10 127348 Bytes 09/04/2009 18:52:42 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:38 AEPACK.DLL : 8.1.3.12 397687 Bytes 09/04/2009 18:52:41 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 09/04/2009 18:52:40 AEHEUR.DLL : 8.1.0.114 1700214 Bytes 09/04/2009 18:52:40 AEHELP.DLL : 8.1.2.2 119158 Bytes 09/04/2009 18:52:38 AEGEN.DLL : 8.1.1.33 340340 Bytes 09/04/2009 18:52:38 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:56 AECORE.DLL : 8.1.6.7 176502 Bytes 09/04/2009 18:52:37 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:27:58 AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 11:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Sélection de fichiers intelligente Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : vendredi 10 avril 2009 12:29 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'spamihilator.exe' - '1' module(s) sont contrôlés Processus de recherche 'qttask.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'KBD.exe' - '1' module(s) sont contrôlés Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpsysdrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'atiptaxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'AGRSMMSG.exe' - '1' module(s) sont contrôlés Processus de recherche 'hphmon06.exe' - '1' module(s) sont contrôlés Processus de recherche 'ALCXMNTR.EXE' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPZipm12.exe' - '1' module(s) sont contrôlés Processus de recherche 'AluSchedulerSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'CDAC11BA.EXE' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '38' processus ont été contrôlés avec '38' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '73' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <HP_PAVILION> C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}(2)\RP38\A0003871.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}(2)\RP38\A0003872.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}(2)\RP38\A0004381.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\Utilitaires\Nero.7.Premium.v7.5.9.0.FR.Incl-Serial.rar [0] Type d'archive: RAR --> Nero7.Premium.v7.5.9.0_Francais.exe [1] Type d'archive: RAR SFX (self extracting) --> Cab\4D801849.cab [2] Type d'archive: CAB (Microsoft) --> NeroSearchAdvanced3C3D1DE3.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\85F58EAC.cab [2] Type d'archive: CAB (Microsoft) --> InCDshxD3515FC4.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\A75C16D6.cab [2] Type d'archive: CAB (Microsoft) --> MMCA56CDF51.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero50DEFBE1.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\B1EFF3E9.cab [2] Type d'archive: CAB (Microsoft) --> NMDataServicesFA9ABD74.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMFirstStart4C0FBCE6.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\C1447997.cab [2] Type d'archive: CAB (Microsoft) --> NMBCInterfacePSAE565723.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMBCWriterDC0FE966.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\D6C89E66.cab [2] Type d'archive: CAB (Microsoft) --> KARAOKE3DE180FF.DLL [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero920D0564.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DC682368.cab [2] Type d'archive: CAB (Microsoft) --> DXEnumD7927B84.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> VSTBridge02A75A4C.dll [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DD3AACFD.cab [2] Type d'archive: CAB (Microsoft) --> gaa87623F1A.bin [AVERTISSEMENT] Impossible d'écrire le fichier ! --> incd1252685369A4.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. C:\Utilitaires\Nero.7.Premium.v7.5.9.0.FR.Incl-Serial\Nero7.Premium.v7.5.9.0_Francais.exe [0] Type d'archive: RAR SFX (self extracting) --> Cab\4D801849.cab [1] Type d'archive: CAB (Microsoft) --> NeroSearchAdvanced3C3D1DE3.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\85F58EAC.cab [1] Type d'archive: CAB (Microsoft) --> InCDshxD3515FC4.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\A75C16D6.cab [1] Type d'archive: CAB (Microsoft) --> MMCA56CDF51.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero50DEFBE1.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\B1EFF3E9.cab [1] Type d'archive: CAB (Microsoft) --> NMDataServicesFA9ABD74.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMFirstStart4C0FBCE6.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\C1447997.cab [1] Type d'archive: CAB (Microsoft) --> NMBCInterfacePSAE565723.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMBCWriterDC0FE966.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\D6C89E66.cab [1] Type d'archive: CAB (Microsoft) --> KARAOKE3DE180FF.DLL [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero920D0564.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DC682368.cab [1] Type d'archive: CAB (Microsoft) --> DXEnumD7927B84.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> VSTBridge02A75A4C.dll [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DD3AACFD.cab [1] Type d'archive: CAB (Microsoft) --> gaa87623F1A.bin [AVERTISSEMENT] Impossible d'écrire le fichier ! --> incd1252685369A4.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. Recherche débutant dans 'D:\' <HP_RECOVERY> Fin de la recherche : vendredi 10 avril 2009 13:52 Temps nécessaire: 1:23:45 Heure(s) La recherche a été effectuée intégralement 12860 Les répertoires ont été contrôlés 761548 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 4 Impossible de contrôler des fichiers 761544 Fichiers non infectés 21359 Les archives ont été contrôlées 36 Avertissements 0 Consignes Et le PC a retrouvé sa jeunesse! Merci pour tous vos conseils. A bientôt.

Bonjour, En fait ai pratiqué, comme au début : DrWeb, Combofix. Les rapports semblant satisfaisants,désinstallation des deux. Ensuite Kaspersky a trouvé plein de choses. Désinfection, suppression ou quarantaine. Suppression manuelle d'un fichier infecté contenant Virut signalé par Kaspersky. CC Cleaner. BitDefender a trouvé et traité quelques bricoles. Ai téléchargé Antivir, mis à jour et scan déclenché : troucé quelques bricolet et aussi Virut. Ai remarqué que Virut n'est plus que dans les fichiers System Volume Information\restore. Les ai tous mis en quarantaine. Second passage d'Antivir, Il retrouve quelques bricoles (cheval de Troie TR/Crypt.XPACK.Gen). Quarantaine. Voici le Log : Avira AntiVir Personal Date de création du fichier de rapport : vendredi 10 avril 2009 07:44 La recherche porte sur 1346250 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 2) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :NOM-EB85C523610 Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 18:52:33 ANTIVIR2.VDF : 7.1.3.0 1330176 Bytes 01/04/2009 18:52:36 ANTIVIR3.VDF : 7.1.3.40 158720 Bytes 09/04/2009 18:52:36 Version du moteur: 8.2.0.138 AEVDF.DLL : 8.1.1.0 106868 Bytes 09/04/2009 18:52:43 AESCRIPT.DLL : 8.1.1.73 373114 Bytes 09/04/2009 18:52:42 AESCN.DLL : 8.1.1.10 127348 Bytes 09/04/2009 18:52:42 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:38 AEPACK.DLL : 8.1.3.12 397687 Bytes 09/04/2009 18:52:41 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 09/04/2009 18:52:40 AEHEUR.DLL : 8.1.0.114 1700214 Bytes 09/04/2009 18:52:40 AEHELP.DLL : 8.1.2.2 119158 Bytes 09/04/2009 18:52:38 AEGEN.DLL : 8.1.1.33 340340 Bytes 09/04/2009 18:52:38 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:56 AECORE.DLL : 8.1.6.7 176502 Bytes 09/04/2009 18:52:37 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:27:58 AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 11:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Sélection de fichiers intelligente Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : vendredi 10 avril 2009 07:44 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPZipm12.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés Processus de recherche 'AluSchedulerSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'KBD.exe' - '1' module(s) sont contrôlés Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpsysdrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'atiptaxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'AGRSMMSG.exe' - '1' module(s) sont contrôlés Processus de recherche 'hphmon06.exe' - '1' module(s) sont contrôlés Processus de recherche 'ALCXMNTR.EXE' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '35' processus ont été contrôlés avec '35' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. Secteur d'amorçage maître HD5 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD6 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD7 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '71' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <HP_PAVILION> C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004778.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee797.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004779.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee79b.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004780.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee79e.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004781.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7a0.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004782.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7a3.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004783.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7a5.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004784.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7a8.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004785.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7aa.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004786.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7ac.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004787.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7ae.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP21\A0004788.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0ee7b0.qua' ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}(2)\RP38\A0003871.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}(2)\RP38\A0003872.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}(2)\RP38\A0004381.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\Utilitaires\Nero.7.Premium.v7.5.9.0.FR.Incl-Serial.rar [0] Type d'archive: RAR --> Nero7.Premium.v7.5.9.0_Francais.exe [1] Type d'archive: RAR SFX (self extracting) --> Cab\4D801849.cab [2] Type d'archive: CAB (Microsoft) --> NeroSearchAdvanced3C3D1DE3.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\85F58EAC.cab [2] Type d'archive: CAB (Microsoft) --> InCDshxD3515FC4.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\A75C16D6.cab [2] Type d'archive: CAB (Microsoft) --> MMCA56CDF51.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero50DEFBE1.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\B1EFF3E9.cab [2] Type d'archive: CAB (Microsoft) --> NMDataServicesFA9ABD74.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMFirstStart4C0FBCE6.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\C1447997.cab [2] Type d'archive: CAB (Microsoft) --> NMBCInterfacePSAE565723.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMBCWriterDC0FE966.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\D6C89E66.cab [2] Type d'archive: CAB (Microsoft) --> KARAOKE3DE180FF.DLL [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero920D0564.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DC682368.cab [2] Type d'archive: CAB (Microsoft) --> DXEnumD7927B84.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> VSTBridge02A75A4C.dll [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DD3AACFD.cab [2] Type d'archive: CAB (Microsoft) --> gaa87623F1A.bin [AVERTISSEMENT] Impossible d'écrire le fichier ! --> incd1252685369A4.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. C:\Utilitaires\Nero.7.Premium.v7.5.9.0.FR.Incl-Serial\Nero7.Premium.v7.5.9.0_Francais.exe [0] Type d'archive: RAR SFX (self extracting) --> Cab\4D801849.cab [1] Type d'archive: CAB (Microsoft) --> NeroSearchAdvanced3C3D1DE3.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\85F58EAC.cab [1] Type d'archive: CAB (Microsoft) --> InCDshxD3515FC4.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> Cab\A75C16D6.cab [1] Type d'archive: CAB (Microsoft) --> MMCA56CDF51.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero50DEFBE1.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\B1EFF3E9.cab [1] Type d'archive: CAB (Microsoft) --> NMDataServicesFA9ABD74.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMFirstStart4C0FBCE6.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\C1447997.cab [1] Type d'archive: CAB (Microsoft) --> NMBCInterfacePSAE565723.dll [AVERTISSEMENT] Impossible d'écrire le fichier ! --> NMBCWriterDC0FE966.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\D6C89E66.cab [1] Type d'archive: CAB (Microsoft) --> KARAOKE3DE180FF.DLL [AVERTISSEMENT] Impossible d'écrire le fichier ! --> nero920D0564.exe [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DC682368.cab [1] Type d'archive: CAB (Microsoft) --> DXEnumD7927B84.exe [AVERTISSEMENT] Impossible d'écrire le fichier ! --> VSTBridge02A75A4C.dll [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. --> Cab\DD3AACFD.cab [1] Type d'archive: CAB (Microsoft) --> gaa87623F1A.bin [AVERTISSEMENT] Impossible d'écrire le fichier ! --> incd1252685369A4.txt [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée. Recherche débutant dans 'D:\' <HP_RECOVERY> Fin de la recherche : vendredi 10 avril 2009 09:07 Temps nécessaire: 1:22:56 Heure(s) La recherche a été effectuée intégralement 12754 Les répertoires ont été contrôlés 759349 Des fichiers ont été contrôlés 11 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 11 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 4 Impossible de contrôler des fichiers 759334 Fichiers non infectés 21457 Les archives ont été contrôlées 36 Avertissements 11 Consignes Grâce à vous, il semblerait que tout soit clean. Merci encore pour vos conseils. On peut rêver! Je vous tiendrai au courant de la suite.

Bonsoir Pear, 9heures de scan pour Kaspersky. Les nouvelles sont à la fois bonnes et mauvaises. J'avais commis l'erreur de telecharger les mises à jour Windows et de les installer. Il restait un Virut, il s'est multiplié. Kaspersly a je crois réglé le problème. En tout cas, j'ai beaucoup appris en votre compagnie et je vous en remercie mille fois. Je vous tiendrai au courant de mes futures péripéties. J'imagine une procédure pour éliminer Virut : Nettoyer le PC le mieux possible, réinstaller Windows à partir d'une copie saine, DRWeb, Combofix, Kaspersky, peut-être un scan en ligne BitDefender, tools cleaner. Si tout OK, installer un programme antivirus, Antivir ou Avast. CC cleaner, nettoyer au maximum. re-test Kaspersky. Si ok réinstaller les pilotes et les applications d'origine(elles peuvent avoir été modifiées) et mettre à jour Windows. Et enfin réinstaller les autres programmes. Tout ça dans les règles de l'art, évidemment. Qu'en pensez vous? Voici le scan Kaspersky : Scan ---- Scanned: 1691585 Detected: 288 Untreated: 0 Start time: 09/04/2009 11:21:51 Duration: 08:39:12 Finish time: 09/04/2009 20:01:03 Detected -------- Status Object ------ ------ deleted: Trojan program Trojan-Dropper.Win32.Small.sc File: C:\JEUX\Jeux\primary.exe//doc\5knoikz.exe deleted: Trojan program Trojan-Downloader.Win32.IstBar.er File: C:\JEUX\Jeux\primary.exe//doc\istinstall_153191.exe//UPX deleted: adware not-a-virus:AdWare.Win32.NavExcel.d File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/NHInstall.exe deleted: adware not-a-virus:AdWare.Win32.NavExcel.b File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHelper.dll deleted: adware not-a-virus:AdWare.Win32.NavExcel File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUninstaller.exe deleted: adware not-a-virus:AdWare.Win32.NavExcel.b File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUpdater.exe disinfected: virus Virus.Win32.Virut.ce File: C:\Program Files\Avira\AntiVir Desktop\fact.exe deleted: Trojan program Trojan.Win32.Agent2.hhw File: C:\Program Files\ThunMail\testabd.dll deleted: new threat not-a-virus:FraudTool.Win32.SpywareVanish.a File: C:\Utilitaires\SpywareVanisher.exe//FreeScanner.exe disinfected: virus Virus.Win32.Virut.ce File: C:\Utilitaires\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Crack\AshampooWinOptimizerPlatinumSuitev330_Crack.exe disinfected: virus Virus.Win32.Virut.ce File: C:\Utilitaires\CryptLoad_1.1.6\CryptLoad_1.1.6\tools\unrar64.exe disinfected: virus Virus.Win32.Virut.ce File: C:\Video\rsdl133\Plugins\gocr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\Video\VirtualDubMOD\VirtualDubMod.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\NuNInst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\UNNMP.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ahui.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\alg.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\at.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\attrib.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\author.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cacls.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cmd.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\conf.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\conime.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\cscript.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\defrag.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dialer.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\diantz.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\explorer.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\findstr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fontview.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ftp.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\help.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\hh.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\imapi.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\locator.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\logman.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\logon.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\logonui.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\lsass.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\magnify.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\makecab.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\migload.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mmc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\msimn.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\narrator.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\nddeapir.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\net.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\net1.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\netdde.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\netsh.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\netstat.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\notepad.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\osk.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\packager.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\pinball.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ping.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\progman.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\proquota.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rcp.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\reg.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\regedit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rexec.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rsh.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\runonce.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\savedump.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\services.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sethc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\setup50.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\shtml.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\skeys.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\snmp.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sort.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\spider.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\stimon.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\svchost.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\telnet.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\tracert.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\ups.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\userinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\utilman.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wab.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wextract.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\winver.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wscript.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtServicePackUninstall$\xpnetdiag.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB886185$\spuninst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB886185$\update.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB888302$\spuninst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB888302$\update.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB893756$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB896358$\hh.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB896423$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB896424$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB896428$\telnet.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB898458$\orun32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB899587$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB899591$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB900725$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB901017$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB902400$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB902400$\migregdb.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB905414$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB905749$\arpidfix.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB905915$\iedw.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB912812$\iedw.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB916281$\iedw.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB918899$\iedw.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB920213_0$\agentsvr.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB922760$\iedw.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB923723$\orun32.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB925720$\magnify.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB925720$\narrator.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB925720$\osk.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB925720$\utilman.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB938828$\explorer.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe.000 disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe.000 disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB933566-IE7\ie4uinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB933566-IE7\ieudinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe disinfected: virus Virus.Win32.Virut.ce File: C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\oobebaln.exe Events ------ Time Name Status Reason ---- ---- ------ ------ 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ABetterInternetAurora.zip/sbRecovery.reg password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ABetterInternetAurora.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc.zip/hp_propriÚtaire@atdmt[2].txt password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc1.zip/hp_propriÚtaire@atdmt[2].txt password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc1.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula.zip/SDVita.dll password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula1.zip/patterns.dat password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula1.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula10.zip/sbRecovery.reg password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula10.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula11.zip/sbRecovery.reg password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula11.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula2.zip/SDVita.exe password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula2.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula3.zip/PECarlin.exe password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula3.zip/sbRecovery.ini password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula4.zip/sbRecovery.reg password protected 09/04/2009 11:37:39 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula4.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula5.zip/Uninstall.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula5.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula6.zip/Uninstall.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula6.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula7.zip/sbRecovery.reg password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula7.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula8.zip/sbRecovery.reg password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula8.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula9.zip/sbRecovery.reg password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula9.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace1.zip/pq_debug.tmp password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace1.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace2.zip/sbRecovery.reg password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace2.zip/sbRecovery.ini password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/ARPPRODUCTICON.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut1.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut10.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut2.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut3.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut4.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut5.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut6.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut7.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut8.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut9.exe password protected 09/04/2009 11:37:40 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/AddRemove.exe password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Ini/update.ref password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/arabic.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Chinese.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Dutch.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/English.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Franþais.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Franþais1.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/German.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Italiano.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Italiano1.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Japanese.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Korean.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/portuguÛs.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Slovenian.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Spanish.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Swedish.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Turkish.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/LiveUpdate.exe password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/arabic.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Dutch.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/English.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Franþais.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/German.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Italiano.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Italiano1.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/portuguÛs.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Slovenian.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Spanish.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Swedish.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Turkish.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/PopUpWatch.exe password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/scr56en-Win98-me-nt4.exe password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/scripten-WIN2000.exe password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Spyware.exe password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/SpyWatch.exe password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/zlib.dll password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Live Update.lnk password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Popup Watch.lnk password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Spy Add-Remove.lnk password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Spy Watch.lnk password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Spyware Adware Remover and Scanner.lnk password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover3.zip/sbRecovery.reg password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover3.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick.zip/hp_propriÚtaire@doubleclick[1].txt password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus.zip/sbRecovery.reg password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus1.zip/sbRecovery.reg password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus1.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads.zip/sbRecovery.reg password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads1.zip/dap.gif password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads1.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads10.zip/sbRecovery.reg password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads10.zip/sbRecovery.ini password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads11.zip/sbRecovery.reg password protected 09/04/2009 11:37:41 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads11.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads12.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads12.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads13.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads13.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads14.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads14.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads15.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads15.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads16.zip/dap.gif password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads16.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads17.zip/dap.gif password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads17.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads2.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads2.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads3.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads3.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads4.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads4.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads5.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads5.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads6.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads6.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads7.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads7.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads8.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads8.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads9.zip/dap.gif password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads9.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit5.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit5.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit6.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit6.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit7.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit7.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit8.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit8.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit9.zip/sbRecovery.reg password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit9.zip/sbRecovery.ini password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip/cfin password protected 09/04/2009 11:37:42 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip/cfout.txt password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy.zip/optimize.exe password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt1.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt2.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt2.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt3.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt3.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt4.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt4.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt5.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt5.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt6.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt6.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt7.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt7.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt8.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt8.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick.zip/hp_propriÚtaire@media.fastclick[1].txt password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick1.zip/hp_propriÚtaire@fastclick[2].txt password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip/NDNuninstall6_38.exe password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet1.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet2.zip/newdotnet7_22.dll password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet2.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet3.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet3.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet4.zip/newdotnet7_22.dll password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet4.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware1.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap1.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap2.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap2.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap3.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap3.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudCToolbar.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudCToolbar.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpyHunter.zip/SpyHunter/support.log password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpyHunter.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpySheriff.zip/Uninstall.exe password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpySheriff.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore.zip/UCMTSAIE.dll password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/How To Uninstall.lnk password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/UCmore - The Search Accelerator.lnk password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/UCmore Tour.lnk password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore10.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore10.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore11.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore11.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore12.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore12.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore13.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore13.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore14.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore14.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore15.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore15.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/IUCmore.dll password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/logo.ico password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/toolbar.cfg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/UNWISE.EXE password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore3.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore4.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore4.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore5.zip/UCMTSAIE.dll password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore5.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore6.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore6.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/How To Uninstall.lnk password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/UCmore - The Search Accelerator.lnk password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/UCmore Tour.lnk password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/INSTALL.LOG password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/IUCmore.dll password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/logo.ico password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/toolbar.cfg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/UNWISE.EXE password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore9.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore9.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia1.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow1.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow1.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow10.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow10.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow2.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow2.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow3.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow3.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow4.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow4.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow5.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow5.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow6.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow6.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow7.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow7.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow8.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow8.zip/sbRecovery.ini password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow9.zip/sbRecovery.reg password protected 09/04/2009 11:37:43 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow9.zip/sbRecovery.ini password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSearchDesktoptoolbar.zip/sbRecovery.reg password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSearchDesktoptoolbar.zip/sbRecovery.ini password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsMediaPlayer.zip/sbRecovery.reg password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsMediaPlayer.zip/sbRecovery.ini password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.reg password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.ini password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.reg password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.ini password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor.zip/sbRecovery.reg password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor.zip/sbRecovery.ini password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor1.zip/sbRecovery.reg password protected 09/04/2009 11:37:44 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor1.zip/sbRecovery.ini password protected 09/04/2009 11:42:39 File: C:\Download\cmsgr-win32-147c-21-jan-2007-16-07-cet.rar password protected 09/04/2009 11:42:39 File: C:\Download\cmsgr-win32-147c-21-jan-2007-16-07-cet.rar password protected 09/04/2009 11:53:45 File: C:\JEUX\Jeux\primary.exe//doc\5knoikz.exe detected Trojan program 'Trojan-Dropper.Win32.Small.sc' 09/04/2009 11:53:46 File: C:\JEUX\Jeux\primary.exe//doc\5knoikz.exe not disinfected postponed 09/04/2009 11:53:47 File: C:\JEUX\Jeux\primary.exe//doc\istinstall_153191.exe//UPX detected Trojan program 'Trojan-Downloader.Win32.IstBar.er' 09/04/2009 11:53:47 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/NHInstall.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel.d' 09/04/2009 11:53:47 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHelper.dll detected adware 'not-a-virus:AdWare.Win32.NavExcel.b' 09/04/2009 11:53:47 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUninstaller.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel' 09/04/2009 11:53:47 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUpdater.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel.b' 09/04/2009 12:22:02 File: C:\My Music\Repar\Password Recovery Tools and Guide\rar password recovery with crack.rar/rar-password-recovery.exe//data0008/example.txt password protected 09/04/2009 12:22:10 File: C:\My Music\Repar\RAR Password Recovery\example.rar/example.txt password protected 09/04/2009 12:30:40 File: C:\Program Files\Avira\AntiVir Desktop\fact.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 12:30:40 File: C:\Program Files\Avira\AntiVir Desktop\fact.exe not disinfected postponed 09/04/2009 13:23:10 File: C:\Program Files\ThunMail\testabd.dll detected Trojan program 'Trojan.Win32.Agent2.hhw' 09/04/2009 13:23:11 File: C:\Program Files\ThunMail\testabd.dll not disinfected postponed 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/Ad-Aware SE Default.skn password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/arrow1.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/arrow2.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bck1.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt11.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt12.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt13.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt21.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt22.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt23.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt31.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt32.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt33.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt41.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt42.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt43.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt51.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt52.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt53.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt61.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt62.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox1.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox2.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox3.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox4.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/defbtn1.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/defbtn2.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/defbtn3.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph1.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph2.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph3.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph4.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph5.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph6.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph7.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/main.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/preview.bmp password protected 09/04/2009 13:29:00 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/sprite1.bmp password protected 09/04/2009 13:32:31 File: C:\Utilitaires\cleaner41.exe//data0004/cleaner4.dbf password protected 09/04/2009 13:32:31 File: C:\Utilitaires\cleaner41.exe//data0004/cleaner4.dbt password protected 09/04/2009 14:00:45 File: C:\Utilitaires\setupcnetppeval.exe//WISE0035.BIN/PestInfo password protected 09/04/2009 14:00:46 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/strings01.txt password protected 09/04/2009 14:00:46 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/strings02.txt password protected 09/04/2009 14:00:46 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo2.txt password protected 09/04/2009 14:00:46 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo4.txt password protected 09/04/2009 14:00:46 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo5.txt password protected 09/04/2009 14:00:46 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo6.txt password protected 09/04/2009 14:00:46 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo10.txt password protected 09/04/2009 14:01:52 File: C:\Utilitaires\SpywareVanisher.exe//FreeScanner.exe detected new threat 'not-a-virus:FraudTool.Win32.SpywareVanish.a' 09/04/2009 14:01:53 File: C:\Utilitaires\SpywareVanisher.exe//FreeScanner.exe not disinfected postponed 09/04/2009 14:01:53 File: C:\Utilitaires\SpywareVanisher.exe//Master.enc/Master.dat password protected 09/04/2009 14:04:43 File: C:\Utilitaires\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Crack\AshampooWinOptimizerPlatinumSuitev330_Crack.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:04:43 File: C:\Utilitaires\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Crack\AshampooWinOptimizerPlatinumSuitev330_Crack.exe not disinfected postponed 09/04/2009 14:05:03 File: C:\Utilitaires\CryptLoad_1.1.6\CryptLoad_1.1.6\tools\unrar64.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:05:03 File: C:\Utilitaires\CryptLoad_1.1.6\CryptLoad_1.1.6\tools\unrar64.exe not disinfected postponed 09/04/2009 14:14:58 File: C:\Video\rsdl133\Plugins\gocr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:14:59 File: C:\Video\rsdl133\Plugins\gocr.exe not disinfected postponed 09/04/2009 14:15:12 File: C:\Video\VirtualDubMOD\VirtualDubMod.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:15:13 File: C:\Video\VirtualDubMOD\VirtualDubMod.exe not disinfected postponed 09/04/2009 14:15:25 File: C:\WINDOWS\NuNInst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:15:25 File: C:\WINDOWS\NuNInst.exe not disinfected postponed 09/04/2009 14:15:30 File: C:\WINDOWS\UNNMP.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:15:30 File: C:\WINDOWS\UNNMP.exe not disinfected postponed 09/04/2009 14:19:18 File: C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:18 File: C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe not disinfected postponed 09/04/2009 14:19:37 File: C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:37 File: C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe not disinfected postponed 09/04/2009 14:19:37 File: C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:37 File: C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe not disinfected postponed 09/04/2009 14:19:38 File: C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:38 File: C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe not disinfected postponed 09/04/2009 14:19:40 File: C:\WINDOWS\$NtServicePackUninstall$\ahui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:40 File: C:\WINDOWS\$NtServicePackUninstall$\ahui.exe not disinfected postponed 09/04/2009 14:19:40 File: C:\WINDOWS\$NtServicePackUninstall$\alg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:40 File: C:\WINDOWS\$NtServicePackUninstall$\alg.exe not disinfected postponed 09/04/2009 14:19:52 File: C:\WINDOWS\$NtServicePackUninstall$\at.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:52 File: C:\WINDOWS\$NtServicePackUninstall$\at.exe not disinfected postponed 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe not disinfected postponed 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\attrib.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\attrib.exe not disinfected postponed 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe not disinfected postponed 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\author.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:53 File: C:\WINDOWS\$NtServicePackUninstall$\author.exe not disinfected postponed 09/04/2009 14:19:54 File: C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:54 File: C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe not disinfected postponed 09/04/2009 14:19:54 File: C:\WINDOWS\$NtServicePackUninstall$\cacls.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:54 File: C:\WINDOWS\$NtServicePackUninstall$\cacls.exe not disinfected postponed 09/04/2009 14:19:55 File: C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:55 File: C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe not disinfected postponed 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe not disinfected postponed 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe not disinfected postponed 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe not disinfected postponed 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe not disinfected postponed 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe not disinfected postponed 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cmd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cmd.exe not disinfected postponed 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:56 File: C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe not disinfected postponed 09/04/2009 14:19:57 File: C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:57 File: C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe not disinfected postponed 09/04/2009 14:19:57 File: C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:57 File: C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe not disinfected postponed 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe not disinfected postponed 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe not disinfected postponed 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\conf.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\conf.exe not disinfected postponed 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\conime.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:58 File: C:\WINDOWS\$NtServicePackUninstall$\conime.exe not disinfected postponed 09/04/2009 14:19:59 File: C:\WINDOWS\$NtServicePackUninstall$\cscript.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:59 File: C:\WINDOWS\$NtServicePackUninstall$\cscript.exe not disinfected postponed 09/04/2009 14:19:59 File: C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:19:59 File: C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe not disinfected postponed 09/04/2009 14:20:00 File: C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:00 File: C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe not disinfected postponed 09/04/2009 14:20:00 File: C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:00 File: C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe not disinfected postponed 09/04/2009 14:20:01 File: C:\WINDOWS\$NtServicePackUninstall$\defrag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:01 File: C:\WINDOWS\$NtServicePackUninstall$\defrag.exe not disinfected postponed 09/04/2009 14:20:01 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:01 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe not disinfected postponed 09/04/2009 14:20:01 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:01 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe not disinfected postponed 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\dialer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\dialer.exe not disinfected postponed 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\diantz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\diantz.exe not disinfected postponed 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe not disinfected postponed 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe not disinfected postponed 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:02 File: C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe not disinfected postponed 09/04/2009 14:20:03 File: C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:03 File: C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe not disinfected postponed 09/04/2009 14:20:04 File: C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:04 File: C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe not disinfected postponed 09/04/2009 14:20:04 File: C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:04 File: C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe not disinfected postponed 09/04/2009 14:20:04 File: C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:04 File: C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe not disinfected postponed 09/04/2009 14:20:05 File: C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:05 File: C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe not disinfected postponed 09/04/2009 14:20:05 File: C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:05 File: C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe not disinfected postponed 09/04/2009 14:20:05 File: C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:05 File: C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe not disinfected postponed 09/04/2009 14:20:06 File: C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:06 File: C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe not disinfected postponed 09/04/2009 14:20:07 File: C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:07 File: C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe not disinfected postponed 09/04/2009 14:20:07 File: C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:07 File: C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe not disinfected postponed 09/04/2009 14:20:07 File: C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:07 File: C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe not disinfected postponed 09/04/2009 14:20:08 File: C:\WINDOWS\$NtServicePackUninstall$\explorer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:08 File: C:\WINDOWS\$NtServicePackUninstall$\explorer.exe not disinfected postponed 09/04/2009 14:20:08 File: C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:08 File: C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe not disinfected postponed 09/04/2009 14:20:08 File: C:\WINDOWS\$NtServicePackUninstall$\findstr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:08 File: C:\WINDOWS\$NtServicePackUninstall$\findstr.exe not disinfected postponed 09/04/2009 14:20:09 File: C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:09 File: C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe not disinfected postponed 09/04/2009 14:20:09 File: C:\WINDOWS\$NtServicePackUninstall$\fontview.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:09 File: C:\WINDOWS\$NtServicePackUninstall$\fontview.exe not disinfected postponed 09/04/2009 14:20:09 File: C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:09 File: C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe not disinfected postponed 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe not disinfected postponed 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe not disinfected postponed 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe not disinfected postponed 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe not disinfected postponed 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:10 File: C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe not disinfected postponed 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe not disinfected postponed 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\ftp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\ftp.exe not disinfected postponed 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe not disinfected postponed 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe not disinfected postponed 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:11 File: C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe not disinfected postponed 09/04/2009 14:20:12 File: C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:12 File: C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe not disinfected postponed 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\help.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\help.exe not disinfected postponed 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe not disinfected postponed 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe not disinfected postponed 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\hh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:13 File: C:\WINDOWS\$NtServicePackUninstall$\hh.exe not disinfected postponed 09/04/2009 14:20:15 File: C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:15 File: C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe not disinfected postponed 09/04/2009 14:20:15 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:15 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe not disinfected postponed 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe not disinfected postponed 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe not disinfected postponed 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe not disinfected postponed 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\imapi.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:16 File: C:\WINDOWS\$NtServicePackUninstall$\imapi.exe not disinfected postponed 09/04/2009 14:20:17 File: C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:17 File: C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe not disinfected postponed 09/04/2009 14:20:18 File: C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:18 File: C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe not disinfected postponed 09/04/2009 14:20:18 File: C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:18 File: C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe not disinfected postponed 09/04/2009 14:20:18 File: C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:18 File: C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe not disinfected postponed 09/04/2009 14:20:22 File: C:\WINDOWS\$NtServicePackUninstall$\locator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:22 File: C:\WINDOWS\$NtServicePackUninstall$\locator.exe not disinfected postponed 09/04/2009 14:20:22 File: C:\WINDOWS\$NtServicePackUninstall$\logman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:22 File: C:\WINDOWS\$NtServicePackUninstall$\logman.exe not disinfected postponed 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\logon.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\logon.scr not disinfected postponed 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\logonui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\logonui.exe not disinfected postponed 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\lsass.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\lsass.exe not disinfected postponed 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\magnify.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:23 File: C:\WINDOWS\$NtServicePackUninstall$\magnify.exe not disinfected postponed 09/04/2009 14:20:24 File: C:\WINDOWS\$NtServicePackUninstall$\makecab.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:24 File: C:\WINDOWS\$NtServicePackUninstall$\makecab.exe not disinfected postponed 09/04/2009 14:20:25 File: C:\WINDOWS\$NtServicePackUninstall$\migload.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:25 File: C:\WINDOWS\$NtServicePackUninstall$\migload.exe not disinfected postponed 09/04/2009 14:20:25 File: C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:25 File: C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe not disinfected postponed 09/04/2009 14:20:25 File: C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:25 File: C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe not disinfected postponed 09/04/2009 14:20:26 File: C:\WINDOWS\$NtServicePackUninstall$\mmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:26 File: C:\WINDOWS\$NtServicePackUninstall$\mmc.exe not disinfected postponed 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe not disinfected postponed 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe not disinfected postponed 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe not disinfected postponed 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:27 File: C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe not disinfected postponed 09/04/2009 14:20:28 File: C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:28 File: C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe not disinfected postponed 09/04/2009 14:20:28 File: C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:28 File: C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe not disinfected postponed 09/04/2009 14:20:30 File: C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:30 File: C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe not disinfected postponed 09/04/2009 14:20:31 File: C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:31 File: C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe not disinfected postponed 09/04/2009 14:20:33 File: C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:33 File: C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe not disinfected postponed 09/04/2009 14:20:33 File: C:\WINDOWS\$NtServicePackUninstall$\msimn.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:33 File: C:\WINDOWS\$NtServicePackUninstall$\msimn.exe not disinfected postponed 09/04/2009 14:20:33 File: C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:33 File: C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe not disinfected postponed 09/04/2009 14:20:34 File: C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:34 File: C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe not disinfected postponed 09/04/2009 14:20:35 File: C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:35 File: C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe not disinfected postponed 09/04/2009 14:20:35 File: C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:35 File: C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe not disinfected postponed 09/04/2009 14:20:36 File: C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:36 File: C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe not disinfected postponed 09/04/2009 14:20:37 File: C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:37 File: C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe not disinfected postponed 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\narrator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\narrator.exe not disinfected postponed 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\nddeapir.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\nddeapir.exe not disinfected postponed 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\net.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\net.exe not disinfected postponed 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\net1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:39 File: C:\WINDOWS\$NtServicePackUninstall$\net1.exe not disinfected postponed 09/04/2009 14:20:40 File: C:\WINDOWS\$NtServicePackUninstall$\netdde.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:40 File: C:\WINDOWS\$NtServicePackUninstall$\netdde.exe not disinfected postponed 09/04/2009 14:20:40 File: C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:40 File: C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe not disinfected postponed 09/04/2009 14:20:40 File: C:\WINDOWS\$NtServicePackUninstall$\netsh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:40 File: C:\WINDOWS\$NtServicePackUninstall$\netsh.exe not disinfected postponed 09/04/2009 14:20:41 File: C:\WINDOWS\$NtServicePackUninstall$\netstat.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:41 File: C:\WINDOWS\$NtServicePackUninstall$\netstat.exe not disinfected postponed 09/04/2009 14:20:41 File: C:\WINDOWS\$NtServicePackUninstall$\notepad.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:41 File: C:\WINDOWS\$NtServicePackUninstall$\notepad.exe not disinfected postponed 09/04/2009 14:20:42 File: C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:42 File: C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe not disinfected postponed 09/04/2009 14:20:42 File: C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:42 File: C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe not disinfected postponed 09/04/2009 14:20:44 File: C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:44 File: C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe not disinfected postponed 09/04/2009 14:20:45 File: C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:45 File: C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe not disinfected postponed 09/04/2009 14:20:45 File: C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:45 File: C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe not disinfected postponed 09/04/2009 14:20:45 File: C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:45 File: C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe not disinfected postponed 09/04/2009 14:20:46 File: C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:46 File: C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe not disinfected postponed 09/04/2009 14:20:47 File: C:\WINDOWS\$NtServicePackUninstall$\osk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:47 File: C:\WINDOWS\$NtServicePackUninstall$\osk.exe not disinfected postponed 09/04/2009 14:20:56 File: C:\WINDOWS\$NtServicePackUninstall$\packager.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:56 File: C:\WINDOWS\$NtServicePackUninstall$\packager.exe not disinfected postponed 09/04/2009 14:20:57 File: C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:57 File: C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe not disinfected postponed 09/04/2009 14:20:57 File: C:\WINDOWS\$NtServicePackUninstall$\pinball.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:57 File: C:\WINDOWS\$NtServicePackUninstall$\pinball.exe not disinfected postponed 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\ping.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\ping.exe not disinfected postponed 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe not disinfected postponed 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\progman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\progman.exe not disinfected postponed 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\proquota.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\proquota.exe not disinfected postponed 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:58 File: C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe not disinfected postponed 09/04/2009 14:20:59 File: C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:20:59 File: C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe not disinfected postponed 09/04/2009 14:21:00 File: C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:00 File: C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe not disinfected postponed 09/04/2009 14:21:01 File: C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:01 File: C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe not disinfected postponed 09/04/2009 14:21:01 File: C:\WINDOWS\$NtServicePackUninstall$\rcp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:01 File: C:\WINDOWS\$NtServicePackUninstall$\rcp.exe not disinfected postponed 09/04/2009 14:21:01 File: C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:01 File: C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe not disinfected postponed 09/04/2009 14:21:02 File: C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:02 File: C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe not disinfected postponed 09/04/2009 14:21:02 File: C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:02 File: C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe not disinfected postponed 09/04/2009 14:21:02 File: C:\WINDOWS\$NtServicePackUninstall$\reg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:02 File: C:\WINDOWS\$NtServicePackUninstall$\reg.exe not disinfected postponed 09/04/2009 14:21:15 File: C:\WINDOWS\$NtServicePackUninstall$\regedit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:15 File: C:\WINDOWS\$NtServicePackUninstall$\regedit.exe not disinfected postponed 09/04/2009 14:21:16 File: C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:16 File: C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe not disinfected postponed 09/04/2009 14:21:16 File: C:\WINDOWS\$NtServicePackUninstall$\rexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:16 File: C:\WINDOWS\$NtServicePackUninstall$\rexec.exe not disinfected postponed 09/04/2009 14:21:16 File: C:\WINDOWS\$NtServicePackUninstall$\rsh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:16 File: C:\WINDOWS\$NtServicePackUninstall$\rsh.exe not disinfected postponed 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe not disinfected postponed 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe not disinfected postponed 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe not disinfected postponed 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\runonce.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\runonce.exe not disinfected postponed 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\savedump.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:17 File: C:\WINDOWS\$NtServicePackUninstall$\savedump.exe not disinfected postponed 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe not disinfected postponed 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe not disinfected postponed 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr not disinfected postponed 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:18 File: C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe not disinfected postponed 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\services.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\services.exe not disinfected postponed 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe not disinfected postponed 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\sethc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\sethc.exe not disinfected postponed 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\setup50.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:19 File: C:\WINDOWS\$NtServicePackUninstall$\setup50.exe not disinfected postponed 09/04/2009 14:21:21 File: C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:21 File: C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe not disinfected postponed 09/04/2009 14:21:21 File: C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:21 File: C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe not disinfected postponed 09/04/2009 14:21:21 File: C:\WINDOWS\$NtServicePackUninstall$\shtml.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:21 File: C:\WINDOWS\$NtServicePackUninstall$\shtml.exe not disinfected postponed 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe not disinfected postponed 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe not disinfected postponed 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\skeys.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\skeys.exe not disinfected postponed 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe not disinfected postponed 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe not disinfected postponed 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe not disinfected postponed 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:22 File: C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe not disinfected postponed 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\snmp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\snmp.exe not disinfected postponed 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe not disinfected postponed 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\sort.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\sort.exe not disinfected postponed 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\spider.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:23 File: C:\WINDOWS\$NtServicePackUninstall$\spider.exe not disinfected postponed 09/04/2009 14:21:24 File: C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:24 File: C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe not disinfected postponed 09/04/2009 14:21:24 File: C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:24 File: C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe not disinfected postponed 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr not disinfected postponed 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr not disinfected postponed 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr not disinfected postponed 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:25 File: C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr not disinfected postponed 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr not disinfected postponed 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr not disinfected postponed 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr not disinfected postponed 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr not disinfected postponed 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr not disinfected postponed 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\stimon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:26 File: C:\WINDOWS\$NtServicePackUninstall$\stimon.exe not disinfected postponed 09/04/2009 14:21:27 File: C:\WINDOWS\$NtServicePackUninstall$\svchost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:27 File: C:\WINDOWS\$NtServicePackUninstall$\svchost.exe not disinfected postponed 09/04/2009 14:21:27 File: C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:27 File: C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe not disinfected postponed 09/04/2009 14:21:28 File: C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:28 File: C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe not disinfected postponed 09/04/2009 14:21:28 File: C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:28 File: C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe not disinfected postponed 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\telnet.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\telnet.exe not disinfected postponed 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe not disinfected postponed 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe not disinfected postponed 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\tracert.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:29 File: C:\WINDOWS\$NtServicePackUninstall$\tracert.exe not disinfected postponed 09/04/2009 14:21:31 File: C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:31 File: C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe not disinfected postponed 09/04/2009 14:21:31 File: C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:31 File: C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe not disinfected postponed 09/04/2009 14:21:31 File: C:\WINDOWS\$NtServicePackUninstall$\ups.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:31 File: C:\WINDOWS\$NtServicePackUninstall$\ups.exe not disinfected postponed 09/04/2009 14:21:32 File: C:\WINDOWS\$NtServicePackUninstall$\userinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:32 File: C:\WINDOWS\$NtServicePackUninstall$\userinit.exe not disinfected postponed 09/04/2009 14:21:32 File: C:\WINDOWS\$NtServicePackUninstall$\utilman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:32 File: C:\WINDOWS\$NtServicePackUninstall$\utilman.exe not disinfected postponed 09/04/2009 14:21:33 File: C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:33 File: C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe not disinfected postponed 09/04/2009 14:21:33 File: C:\WINDOWS\$NtServicePackUninstall$\wab.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:33 File: C:\WINDOWS\$NtServicePackUninstall$\wab.exe not disinfected postponed 09/04/2009 14:21:33 File: C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:33 File: C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe not disinfected postponed 09/04/2009 14:21:34 File: C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:34 File: C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe not disinfected postponed 09/04/2009 14:21:34 File: C:\WINDOWS\$NtServicePackUninstall$\wextract.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:34 File: C:\WINDOWS\$NtServicePackUninstall$\wextract.exe not disinfected postponed 09/04/2009 14:21:34 File: C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:34 File: C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe not disinfected postponed 09/04/2009 14:21:35 File: C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:35 File: C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe not disinfected postponed 09/04/2009 14:21:35 File: C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:35 File: C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe not disinfected postponed 09/04/2009 14:21:36 File: C:\WINDOWS\$NtServicePackUninstall$\winver.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:36 File: C:\WINDOWS\$NtServicePackUninstall$\winver.exe not disinfected postponed 09/04/2009 14:21:36 File: C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:36 File: C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe not disinfected postponed 09/04/2009 14:21:36 File: C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:36 File: C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe not disinfected postponed 09/04/2009 14:21:37 File: C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:37 File: C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe not disinfected postponed 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe not disinfected postponed 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe not disinfected postponed 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe not disinfected postponed 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe not disinfected postponed 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wscript.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:38 File: C:\WINDOWS\$NtServicePackUninstall$\wscript.exe not disinfected postponed 09/04/2009 14:21:39 File: C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:39 File: C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe not disinfected postponed 09/04/2009 14:21:40 File: C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:40 File: C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe not disinfected postponed 09/04/2009 14:21:40 File: C:\WINDOWS\$NtServicePackUninstall$\xpnetdiag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:40 File: C:\WINDOWS\$NtServicePackUninstall$\xpnetdiag.exe not disinfected postponed 09/04/2009 14:21:46 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:46 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst.exe not disinfected postponed 09/04/2009 14:21:46 File: C:\WINDOWS\$NtUninstallKB886185$\update.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:46 File: C:\WINDOWS\$NtUninstallKB886185$\update.exe not disinfected postponed 09/04/2009 14:21:46 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:46 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe not disinfected postponed 09/04/2009 14:21:49 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:49 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst.exe not disinfected postponed 09/04/2009 14:21:49 File: C:\WINDOWS\$NtUninstallKB888302$\update.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:49 File: C:\WINDOWS\$NtUninstallKB888302$\update.exe not disinfected postponed 09/04/2009 14:21:49 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:49 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe not disinfected postponed 09/04/2009 14:21:53 File: C:\WINDOWS\$NtUninstallKB893756$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:53 File: C:\WINDOWS\$NtUninstallKB893756$\arpidfix.exe not disinfected postponed 09/04/2009 14:21:56 File: C:\WINDOWS\$NtUninstallKB896358$\hh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:56 File: C:\WINDOWS\$NtUninstallKB896358$\hh.exe not disinfected postponed 09/04/2009 14:21:59 File: C:\WINDOWS\$NtUninstallKB896423$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:21:59 File: C:\WINDOWS\$NtUninstallKB896423$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:00 File: C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:00 File: C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe not disinfected postponed 09/04/2009 14:22:01 File: C:\WINDOWS\$NtUninstallKB896424$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:01 File: C:\WINDOWS\$NtUninstallKB896424$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:03 File: C:\WINDOWS\$NtUninstallKB896428$\telnet.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:03 File: C:\WINDOWS\$NtUninstallKB896428$\telnet.exe not disinfected postponed 09/04/2009 14:22:04 File: C:\WINDOWS\$NtUninstallKB898458$\orun32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:04 File: C:\WINDOWS\$NtUninstallKB898458$\orun32.exe not disinfected postponed 09/04/2009 14:22:06 File: C:\WINDOWS\$NtUninstallKB899587$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:06 File: C:\WINDOWS\$NtUninstallKB899587$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:07 File: C:\WINDOWS\$NtUninstallKB899591$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:07 File: C:\WINDOWS\$NtUninstallKB899591$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:09 File: C:\WINDOWS\$NtUninstallKB900725$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:09 File: C:\WINDOWS\$NtUninstallKB900725$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:11 File: C:\WINDOWS\$NtUninstallKB901017$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:11 File: C:\WINDOWS\$NtUninstallKB901017$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:14 File: C:\WINDOWS\$NtUninstallKB902400$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:14 File: C:\WINDOWS\$NtUninstallKB902400$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:14 File: C:\WINDOWS\$NtUninstallKB902400$\migregdb.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:14 File: C:\WINDOWS\$NtUninstallKB902400$\migregdb.exe not disinfected postponed 09/04/2009 14:22:19 File: C:\WINDOWS\$NtUninstallKB905414$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:19 File: C:\WINDOWS\$NtUninstallKB905414$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:20 File: C:\WINDOWS\$NtUninstallKB905749$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:20 File: C:\WINDOWS\$NtUninstallKB905749$\arpidfix.exe not disinfected postponed 09/04/2009 14:22:22 File: C:\WINDOWS\$NtUninstallKB905915$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:22 File: C:\WINDOWS\$NtUninstallKB905915$\iedw.exe not disinfected postponed 09/04/2009 14:22:32 File: C:\WINDOWS\$NtUninstallKB912812$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:32 File: C:\WINDOWS\$NtUninstallKB912812$\iedw.exe not disinfected postponed 09/04/2009 14:22:41 File: C:\WINDOWS\$NtUninstallKB916281$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:41 File: C:\WINDOWS\$NtUninstallKB916281$\iedw.exe not disinfected postponed 09/04/2009 14:22:48 File: C:\WINDOWS\$NtUninstallKB918899$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:48 File: C:\WINDOWS\$NtUninstallKB918899$\iedw.exe not disinfected postponed 09/04/2009 14:22:50 File: C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:50 File: C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe not disinfected postponed 09/04/2009 14:22:51 File: C:\WINDOWS\$NtUninstallKB920213_0$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:51 File: C:\WINDOWS\$NtUninstallKB920213_0$\agentsvr.exe not disinfected postponed 09/04/2009 14:22:57 File: C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:57 File: C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe not disinfected postponed 09/04/2009 14:22:59 File: C:\WINDOWS\$NtUninstallKB922760$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:22:59 File: C:\WINDOWS\$NtUninstallKB922760$\iedw.exe not disinfected postponed 09/04/2009 14:23:04 File: C:\WINDOWS\$NtUninstallKB923723$\orun32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:04 File: C:\WINDOWS\$NtUninstallKB923723$\orun32.exe not disinfected postponed 09/04/2009 14:23:09 File: C:\WINDOWS\$NtUninstallKB925720$\magnify.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:09 File: C:\WINDOWS\$NtUninstallKB925720$\magnify.exe not disinfected postponed 09/04/2009 14:23:09 File: C:\WINDOWS\$NtUninstallKB925720$\narrator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:09 File: C:\WINDOWS\$NtUninstallKB925720$\narrator.exe not disinfected postponed 09/04/2009 14:23:09 File: C:\WINDOWS\$NtUninstallKB925720$\osk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:09 File: C:\WINDOWS\$NtUninstallKB925720$\osk.exe not disinfected postponed 09/04/2009 14:23:10 File: C:\WINDOWS\$NtUninstallKB925720$\utilman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:10 File: C:\WINDOWS\$NtUninstallKB925720$\utilman.exe not disinfected postponed 09/04/2009 14:23:25 File: C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:25 File: C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe not disinfected postponed 09/04/2009 14:23:31 File: C:\WINDOWS\$NtUninstallKB938828$\explorer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:32 File: C:\WINDOWS\$NtUninstallKB938828$\explorer.exe not disinfected postponed 09/04/2009 14:23:33 File: C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:33 File: C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe not disinfected postponed 09/04/2009 14:23:39 File: C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:23:39 File: C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe not disinfected postponed 09/04/2009 14:24:01 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:24:01 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe not disinfected postponed 09/04/2009 14:24:01 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe.000 detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:24:01 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe.000 not disinfected postponed 09/04/2009 14:24:15 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:24:15 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe not disinfected postponed 09/04/2009 14:24:16 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe.000 detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:24:16 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe.000 not disinfected postponed 09/04/2009 14:24:29 File: C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:24:29 File: C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe not disinfected postponed 09/04/2009 14:41:55 File: C:\WINDOWS\ie7updates\KB933566-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:41:56 File: C:\WINDOWS\ie7updates\KB933566-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 14:42:01 File: C:\WINDOWS\ie7updates\KB933566-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:01 File: C:\WINDOWS\ie7updates\KB933566-IE7\ieudinit.exe not disinfected postponed 09/04/2009 14:42:01 File: C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:02 File: C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe not disinfected postponed 09/04/2009 14:42:06 File: C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:06 File: C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 14:42:07 File: C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:07 File: C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe not disinfected postponed 09/04/2009 14:42:07 File: C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:07 File: C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe not disinfected postponed 09/04/2009 14:42:10 File: C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:10 File: C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 14:42:11 File: C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:11 File: C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe not disinfected postponed 09/04/2009 14:42:11 File: C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:11 File: C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe not disinfected postponed 09/04/2009 14:42:14 File: C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:14 File: C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 14:42:15 File: C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:15 File: C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe not disinfected postponed 09/04/2009 14:42:15 File: C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:42:15 File: C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe not disinfected postponed 09/04/2009 14:53:32 File: C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\oobebaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 14:53:32 File: C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\oobebaln.exe not disinfected postponed 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ABetterInternetAurora.zip/sbRecovery.reg password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ABetterInternetAurora.zip/sbRecovery.ini password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc.zip/hp_propriÚtaire@atdmt[2].txt password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc.zip/sbRecovery.ini password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc1.zip/hp_propriÚtaire@atdmt[2].txt password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AvenueAInc1.zip/sbRecovery.ini password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula.zip/SDVita.dll password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula.zip/sbRecovery.ini password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula1.zip/patterns.dat password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula1.zip/sbRecovery.ini password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula10.zip/sbRecovery.reg password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula10.zip/sbRecovery.ini password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula11.zip/sbRecovery.reg password protected 09/04/2009 15:46:16 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula11.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula2.zip/SDVita.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula2.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula3.zip/PECarlin.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula3.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula4.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula4.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula5.zip/Uninstall.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula5.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula6.zip/Uninstall.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula6.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula7.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula7.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula8.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula8.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula9.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Axfibula9.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace1.zip/pq_debug.tmp password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace1.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace2.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BookedSpace2.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/ARPPRODUCTICON.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut1.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut10.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut2.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut3.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut4.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut5.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut6.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut7.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut8.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/NewShortcut9.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/AddRemove.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Ini/update.ref password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/arabic.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Chinese.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Dutch.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/English.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Franþais.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Franþais1.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/German.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Italiano.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Italiano1.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Japanese.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Korean.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/portuguÛs.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Slovenian.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Spanish.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Swedish.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Lang/Turkish.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/LiveUpdate.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/arabic.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Dutch.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/English.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Franþais.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/German.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Italiano.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Italiano1.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/portuguÛs.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Slovenian.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Spanish.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Swedish.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/Lang/Turkish.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/popup-watch/PopUpWatch.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/scr56en-Win98-me-nt4.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/scripten-WIN2000.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/Spyware.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/SpyWatch.exe password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/zlib.dll password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover1.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Live Update.lnk password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Popup Watch.lnk password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Spy Add-Remove.lnk password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Spy Watch.lnk password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/Spyware Adware Remover and Scanner.lnk password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover2.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover3.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BPSSpywareRemover3.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick.zip/hp_propriÚtaire@doubleclick[1].txt password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DoubleClick.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus1.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlus1.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads1.zip/dap.gif password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads1.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads10.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads10.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads11.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads11.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads12.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads12.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads13.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads13.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads14.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads14.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads15.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads15.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads16.zip/dap.gif password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads16.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads17.zip/dap.gif password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads17.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads2.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads2.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads3.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads3.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads4.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads4.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads5.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads5.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads6.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads6.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads7.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads7.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads8.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads8.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads9.zip/dap.gif password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DownloadAcceleratorPlusads9.zip/sbRecovery.ini password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.reg password protected 09/04/2009 15:46:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit5.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit5.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit6.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit6.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit7.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit7.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit8.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit8.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit9.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit9.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip/cfin password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip/cfout.txt password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DyFuCAInternetOptimizer1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy.zip/optimize.exe password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt1.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt2.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt2.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt3.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt3.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt4.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt4.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt5.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt5.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt6.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt6.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt7.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt7.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt8.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FaSSt8.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick.zip/hp_propriÚtaire@media.fastclick[1].txt password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick1.zip/hp_propriÚtaire@fastclick[2].txt password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FastClick1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Hupigon1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip/NDNuninstall6_38.exe password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet1.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet2.zip/newdotnet7_22.dll password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet2.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet3.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet3.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet4.zip/newdotnet7_22.dll password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Newnet4.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware1.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NoAdware1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap1.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap2.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap2.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap3.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\PestTrap3.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudCToolbar.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudCToolbar.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpyHunter.zip/SpyHunter/support.log password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpyHunter.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpySheriff.zip/Uninstall.exe password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SpySheriff.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore.zip/UCMTSAIE.dll password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/How To Uninstall.lnk password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/UCmore - The Search Accelerator.lnk password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/UCmore Tour.lnk password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore1.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore10.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore10.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore11.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore11.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore12.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore12.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore13.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore13.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore14.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore14.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore15.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore15.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/IUCmore.dll password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/logo.ico password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/toolbar.cfg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/UNWISE.EXE password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore2.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore3.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore4.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore4.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore5.zip/UCMTSAIE.dll password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore5.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore6.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore6.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/How To Uninstall.lnk password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/UCmore - The Search Accelerator.lnk password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/UCmore Tour.lnk password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore7.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/INSTALL.LOG password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/IUCmore.dll password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/logo.ico password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/toolbar.cfg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/UNWISE.EXE password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore8.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore9.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\UCmore9.zip/sbRecovery.ini password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia.zip/sbRecovery.reg password protected 09/04/2009 15:46:18 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia1.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia1.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow1.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow1.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow10.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow10.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow2.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow2.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow3.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow3.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow4.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow4.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow5.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow5.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow6.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow6.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow7.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow7.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow8.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow8.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow9.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSaveNow9.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSearchDesktoptoolbar.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WhenUSearchDesktoptoolbar.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsMediaPlayer.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsMediaPlayer.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterAntiVirusDisableNotify.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor.zip/sbRecovery.ini password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor1.zip/sbRecovery.reg password protected 09/04/2009 15:46:19 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobHomepageMonitor1.zip/sbRecovery.ini password protected 09/04/2009 15:51:12 File: C:\Download\cmsgr-win32-147c-21-jan-2007-16-07-cet.rar password protected 09/04/2009 15:51:12 File: C:\Download\cmsgr-win32-147c-21-jan-2007-16-07-cet.rar password protected 09/04/2009 16:02:24 File: C:\JEUX\Jeux\primary.exe//doc\5knoikz.exe detected Trojan program 'Trojan-Dropper.Win32.Small.sc' 09/04/2009 16:02:24 File: C:\JEUX\Jeux\primary.exe//doc\5knoikz.exe not disinfected postponed 09/04/2009 16:02:25 File: C:\JEUX\Jeux\primary.exe//doc\istinstall_153191.exe//UPX detected Trojan program 'Trojan-Downloader.Win32.IstBar.er' 09/04/2009 16:02:25 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/NHInstall.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel.d' 09/04/2009 16:02:25 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHelper.dll detected adware 'not-a-virus:AdWare.Win32.NavExcel.b' 09/04/2009 16:02:25 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUninstaller.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel' 09/04/2009 16:02:25 File: C:\JEUX\Jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUpdater.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel.b' 09/04/2009 16:30:26 File: C:\My Music\Repar\Password Recovery Tools and Guide\rar password recovery with crack.rar/rar-password-recovery.exe//data0008/example.txt password protected 09/04/2009 16:30:33 File: C:\My Music\Repar\RAR Password Recovery\example.rar/example.txt password protected 09/04/2009 16:38:54 File: C:\Program Files\Avira\AntiVir Desktop\fact.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 16:38:54 File: C:\Program Files\Avira\AntiVir Desktop\fact.exe not disinfected postponed 09/04/2009 17:32:21 File: C:\Program Files\ThunMail\testabd.dll detected Trojan program 'Trojan.Win32.Agent2.hhw' 09/04/2009 17:32:21 File: C:\Program Files\ThunMail\testabd.dll not disinfected postponed 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/Ad-Aware SE Default.skn password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/arrow1.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/arrow2.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bck1.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt11.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt12.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt13.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt21.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt22.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt23.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt31.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt32.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt33.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt41.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt42.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt43.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt51.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt52.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt53.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt61.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/bt62.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox1.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox2.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox3.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/checkbox4.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/defbtn1.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/defbtn2.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/defbtn3.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph1.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph2.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph3.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph4.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph5.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph6.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/glyph7.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/main.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/preview.bmp password protected 09/04/2009 17:38:12 File: C:\Utilitaires\aawsepersonal.exe//WISE0020.BIN/sprite1.bmp password protected 09/04/2009 17:41:48 File: C:\Utilitaires\cleaner41.exe//data0004/cleaner4.dbf password protected 09/04/2009 17:41:48 File: C:\Utilitaires\cleaner41.exe//data0004/cleaner4.dbt password protected 09/04/2009 18:11:24 File: C:\Utilitaires\setupcnetppeval.exe//WISE0035.BIN/PestInfo password protected 09/04/2009 18:11:26 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/strings01.txt password protected 09/04/2009 18:11:26 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/strings02.txt password protected 09/04/2009 18:11:26 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo2.txt password protected 09/04/2009 18:11:26 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo4.txt password protected 09/04/2009 18:11:26 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo5.txt password protected 09/04/2009 18:11:26 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo6.txt password protected 09/04/2009 18:11:26 File: C:\Utilitaires\setupcnetppeval.exe//WISE0036.BIN/memo10.txt password protected 09/04/2009 18:12:33 File: C:\Utilitaires\SpywareVanisher.exe//FreeScanner.exe detected new threat 'not-a-virus:FraudTool.Win32.SpywareVanish.a' 09/04/2009 18:12:33 File: C:\Utilitaires\SpywareVanisher.exe//FreeScanner.exe not disinfected postponed 09/04/2009 18:12:33 File: C:\Utilitaires\SpywareVanisher.exe//Master.enc/Master.dat password protected 09/04/2009 18:15:25 File: C:\Utilitaires\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Crack\AshampooWinOptimizerPlatinumSuitev330_Crack.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:15:25 File: C:\Utilitaires\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Ashampoo.WinOptimizer.Platinum.Suite.v3.30-TE\Crack\AshampooWinOptimizerPlatinumSuitev330_Crack.exe not disinfected postponed 09/04/2009 18:15:47 File: C:\Utilitaires\CryptLoad_1.1.6\CryptLoad_1.1.6\tools\unrar64.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:15:47 File: C:\Utilitaires\CryptLoad_1.1.6\CryptLoad_1.1.6\tools\unrar64.exe not disinfected postponed 09/04/2009 18:26:19 File: C:\Video\rsdl133\Plugins\gocr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:26:20 File: C:\Video\rsdl133\Plugins\gocr.exe not disinfected postponed 09/04/2009 18:26:33 File: C:\Video\VirtualDubMOD\VirtualDubMod.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:26:33 File: C:\Video\VirtualDubMOD\VirtualDubMod.exe not disinfected postponed 09/04/2009 18:26:45 File: C:\WINDOWS\NuNInst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:26:45 File: C:\WINDOWS\NuNInst.exe not disinfected postponed 09/04/2009 18:26:51 File: C:\WINDOWS\UNNMP.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:26:51 File: C:\WINDOWS\UNNMP.exe not disinfected postponed 09/04/2009 18:30:35 File: C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:30:35 File: C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe not disinfected postponed 09/04/2009 18:30:54 File: C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:30:54 File: C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe not disinfected postponed 09/04/2009 18:30:55 File: C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:30:55 File: C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe not disinfected postponed 09/04/2009 18:30:56 File: C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:30:56 File: C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe not disinfected postponed 09/04/2009 18:30:57 File: C:\WINDOWS\$NtServicePackUninstall$\ahui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:30:57 File: C:\WINDOWS\$NtServicePackUninstall$\ahui.exe not disinfected postponed 09/04/2009 18:30:57 File: C:\WINDOWS\$NtServicePackUninstall$\alg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:30:57 File: C:\WINDOWS\$NtServicePackUninstall$\alg.exe not disinfected postponed 09/04/2009 18:31:09 File: C:\WINDOWS\$NtServicePackUninstall$\at.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:09 File: C:\WINDOWS\$NtServicePackUninstall$\at.exe not disinfected postponed 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe not disinfected postponed 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\attrib.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\attrib.exe not disinfected postponed 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe not disinfected postponed 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\author.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:10 File: C:\WINDOWS\$NtServicePackUninstall$\author.exe not disinfected postponed 09/04/2009 18:31:11 File: C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:11 File: C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe not disinfected postponed 09/04/2009 18:31:11 File: C:\WINDOWS\$NtServicePackUninstall$\cacls.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:11 File: C:\WINDOWS\$NtServicePackUninstall$\cacls.exe not disinfected postponed 09/04/2009 18:31:12 File: C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:12 File: C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe not disinfected postponed 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe not disinfected postponed 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe not disinfected postponed 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe not disinfected postponed 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe not disinfected postponed 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe not disinfected postponed 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cmd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cmd.exe not disinfected postponed 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:13 File: C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe not disinfected postponed 09/04/2009 18:31:14 File: C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:14 File: C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe not disinfected postponed 09/04/2009 18:31:14 File: C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:14 File: C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe not disinfected postponed 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe not disinfected postponed 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe not disinfected postponed 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\conf.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\conf.exe not disinfected postponed 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\conime.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:15 File: C:\WINDOWS\$NtServicePackUninstall$\conime.exe not disinfected postponed 09/04/2009 18:31:16 File: C:\WINDOWS\$NtServicePackUninstall$\cscript.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:16 File: C:\WINDOWS\$NtServicePackUninstall$\cscript.exe not disinfected postponed 09/04/2009 18:31:16 File: C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:16 File: C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe not disinfected postponed 09/04/2009 18:31:17 File: C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:17 File: C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe not disinfected postponed 09/04/2009 18:31:17 File: C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:17 File: C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe not disinfected postponed 09/04/2009 18:31:18 File: C:\WINDOWS\$NtServicePackUninstall$\defrag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:18 File: C:\WINDOWS\$NtServicePackUninstall$\defrag.exe not disinfected postponed 09/04/2009 18:31:18 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:18 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe not disinfected postponed 09/04/2009 18:31:18 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:18 File: C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe not disinfected postponed 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\dialer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\dialer.exe not disinfected postponed 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\diantz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\diantz.exe not disinfected postponed 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe not disinfected postponed 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe not disinfected postponed 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:19 File: C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe not disinfected postponed 09/04/2009 18:31:20 File: C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:20 File: C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe not disinfected postponed 09/04/2009 18:31:20 File: C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:20 File: C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe not disinfected postponed 09/04/2009 18:31:21 File: C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:21 File: C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe not disinfected postponed 09/04/2009 18:31:21 File: C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:21 File: C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe not disinfected postponed 09/04/2009 18:31:22 File: C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:22 File: C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe not disinfected postponed 09/04/2009 18:31:22 File: C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:22 File: C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe not disinfected postponed 09/04/2009 18:31:22 File: C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:22 File: C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe not disinfected postponed 09/04/2009 18:31:23 File: C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:23 File: C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe not disinfected postponed 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe not disinfected postponed 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe not disinfected postponed 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe not disinfected postponed 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\explorer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\explorer.exe not disinfected postponed 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:24 File: C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe not disinfected postponed 09/04/2009 18:31:25 File: C:\WINDOWS\$NtServicePackUninstall$\findstr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:25 File: C:\WINDOWS\$NtServicePackUninstall$\findstr.exe not disinfected postponed 09/04/2009 18:31:25 File: C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:25 File: C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe not disinfected postponed 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fontview.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fontview.exe not disinfected postponed 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe not disinfected postponed 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fp98sadm.exe not disinfected postponed 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe not disinfected postponed 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:26 File: C:\WINDOWS\$NtServicePackUninstall$\fpadmcgi.exe not disinfected postponed 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe not disinfected postponed 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe not disinfected postponed 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe not disinfected postponed 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\ftp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\ftp.exe not disinfected postponed 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:27 File: C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe not disinfected postponed 09/04/2009 18:31:28 File: C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:28 File: C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe not disinfected postponed 09/04/2009 18:31:28 File: C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:28 File: C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe not disinfected postponed 09/04/2009 18:31:29 File: C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:29 File: C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe not disinfected postponed 09/04/2009 18:31:29 File: C:\WINDOWS\$NtServicePackUninstall$\help.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:29 File: C:\WINDOWS\$NtServicePackUninstall$\help.exe not disinfected postponed 09/04/2009 18:31:30 File: C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:30 File: C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe not disinfected postponed 09/04/2009 18:31:30 File: C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:30 File: C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe not disinfected postponed 09/04/2009 18:31:30 File: C:\WINDOWS\$NtServicePackUninstall$\hh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:30 File: C:\WINDOWS\$NtServicePackUninstall$\hh.exe not disinfected postponed 09/04/2009 18:31:31 File: C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:31 File: C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe not disinfected postponed 09/04/2009 18:31:32 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:32 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe not disinfected postponed 09/04/2009 18:31:32 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:32 File: C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe not disinfected postponed 09/04/2009 18:31:32 File: C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:32 File: C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe not disinfected postponed 09/04/2009 18:31:33 File: C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:33 File: C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe not disinfected postponed 09/04/2009 18:31:33 File: C:\WINDOWS\$NtServicePackUninstall$\imapi.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:33 File: C:\WINDOWS\$NtServicePackUninstall$\imapi.exe not disinfected postponed 09/04/2009 18:31:34 File: C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:34 File: C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe not disinfected postponed 09/04/2009 18:31:34 File: C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:34 File: C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe not disinfected postponed 09/04/2009 18:31:35 File: C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:35 File: C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe not disinfected postponed 09/04/2009 18:31:35 File: C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:35 File: C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe not disinfected postponed 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\locator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\locator.exe not disinfected postponed 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\logman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\logman.exe not disinfected postponed 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\logon.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\logon.scr not disinfected postponed 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\logonui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\logonui.exe not disinfected postponed 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\lsass.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:39 File: C:\WINDOWS\$NtServicePackUninstall$\lsass.exe not disinfected postponed 09/04/2009 18:31:40 File: C:\WINDOWS\$NtServicePackUninstall$\magnify.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:40 File: C:\WINDOWS\$NtServicePackUninstall$\magnify.exe not disinfected postponed 09/04/2009 18:31:40 File: C:\WINDOWS\$NtServicePackUninstall$\makecab.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:40 File: C:\WINDOWS\$NtServicePackUninstall$\makecab.exe not disinfected postponed 09/04/2009 18:31:41 File: C:\WINDOWS\$NtServicePackUninstall$\migload.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:41 File: C:\WINDOWS\$NtServicePackUninstall$\migload.exe not disinfected postponed 09/04/2009 18:31:41 File: C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:41 File: C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe not disinfected postponed 09/04/2009 18:31:41 File: C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:41 File: C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe not disinfected postponed 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mmc.exe not disinfected postponed 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe not disinfected postponed 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe not disinfected postponed 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:43 File: C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe not disinfected postponed 09/04/2009 18:31:44 File: C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:44 File: C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe not disinfected postponed 09/04/2009 18:31:44 File: C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:44 File: C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe not disinfected postponed 09/04/2009 18:31:44 File: C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:44 File: C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe not disinfected postponed 09/04/2009 18:31:46 File: C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:46 File: C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe not disinfected postponed 09/04/2009 18:31:47 File: C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:47 File: C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe not disinfected postponed 09/04/2009 18:31:49 File: C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:49 File: C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe not disinfected postponed 09/04/2009 18:31:49 File: C:\WINDOWS\$NtServicePackUninstall$\msimn.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:49 File: C:\WINDOWS\$NtServicePackUninstall$\msimn.exe not disinfected postponed 09/04/2009 18:31:50 File: C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:50 File: C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe not disinfected postponed 09/04/2009 18:31:51 File: C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:51 File: C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe not disinfected postponed 09/04/2009 18:31:52 File: C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:52 File: C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe not disinfected postponed 09/04/2009 18:31:52 File: C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:52 File: C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe not disinfected postponed 09/04/2009 18:31:53 File: C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:53 File: C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe not disinfected postponed 09/04/2009 18:31:53 File: C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:53 File: C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe not disinfected postponed 09/04/2009 18:31:55 File: C:\WINDOWS\$NtServicePackUninstall$\narrator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:55 File: C:\WINDOWS\$NtServicePackUninstall$\narrator.exe not disinfected postponed 09/04/2009 18:31:55 File: C:\WINDOWS\$NtServicePackUninstall$\nddeapir.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:55 File: C:\WINDOWS\$NtServicePackUninstall$\nddeapir.exe not disinfected postponed 09/04/2009 18:31:56 File: C:\WINDOWS\$NtServicePackUninstall$\net.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:56 File: C:\WINDOWS\$NtServicePackUninstall$\net.exe not disinfected postponed 09/04/2009 18:31:56 File: C:\WINDOWS\$NtServicePackUninstall$\net1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:56 File: C:\WINDOWS\$NtServicePackUninstall$\net1.exe not disinfected postponed 09/04/2009 18:31:56 File: C:\WINDOWS\$NtServicePackUninstall$\netdde.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:56 File: C:\WINDOWS\$NtServicePackUninstall$\netdde.exe not disinfected postponed 09/04/2009 18:31:57 File: C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:57 File: C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe not disinfected postponed 09/04/2009 18:31:57 File: C:\WINDOWS\$NtServicePackUninstall$\netsh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:57 File: C:\WINDOWS\$NtServicePackUninstall$\netsh.exe not disinfected postponed 09/04/2009 18:31:57 File: C:\WINDOWS\$NtServicePackUninstall$\netstat.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:57 File: C:\WINDOWS\$NtServicePackUninstall$\netstat.exe not disinfected postponed 09/04/2009 18:31:58 File: C:\WINDOWS\$NtServicePackUninstall$\notepad.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:58 File: C:\WINDOWS\$NtServicePackUninstall$\notepad.exe not disinfected postponed 09/04/2009 18:31:58 File: C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:58 File: C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe not disinfected postponed 09/04/2009 18:31:58 File: C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:31:58 File: C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe not disinfected postponed 09/04/2009 18:32:00 File: C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:00 File: C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe not disinfected postponed 09/04/2009 18:32:01 File: C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:01 File: C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe not disinfected postponed 09/04/2009 18:32:01 File: C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:01 File: C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe not disinfected postponed 09/04/2009 18:32:02 File: C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:02 File: C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe not disinfected postponed 09/04/2009 18:32:03 File: C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:03 File: C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe not disinfected postponed 09/04/2009 18:32:03 File: C:\WINDOWS\$NtServicePackUninstall$\osk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:03 File: C:\WINDOWS\$NtServicePackUninstall$\osk.exe not disinfected postponed 09/04/2009 18:32:13 File: C:\WINDOWS\$NtServicePackUninstall$\packager.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:13 File: C:\WINDOWS\$NtServicePackUninstall$\packager.exe not disinfected postponed 09/04/2009 18:32:13 File: C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:13 File: C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe not disinfected postponed 09/04/2009 18:32:14 File: C:\WINDOWS\$NtServicePackUninstall$\pinball.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:14 File: C:\WINDOWS\$NtServicePackUninstall$\pinball.exe not disinfected postponed 09/04/2009 18:32:14 File: C:\WINDOWS\$NtServicePackUninstall$\ping.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:14 File: C:\WINDOWS\$NtServicePackUninstall$\ping.exe not disinfected postponed 09/04/2009 18:32:14 File: C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:14 File: C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe not disinfected postponed 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\progman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\progman.exe not disinfected postponed 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\proquota.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\proquota.exe not disinfected postponed 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe not disinfected postponed 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:15 File: C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe not disinfected postponed 09/04/2009 18:32:16 File: C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:16 File: C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe not disinfected postponed 09/04/2009 18:32:17 File: C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:17 File: C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe not disinfected postponed 09/04/2009 18:32:17 File: C:\WINDOWS\$NtServicePackUninstall$\rcp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:17 File: C:\WINDOWS\$NtServicePackUninstall$\rcp.exe not disinfected postponed 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe not disinfected postponed 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe not disinfected postponed 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe not disinfected postponed 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\reg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:18 File: C:\WINDOWS\$NtServicePackUninstall$\reg.exe not disinfected postponed 09/04/2009 18:32:32 File: C:\WINDOWS\$NtServicePackUninstall$\regedit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:32 File: C:\WINDOWS\$NtServicePackUninstall$\regedit.exe not disinfected postponed 09/04/2009 18:32:32 File: C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:32 File: C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe not disinfected postponed 09/04/2009 18:32:32 File: C:\WINDOWS\$NtServicePackUninstall$\rexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:32 File: C:\WINDOWS\$NtServicePackUninstall$\rexec.exe not disinfected postponed 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rsh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rsh.exe not disinfected postponed 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe not disinfected postponed 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe not disinfected postponed 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe not disinfected postponed 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\runonce.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:33 File: C:\WINDOWS\$NtServicePackUninstall$\runonce.exe not disinfected postponed 09/04/2009 18:32:34 File: C:\WINDOWS\$NtServicePackUninstall$\savedump.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:34 File: C:\WINDOWS\$NtServicePackUninstall$\savedump.exe not disinfected postponed 09/04/2009 18:32:34 File: C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:34 File: C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe not disinfected postponed 09/04/2009 18:32:34 File: C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:34 File: C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe not disinfected postponed 09/04/2009 18:32:35 File: C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:35 File: C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr not disinfected postponed 09/04/2009 18:32:35 File: C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:35 File: C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe not disinfected postponed 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\services.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\services.exe not disinfected postponed 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe not disinfected postponed 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\sethc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\sethc.exe not disinfected postponed 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\setup50.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:36 File: C:\WINDOWS\$NtServicePackUninstall$\setup50.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shtml.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shtml.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\skeys.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\skeys.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe not disinfected postponed 09/04/2009 18:32:38 File: C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe not disinfected postponed 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe not disinfected postponed 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe not disinfected postponed 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\snmp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\snmp.exe not disinfected postponed 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe not disinfected postponed 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\sort.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:39 File: C:\WINDOWS\$NtServicePackUninstall$\sort.exe not disinfected postponed 09/04/2009 18:32:40 File: C:\WINDOWS\$NtServicePackUninstall$\spider.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:40 File: C:\WINDOWS\$NtServicePackUninstall$\spider.exe not disinfected postponed 09/04/2009 18:32:40 File: C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:40 File: C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe not disinfected postponed 09/04/2009 18:32:40 File: C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:40 File: C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe not disinfected postponed 09/04/2009 18:32:41 File: C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:41 File: C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr not disinfected postponed 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:42 File: C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr not disinfected postponed 09/04/2009 18:32:43 File: C:\WINDOWS\$NtServicePackUninstall$\stimon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:43 File: C:\WINDOWS\$NtServicePackUninstall$\stimon.exe not disinfected postponed 09/04/2009 18:32:43 File: C:\WINDOWS\$NtServicePackUninstall$\svchost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:43 File: C:\WINDOWS\$NtServicePackUninstall$\svchost.exe not disinfected postponed 09/04/2009 18:32:44 File: C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:44 File: C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe not disinfected postponed 09/04/2009 18:32:44 File: C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:44 File: C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe not disinfected postponed 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe not disinfected postponed 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\telnet.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\telnet.exe not disinfected postponed 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe not disinfected postponed 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe not disinfected postponed 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tracert.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:45 File: C:\WINDOWS\$NtServicePackUninstall$\tracert.exe not disinfected postponed 09/04/2009 18:32:47 File: C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:47 File: C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe not disinfected postponed 09/04/2009 18:32:47 File: C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:47 File: C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe not disinfected postponed 09/04/2009 18:32:47 File: C:\WINDOWS\$NtServicePackUninstall$\ups.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:47 File: C:\WINDOWS\$NtServicePackUninstall$\ups.exe not disinfected postponed 09/04/2009 18:32:48 File: C:\WINDOWS\$NtServicePackUninstall$\userinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:48 File: C:\WINDOWS\$NtServicePackUninstall$\userinit.exe not disinfected postponed 09/04/2009 18:32:48 File: C:\WINDOWS\$NtServicePackUninstall$\utilman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:48 File: C:\WINDOWS\$NtServicePackUninstall$\utilman.exe not disinfected postponed 09/04/2009 18:32:49 File: C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:49 File: C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe not disinfected postponed 09/04/2009 18:32:49 File: C:\WINDOWS\$NtServicePackUninstall$\wab.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:49 File: C:\WINDOWS\$NtServicePackUninstall$\wab.exe not disinfected postponed 09/04/2009 18:32:49 File: C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:49 File: C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe not disinfected postponed 09/04/2009 18:32:50 File: C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:50 File: C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe not disinfected postponed 09/04/2009 18:32:50 File: C:\WINDOWS\$NtServicePackUninstall$\wextract.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:50 File: C:\WINDOWS\$NtServicePackUninstall$\wextract.exe not disinfected postponed 09/04/2009 18:32:51 File: C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:51 File: C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe not disinfected postponed 09/04/2009 18:32:51 File: C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:51 File: C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe not disinfected postponed 09/04/2009 18:32:51 File: C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:51 File: C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe not disinfected postponed 09/04/2009 18:32:52 File: C:\WINDOWS\$NtServicePackUninstall$\winver.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:52 File: C:\WINDOWS\$NtServicePackUninstall$\winver.exe not disinfected postponed 09/04/2009 18:32:52 File: C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:52 File: C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe not disinfected postponed 09/04/2009 18:32:52 File: C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:52 File: C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe not disinfected postponed 09/04/2009 18:32:53 File: C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:53 File: C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe not disinfected postponed 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe not disinfected postponed 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe not disinfected postponed 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe not disinfected postponed 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe not disinfected postponed 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wscript.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:54 File: C:\WINDOWS\$NtServicePackUninstall$\wscript.exe not disinfected postponed 09/04/2009 18:32:55 File: C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:55 File: C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe not disinfected postponed 09/04/2009 18:32:55 File: C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:55 File: C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe not disinfected postponed 09/04/2009 18:32:56 File: C:\WINDOWS\$NtServicePackUninstall$\xpnetdiag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:32:56 File: C:\WINDOWS\$NtServicePackUninstall$\xpnetdiag.exe not disinfected postponed 09/04/2009 18:33:01 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:01 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst.exe not disinfected postponed 09/04/2009 18:33:02 File: C:\WINDOWS\$NtUninstallKB886185$\update.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:02 File: C:\WINDOWS\$NtUninstallKB886185$\update.exe not disinfected postponed 09/04/2009 18:33:02 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:02 File: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe not disinfected postponed 09/04/2009 18:33:04 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:04 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst.exe not disinfected postponed 09/04/2009 18:33:04 File: C:\WINDOWS\$NtUninstallKB888302$\update.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:04 File: C:\WINDOWS\$NtUninstallKB888302$\update.exe not disinfected postponed 09/04/2009 18:33:05 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:05 File: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe not disinfected postponed 09/04/2009 18:33:09 File: C:\WINDOWS\$NtUninstallKB893756$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:09 File: C:\WINDOWS\$NtUninstallKB893756$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:11 File: C:\WINDOWS\$NtUninstallKB896358$\hh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:11 File: C:\WINDOWS\$NtUninstallKB896358$\hh.exe not disinfected postponed 09/04/2009 18:33:14 File: C:\WINDOWS\$NtUninstallKB896423$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:14 File: C:\WINDOWS\$NtUninstallKB896423$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:15 File: C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:15 File: C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe not disinfected postponed 09/04/2009 18:33:16 File: C:\WINDOWS\$NtUninstallKB896424$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:16 File: C:\WINDOWS\$NtUninstallKB896424$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:18 File: C:\WINDOWS\$NtUninstallKB896428$\telnet.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:18 File: C:\WINDOWS\$NtUninstallKB896428$\telnet.exe not disinfected postponed 09/04/2009 18:33:19 File: C:\WINDOWS\$NtUninstallKB898458$\orun32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:19 File: C:\WINDOWS\$NtUninstallKB898458$\orun32.exe not disinfected postponed 09/04/2009 18:33:21 File: C:\WINDOWS\$NtUninstallKB899587$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:21 File: C:\WINDOWS\$NtUninstallKB899587$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:22 File: C:\WINDOWS\$NtUninstallKB899591$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:22 File: C:\WINDOWS\$NtUninstallKB899591$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:24 File: C:\WINDOWS\$NtUninstallKB900725$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:24 File: C:\WINDOWS\$NtUninstallKB900725$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:25 File: C:\WINDOWS\$NtUninstallKB901017$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:25 File: C:\WINDOWS\$NtUninstallKB901017$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:28 File: C:\WINDOWS\$NtUninstallKB902400$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:28 File: C:\WINDOWS\$NtUninstallKB902400$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:29 File: C:\WINDOWS\$NtUninstallKB902400$\migregdb.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:29 File: C:\WINDOWS\$NtUninstallKB902400$\migregdb.exe not disinfected postponed 09/04/2009 18:33:33 File: C:\WINDOWS\$NtUninstallKB905414$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:33 File: C:\WINDOWS\$NtUninstallKB905414$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:34 File: C:\WINDOWS\$NtUninstallKB905749$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:34 File: C:\WINDOWS\$NtUninstallKB905749$\arpidfix.exe not disinfected postponed 09/04/2009 18:33:36 File: C:\WINDOWS\$NtUninstallKB905915$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:36 File: C:\WINDOWS\$NtUninstallKB905915$\iedw.exe not disinfected postponed 09/04/2009 18:33:46 File: C:\WINDOWS\$NtUninstallKB912812$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:46 File: C:\WINDOWS\$NtUninstallKB912812$\iedw.exe not disinfected postponed 09/04/2009 18:33:55 File: C:\WINDOWS\$NtUninstallKB916281$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:33:55 File: C:\WINDOWS\$NtUninstallKB916281$\iedw.exe not disinfected postponed 09/04/2009 18:34:02 File: C:\WINDOWS\$NtUninstallKB918899$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:02 File: C:\WINDOWS\$NtUninstallKB918899$\iedw.exe not disinfected postponed 09/04/2009 18:34:04 File: C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:04 File: C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe not disinfected postponed 09/04/2009 18:34:05 File: C:\WINDOWS\$NtUninstallKB920213_0$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:05 File: C:\WINDOWS\$NtUninstallKB920213_0$\agentsvr.exe not disinfected postponed 09/04/2009 18:34:11 File: C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:11 File: C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe not disinfected postponed 09/04/2009 18:34:12 File: C:\WINDOWS\$NtUninstallKB922760$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:12 File: C:\WINDOWS\$NtUninstallKB922760$\iedw.exe not disinfected postponed 09/04/2009 18:34:17 File: C:\WINDOWS\$NtUninstallKB923723$\orun32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:17 File: C:\WINDOWS\$NtUninstallKB923723$\orun32.exe not disinfected postponed 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\magnify.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\magnify.exe not disinfected postponed 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\narrator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\narrator.exe not disinfected postponed 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\osk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\osk.exe not disinfected postponed 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\utilman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:23 File: C:\WINDOWS\$NtUninstallKB925720$\utilman.exe not disinfected postponed 09/04/2009 18:34:38 File: C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:38 File: C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe not disinfected postponed 09/04/2009 18:34:44 File: C:\WINDOWS\$NtUninstallKB938828$\explorer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:44 File: C:\WINDOWS\$NtUninstallKB938828$\explorer.exe not disinfected postponed 09/04/2009 18:34:46 File: C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:46 File: C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe not disinfected postponed 09/04/2009 18:34:51 File: C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:34:51 File: C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe not disinfected postponed 09/04/2009 18:35:13 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:35:13 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe not disinfected postponed 09/04/2009 18:35:13 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe.000 detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:35:13 File: C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe.000 not disinfected postponed 09/04/2009 18:35:28 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:35:28 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe not disinfected postponed 09/04/2009 18:35:28 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe.000 detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:35:28 File: C:\WINDOWS\$NtUninstallKB958215$\iedw.exe.000 not disinfected postponed 09/04/2009 18:35:41 File: C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:35:41 File: C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe not disinfected postponed 09/04/2009 18:55:43 File: C:\WINDOWS\ie7updates\KB933566-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:43 File: C:\WINDOWS\ie7updates\KB933566-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 18:55:48 File: C:\WINDOWS\ie7updates\KB933566-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:48 File: C:\WINDOWS\ie7updates\KB933566-IE7\ieudinit.exe not disinfected postponed 09/04/2009 18:55:48 File: C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:48 File: C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe not disinfected postponed 09/04/2009 18:55:53 File: C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:53 File: C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 18:55:54 File: C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:54 File: C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe not disinfected postponed 09/04/2009 18:55:54 File: C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:54 File: C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe not disinfected postponed 09/04/2009 18:55:56 File: C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:56 File: C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 18:55:57 File: C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:57 File: C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe not disinfected postponed 09/04/2009 18:55:57 File: C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:55:57 File: C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe not disinfected postponed 09/04/2009 18:56:01 File: C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:56:01 File: C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe not disinfected postponed 09/04/2009 18:56:02 File: C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:56:02 File: C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe not disinfected postponed 09/04/2009 18:56:02 File: C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 18:56:02 File: C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe not disinfected postponed 09/04/2009 19:07:10 File: C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\oobebaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:07:10 File: C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\oobebaln.exe not disinfected postponed 09/04/2009 19:54:58 File: c:\jeux\jeux\primary.exe//doc\5knoikz.exe detected Trojan program 'Trojan-Dropper.Win32.Small.sc' 09/04/2009 19:55:30 File: c:\jeux\jeux\primary.exe//doc\istinstall_153191.exe//UPX detected Trojan program 'Trojan-Downloader.Win32.IstBar.er' 09/04/2009 19:55:30 File: c:\jeux\jeux\primary.exe//doc\NH20040517.4a.yy.exe/NHInstall.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel.d' 09/04/2009 19:55:30 File: c:\jeux\jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHelper.dll detected adware 'not-a-virus:AdWare.Win32.NavExcel.b' 09/04/2009 19:55:30 File: c:\jeux\jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUninstaller.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel' 09/04/2009 19:55:30 File: c:\jeux\jeux\primary.exe//doc\NH20040517.4a.yy.exe/v2.0.4a.cab/NHUpdater.exe detected adware 'not-a-virus:AdWare.Win32.NavExcel.b' 09/04/2009 19:55:52 File: c:\jeux\jeux\primary.exe deleted 09/04/2009 19:55:52 File: c:\program files\avira\antivir desktop\fact.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:55:55 File: c:\program files\avira\antivir desktop\fact.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:55:56 File: c:\program files\thunmail\testabd.dll detected Trojan program 'Trojan.Win32.Agent2.hhw' 09/04/2009 19:56:02 File: c:\program files\thunmail\testabd.dll deleted 09/04/2009 19:56:03 File: c:\utilitaires\spywarevanisher.exe//FreeScanner.exe detected new threat 'not-a-virus:FraudTool.Win32.SpywareVanish.a' 09/04/2009 19:56:10 File: c:\utilitaires\spywarevanisher.exe//Master.enc/Master.dat password protected 09/04/2009 19:56:10 File: c:\utilitaires\spywarevanisher.exe deleted 09/04/2009 19:56:10 File: c:\utilitaires\ashampoo.winoptimizer.platinum.suite.v3.30-te\ashampoo.winoptimizer.platinum.suite.v3.30-te\crack\ashampoowinoptimizerplatinumsuitev330_crack.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:13 File: c:\utilitaires\ashampoo.winoptimizer.platinum.suite.v3.30-te\ashampoo.winoptimizer.platinum.suite.v3.30-te\crack\ashampoowinoptimizerplatinumsuitev330_crack.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:14 File: c:\utilitaires\cryptload_1.1.6\cryptload_1.1.6\tools\unrar64.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:16 File: c:\utilitaires\cryptload_1.1.6\cryptload_1.1.6\tools\unrar64.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:16 File: c:\video\rsdl133\plugins\gocr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:18 File: c:\video\rsdl133\plugins\gocr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:19 File: c:\video\virtualdubmod\virtualdubmod.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:20 File: c:\video\virtualdubmod\virtualdubmod.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:20 File: c:\windows\nuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:21 File: c:\windows\nuninst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:22 File: c:\windows\unnmp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:23 File: c:\windows\unnmp.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:23 File: c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:24 File: c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:24 File: c:\windows\$ntservicepackuninstall$\accwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:25 File: c:\windows\$ntservicepackuninstall$\accwiz.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:25 File: c:\windows\$ntservicepackuninstall$\actmovie.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:26 File: c:\windows\$ntservicepackuninstall$\actmovie.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:26 File: c:\windows\$ntservicepackuninstall$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:28 File: c:\windows\$ntservicepackuninstall$\agentsvr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:28 File: c:\windows\$ntservicepackuninstall$\ahui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:29 File: c:\windows\$ntservicepackuninstall$\ahui.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:29 File: c:\windows\$ntservicepackuninstall$\alg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:30 File: c:\windows\$ntservicepackuninstall$\alg.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:30 File: c:\windows\$ntservicepackuninstall$\at.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:31 File: c:\windows\$ntservicepackuninstall$\at.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:31 File: c:\windows\$ntservicepackuninstall$\atmadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:31 File: c:\windows\$ntservicepackuninstall$\atmadm.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:32 File: c:\windows\$ntservicepackuninstall$\attrib.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:32 File: c:\windows\$ntservicepackuninstall$\attrib.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:32 File: c:\windows\$ntservicepackuninstall$\auditusr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:33 File: c:\windows\$ntservicepackuninstall$\auditusr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:33 File: c:\windows\$ntservicepackuninstall$\author.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:34 File: c:\windows\$ntservicepackuninstall$\author.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:34 File: c:\windows\$ntservicepackuninstall$\blastcln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:35 File: c:\windows\$ntservicepackuninstall$\blastcln.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:35 File: c:\windows\$ntservicepackuninstall$\cacls.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:36 File: c:\windows\$ntservicepackuninstall$\cacls.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:36 File: c:\windows\$ntservicepackuninstall$\cfgwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:37 File: c:\windows\$ntservicepackuninstall$\cfgwiz.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:37 File: c:\windows\$ntservicepackuninstall$\cisvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:38 File: c:\windows\$ntservicepackuninstall$\cisvc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:38 File: c:\windows\$ntservicepackuninstall$\cleanmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:39 File: c:\windows\$ntservicepackuninstall$\cleanmgr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:39 File: c:\windows\$ntservicepackuninstall$\cliconfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:40 File: c:\windows\$ntservicepackuninstall$\cliconfg.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:40 File: c:\windows\$ntservicepackuninstall$\clipbrd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:41 File: c:\windows\$ntservicepackuninstall$\clipbrd.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:41 File: c:\windows\$ntservicepackuninstall$\clipsrv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:42 File: c:\windows\$ntservicepackuninstall$\clipsrv.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:42 File: c:\windows\$ntservicepackuninstall$\cmd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:43 File: c:\windows\$ntservicepackuninstall$\cmd.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:43 File: c:\windows\$ntservicepackuninstall$\cmdl32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:44 File: c:\windows\$ntservicepackuninstall$\cmdl32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:44 File: c:\windows\$ntservicepackuninstall$\cmmon32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:45 File: c:\windows\$ntservicepackuninstall$\cmmon32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:45 File: c:\windows\$ntservicepackuninstall$\cmstp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:46 File: c:\windows\$ntservicepackuninstall$\cmstp.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:46 File: c:\windows\$ntservicepackuninstall$\comrepl.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:47 File: c:\windows\$ntservicepackuninstall$\comrepl.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:47 File: c:\windows\$ntservicepackuninstall$\comrereg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:48 File: c:\windows\$ntservicepackuninstall$\comrereg.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:48 File: c:\windows\$ntservicepackuninstall$\conf.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:49 File: c:\windows\$ntservicepackuninstall$\conf.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:49 File: c:\windows\$ntservicepackuninstall$\conime.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:50 File: c:\windows\$ntservicepackuninstall$\conime.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:50 File: c:\windows\$ntservicepackuninstall$\cscript.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:51 File: c:\windows\$ntservicepackuninstall$\cscript.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:51 File: c:\windows\$ntservicepackuninstall$\ctfmon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:52 File: c:\windows\$ntservicepackuninstall$\ctfmon.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:52 File: c:\windows\$ntservicepackuninstall$\dcomcnfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:53 File: c:\windows\$ntservicepackuninstall$\dcomcnfg.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:53 File: c:\windows\$ntservicepackuninstall$\ddeshare.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:54 File: c:\windows\$ntservicepackuninstall$\ddeshare.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:54 File: c:\windows\$ntservicepackuninstall$\defrag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:55 File: c:\windows\$ntservicepackuninstall$\defrag.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:55 File: c:\windows\$ntservicepackuninstall$\dfrgfat.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:56 File: c:\windows\$ntservicepackuninstall$\dfrgfat.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:56 File: c:\windows\$ntservicepackuninstall$\dfrgntfs.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:57 File: c:\windows\$ntservicepackuninstall$\dfrgntfs.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:57 File: c:\windows\$ntservicepackuninstall$\dialer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:58 File: c:\windows\$ntservicepackuninstall$\dialer.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:58 File: c:\windows\$ntservicepackuninstall$\diantz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:59 File: c:\windows\$ntservicepackuninstall$\diantz.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:56:59 File: c:\windows\$ntservicepackuninstall$\diskpart.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:00 File: c:\windows\$ntservicepackuninstall$\diskpart.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:00 File: c:\windows\$ntservicepackuninstall$\dllhost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:01 File: c:\windows\$ntservicepackuninstall$\dllhost.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:01 File: c:\windows\$ntservicepackuninstall$\dmadmin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:02 File: c:\windows\$ntservicepackuninstall$\dmadmin.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:02 File: c:\windows\$ntservicepackuninstall$\dmremote.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:02 File: c:\windows\$ntservicepackuninstall$\dmremote.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:03 File: c:\windows\$ntservicepackuninstall$\dplaysvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:03 File: c:\windows\$ntservicepackuninstall$\dplaysvr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:03 File: c:\windows\$ntservicepackuninstall$\dpnsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:04 File: c:\windows\$ntservicepackuninstall$\dpnsvr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:04 File: c:\windows\$ntservicepackuninstall$\dpvsetup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:05 File: c:\windows\$ntservicepackuninstall$\dpvsetup.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:05 File: c:\windows\$ntservicepackuninstall$\dumprep.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:06 File: c:\windows\$ntservicepackuninstall$\dumprep.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:06 File: c:\windows\$ntservicepackuninstall$\dvdupgrd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:07 File: c:\windows\$ntservicepackuninstall$\dvdupgrd.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:07 File: c:\windows\$ntservicepackuninstall$\dwwin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:08 File: c:\windows\$ntservicepackuninstall$\dwwin.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:09 File: c:\windows\$ntservicepackuninstall$\dxdiag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:09 File: c:\windows\$ntservicepackuninstall$\dxdiag.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:10 File: c:\windows\$ntservicepackuninstall$\eudcedit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:10 File: c:\windows\$ntservicepackuninstall$\eudcedit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:11 File: c:\windows\$ntservicepackuninstall$\evntcmd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:11 File: c:\windows\$ntservicepackuninstall$\evntcmd.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:12 File: c:\windows\$ntservicepackuninstall$\evntwin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:12 File: c:\windows\$ntservicepackuninstall$\evntwin.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:13 File: c:\windows\$ntservicepackuninstall$\explorer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:13 File: c:\windows\$ntservicepackuninstall$\explorer.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:14 File: c:\windows\$ntservicepackuninstall$\extrac32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:14 File: c:\windows\$ntservicepackuninstall$\extrac32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:15 File: c:\windows\$ntservicepackuninstall$\findstr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:15 File: c:\windows\$ntservicepackuninstall$\findstr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:16 File: c:\windows\$ntservicepackuninstall$\fltmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:16 File: c:\windows\$ntservicepackuninstall$\fltmc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:16 File: c:\windows\$ntservicepackuninstall$\fontview.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:17 File: c:\windows\$ntservicepackuninstall$\fontview.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:17 File: c:\windows\$ntservicepackuninstall$\forcedos.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:18 File: c:\windows\$ntservicepackuninstall$\forcedos.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:18 File: c:\windows\$ntservicepackuninstall$\fp98sadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:19 File: c:\windows\$ntservicepackuninstall$\fp98sadm.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:19 File: c:\windows\$ntservicepackuninstall$\fp98swin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:20 File: c:\windows\$ntservicepackuninstall$\fp98swin.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:20 File: c:\windows\$ntservicepackuninstall$\fpadmcgi.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:21 File: c:\windows\$ntservicepackuninstall$\fpadmcgi.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:21 File: c:\windows\$ntservicepackuninstall$\fpcount.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:22 File: c:\windows\$ntservicepackuninstall$\fpcount.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:22 File: c:\windows\$ntservicepackuninstall$\fpremadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:23 File: c:\windows\$ntservicepackuninstall$\fpremadm.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:23 File: c:\windows\$ntservicepackuninstall$\fsquirt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:24 File: c:\windows\$ntservicepackuninstall$\fsquirt.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:24 File: c:\windows\$ntservicepackuninstall$\ftp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:25 File: c:\windows\$ntservicepackuninstall$\ftp.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:25 File: c:\windows\$ntservicepackuninstall$\fxsclnt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:25 File: c:\windows\$ntservicepackuninstall$\fxsclnt.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:26 File: c:\windows\$ntservicepackuninstall$\fxscover.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:27 File: c:\windows\$ntservicepackuninstall$\fxscover.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:27 File: c:\windows\$ntservicepackuninstall$\fxssvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:28 File: c:\windows\$ntservicepackuninstall$\fxssvc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:28 File: c:\windows\$ntservicepackuninstall$\grpconv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:29 File: c:\windows\$ntservicepackuninstall$\grpconv.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:29 File: c:\windows\$ntservicepackuninstall$\help.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:29 File: c:\windows\$ntservicepackuninstall$\help.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:30 File: c:\windows\$ntservicepackuninstall$\helpctr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:30 File: c:\windows\$ntservicepackuninstall$\helpctr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:31 File: c:\windows\$ntservicepackuninstall$\helpsvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:31 File: c:\windows\$ntservicepackuninstall$\helpsvc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:32 File: c:\windows\$ntservicepackuninstall$\hh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:32 File: c:\windows\$ntservicepackuninstall$\hh.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:33 File: c:\windows\$ntservicepackuninstall$\hscupd.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:33 File: c:\windows\$ntservicepackuninstall$\hscupd.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:33 File: c:\windows\$ntservicepackuninstall$\icwconn1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:34 File: c:\windows\$ntservicepackuninstall$\icwconn1.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:34 File: c:\windows\$ntservicepackuninstall$\icwconn2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:35 File: c:\windows\$ntservicepackuninstall$\icwconn2.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:35 File: c:\windows\$ntservicepackuninstall$\icwrmind.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:36 File: c:\windows\$ntservicepackuninstall$\icwrmind.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:36 File: c:\windows\$ntservicepackuninstall$\iexpress.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:37 File: c:\windows\$ntservicepackuninstall$\iexpress.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:37 File: c:\windows\$ntservicepackuninstall$\imapi.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:38 File: c:\windows\$ntservicepackuninstall$\imapi.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:38 File: c:\windows\$ntservicepackuninstall$\inetwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:39 File: c:\windows\$ntservicepackuninstall$\inetwiz.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:39 File: c:\windows\$ntservicepackuninstall$\ipconfig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:40 File: c:\windows\$ntservicepackuninstall$\ipconfig.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:40 File: c:\windows\$ntservicepackuninstall$\ipv6.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:41 File: c:\windows\$ntservicepackuninstall$\ipv6.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:41 File: c:\windows\$ntservicepackuninstall$\ipxroute.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:42 File: c:\windows\$ntservicepackuninstall$\ipxroute.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:42 File: c:\windows\$ntservicepackuninstall$\locator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:43 File: c:\windows\$ntservicepackuninstall$\locator.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:43 File: c:\windows\$ntservicepackuninstall$\logman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:44 File: c:\windows\$ntservicepackuninstall$\logman.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:44 File: c:\windows\$ntservicepackuninstall$\logon.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:44 File: c:\windows\$ntservicepackuninstall$\logon.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:45 File: c:\windows\$ntservicepackuninstall$\logonui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:45 File: c:\windows\$ntservicepackuninstall$\logonui.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:46 File: c:\windows\$ntservicepackuninstall$\lsass.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:46 File: c:\windows\$ntservicepackuninstall$\lsass.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:46 File: c:\windows\$ntservicepackuninstall$\magnify.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:47 File: c:\windows\$ntservicepackuninstall$\magnify.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:47 File: c:\windows\$ntservicepackuninstall$\makecab.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:48 File: c:\windows\$ntservicepackuninstall$\makecab.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:48 File: c:\windows\$ntservicepackuninstall$\migload.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:49 File: c:\windows\$ntservicepackuninstall$\migload.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:49 File: c:\windows\$ntservicepackuninstall$\migregdb.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:50 File: c:\windows\$ntservicepackuninstall$\migregdb.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:50 File: c:\windows\$ntservicepackuninstall$\migwiz.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:51 File: c:\windows\$ntservicepackuninstall$\migwiz.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:51 File: c:\windows\$ntservicepackuninstall$\mmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:52 File: c:\windows\$ntservicepackuninstall$\mmc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:52 File: c:\windows\$ntservicepackuninstall$\mnmsrvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:53 File: c:\windows\$ntservicepackuninstall$\mnmsrvc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:53 File: c:\windows\$ntservicepackuninstall$\mobsync.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:54 File: c:\windows\$ntservicepackuninstall$\mobsync.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:54 File: c:\windows\$ntservicepackuninstall$\mofcomp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:55 File: c:\windows\$ntservicepackuninstall$\mofcomp.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:55 File: c:\windows\$ntservicepackuninstall$\moviemk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:57 File: c:\windows\$ntservicepackuninstall$\moviemk.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:57 File: c:\windows\$ntservicepackuninstall$\mplay32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:58 File: c:\windows\$ntservicepackuninstall$\mplay32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:58 File: c:\windows\$ntservicepackuninstall$\mplayer2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:59 File: c:\windows\$ntservicepackuninstall$\mplayer2.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:57:59 File: c:\windows\$ntservicepackuninstall$\msconfig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:00 File: c:\windows\$ntservicepackuninstall$\msconfig.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:00 File: c:\windows\$ntservicepackuninstall$\msdtc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:02 File: c:\windows\$ntservicepackuninstall$\msdtc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:02 File: c:\windows\$ntservicepackuninstall$\msiexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:03 File: c:\windows\$ntservicepackuninstall$\msiexec.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:03 File: c:\windows\$ntservicepackuninstall$\msimn.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:04 File: c:\windows\$ntservicepackuninstall$\msimn.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:04 File: c:\windows\$ntservicepackuninstall$\msiregmv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:05 File: c:\windows\$ntservicepackuninstall$\msiregmv.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:05 File: c:\windows\$ntservicepackuninstall$\msmsgs.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:06 File: c:\windows\$ntservicepackuninstall$\msmsgs.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:06 File: c:\windows\$ntservicepackuninstall$\msoobe.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:07 File: c:\windows\$ntservicepackuninstall$\msoobe.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:07 File: c:\windows\$ntservicepackuninstall$\mspaint.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:08 File: c:\windows\$ntservicepackuninstall$\mspaint.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:08 File: c:\windows\$ntservicepackuninstall$\mstinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:09 File: c:\windows\$ntservicepackuninstall$\mstinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:09 File: c:\windows\$ntservicepackuninstall$\mstsc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:10 File: c:\windows\$ntservicepackuninstall$\mstsc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:10 File: c:\windows\$ntservicepackuninstall$\narrator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:11 File: c:\windows\$ntservicepackuninstall$\narrator.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:11 File: c:\windows\$ntservicepackuninstall$\nddeapir.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:12 File: c:\windows\$ntservicepackuninstall$\nddeapir.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:12 File: c:\windows\$ntservicepackuninstall$\net.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:13 File: c:\windows\$ntservicepackuninstall$\net.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:13 File: c:\windows\$ntservicepackuninstall$\net1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:14 File: c:\windows\$ntservicepackuninstall$\net1.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:14 File: c:\windows\$ntservicepackuninstall$\netdde.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:15 File: c:\windows\$ntservicepackuninstall$\netdde.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:15 File: c:\windows\$ntservicepackuninstall$\netsetup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:16 File: c:\windows\$ntservicepackuninstall$\netsetup.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:17 File: c:\windows\$ntservicepackuninstall$\netsh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:18 File: c:\windows\$ntservicepackuninstall$\netsh.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:18 File: c:\windows\$ntservicepackuninstall$\netstat.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:19 File: c:\windows\$ntservicepackuninstall$\netstat.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:19 File: c:\windows\$ntservicepackuninstall$\notepad.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:20 File: c:\windows\$ntservicepackuninstall$\notepad.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:20 File: c:\windows\$ntservicepackuninstall$\nppagent.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:21 File: c:\windows\$ntservicepackuninstall$\nppagent.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:21 File: c:\windows\$ntservicepackuninstall$\nslookup.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:22 File: c:\windows\$ntservicepackuninstall$\nslookup.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:22 File: c:\windows\$ntservicepackuninstall$\ntvdm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:23 File: c:\windows\$ntservicepackuninstall$\ntvdm.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:23 File: c:\windows\$ntservicepackuninstall$\odbcad32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:24 File: c:\windows\$ntservicepackuninstall$\odbcad32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:24 File: c:\windows\$ntservicepackuninstall$\odbcconf.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:25 File: c:\windows\$ntservicepackuninstall$\odbcconf.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:25 File: c:\windows\$ntservicepackuninstall$\oemig50.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:26 File: c:\windows\$ntservicepackuninstall$\oemig50.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:26 File: c:\windows\$ntservicepackuninstall$\oobebaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:27 File: c:\windows\$ntservicepackuninstall$\oobebaln.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:27 File: c:\windows\$ntservicepackuninstall$\osk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:33 File: c:\windows\$ntservicepackuninstall$\osk.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:34 File: c:\windows\$ntservicepackuninstall$\packager.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:35 File: c:\windows\$ntservicepackuninstall$\packager.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:35 File: c:\windows\$ntservicepackuninstall$\perfmon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:36 File: c:\windows\$ntservicepackuninstall$\perfmon.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:36 File: c:\windows\$ntservicepackuninstall$\pinball.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:37 File: c:\windows\$ntservicepackuninstall$\pinball.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:37 File: c:\windows\$ntservicepackuninstall$\ping.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:38 File: c:\windows\$ntservicepackuninstall$\ping.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:38 File: c:\windows\$ntservicepackuninstall$\powercfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:39 File: c:\windows\$ntservicepackuninstall$\powercfg.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:39 File: c:\windows\$ntservicepackuninstall$\progman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:40 File: c:\windows\$ntservicepackuninstall$\progman.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:40 File: c:\windows\$ntservicepackuninstall$\proquota.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:41 File: c:\windows\$ntservicepackuninstall$\proquota.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:41 File: c:\windows\$ntservicepackuninstall$\proxycfg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:41 File: c:\windows\$ntservicepackuninstall$\proxycfg.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:42 File: c:\windows\$ntservicepackuninstall$\qprocess.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:42 File: c:\windows\$ntservicepackuninstall$\qprocess.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:42 File: c:\windows\$ntservicepackuninstall$\rasphone.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:43 File: c:\windows\$ntservicepackuninstall$\rasphone.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:43 File: c:\windows\$ntservicepackuninstall$\rcimlby.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:44 File: c:\windows\$ntservicepackuninstall$\rcimlby.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:44 File: c:\windows\$ntservicepackuninstall$\rcp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:45 File: c:\windows\$ntservicepackuninstall$\rcp.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:45 File: c:\windows\$ntservicepackuninstall$\rdpclip.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:46 File: c:\windows\$ntservicepackuninstall$\rdpclip.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:46 File: c:\windows\$ntservicepackuninstall$\rdsaddin.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:47 File: c:\windows\$ntservicepackuninstall$\rdsaddin.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:47 File: c:\windows\$ntservicepackuninstall$\rdshost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:48 File: c:\windows\$ntservicepackuninstall$\rdshost.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:48 File: c:\windows\$ntservicepackuninstall$\reg.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:49 File: c:\windows\$ntservicepackuninstall$\reg.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:49 File: c:\windows\$ntservicepackuninstall$\regedit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:50 File: c:\windows\$ntservicepackuninstall$\regedit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:50 File: c:\windows\$ntservicepackuninstall$\regsvr32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:51 File: c:\windows\$ntservicepackuninstall$\regsvr32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:51 File: c:\windows\$ntservicepackuninstall$\rexec.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:51 File: c:\windows\$ntservicepackuninstall$\rexec.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:52 File: c:\windows\$ntservicepackuninstall$\rsh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:52 File: c:\windows\$ntservicepackuninstall$\rsh.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:53 File: c:\windows\$ntservicepackuninstall$\rstrui.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:53 File: c:\windows\$ntservicepackuninstall$\rstrui.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:53 File: c:\windows\$ntservicepackuninstall$\rtcshare.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:54 File: c:\windows\$ntservicepackuninstall$\rtcshare.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:54 File: c:\windows\$ntservicepackuninstall$\rundll32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:55 File: c:\windows\$ntservicepackuninstall$\rundll32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:55 File: c:\windows\$ntservicepackuninstall$\runonce.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:56 File: c:\windows\$ntservicepackuninstall$\runonce.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:56 File: c:\windows\$ntservicepackuninstall$\savedump.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:57 File: c:\windows\$ntservicepackuninstall$\savedump.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:57 File: c:\windows\$ntservicepackuninstall$\scardsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:58 File: c:\windows\$ntservicepackuninstall$\scardsvr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:58 File: c:\windows\$ntservicepackuninstall$\scrcons.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:59 File: c:\windows\$ntservicepackuninstall$\scrcons.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:58:59 File: c:\windows\$ntservicepackuninstall$\scrnsave.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:00 File: c:\windows\$ntservicepackuninstall$\scrnsave.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:00 File: c:\windows\$ntservicepackuninstall$\sdbinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:01 File: c:\windows\$ntservicepackuninstall$\sdbinst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:01 File: c:\windows\$ntservicepackuninstall$\services.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:02 File: c:\windows\$ntservicepackuninstall$\services.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:02 File: c:\windows\$ntservicepackuninstall$\sessmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:03 File: c:\windows\$ntservicepackuninstall$\sessmgr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:03 File: c:\windows\$ntservicepackuninstall$\sethc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:04 File: c:\windows\$ntservicepackuninstall$\sethc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:04 File: c:\windows\$ntservicepackuninstall$\setup50.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:05 File: c:\windows\$ntservicepackuninstall$\setup50.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:05 File: c:\windows\$ntservicepackuninstall$\shmgrate.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:06 File: c:\windows\$ntservicepackuninstall$\shmgrate.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:07 File: c:\windows\$ntservicepackuninstall$\shrpubw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:07 File: c:\windows\$ntservicepackuninstall$\shrpubw.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:08 File: c:\windows\$ntservicepackuninstall$\shtml.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:09 File: c:\windows\$ntservicepackuninstall$\shtml.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:09 File: c:\windows\$ntservicepackuninstall$\shutdown.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:10 File: c:\windows\$ntservicepackuninstall$\shutdown.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:10 File: c:\windows\$ntservicepackuninstall$\sigverif.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:11 File: c:\windows\$ntservicepackuninstall$\sigverif.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:11 File: c:\windows\$ntservicepackuninstall$\skeys.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:12 File: c:\windows\$ntservicepackuninstall$\skeys.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:12 File: c:\windows\$ntservicepackuninstall$\smbinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:12 File: c:\windows\$ntservicepackuninstall$\smbinst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:13 File: c:\windows\$ntservicepackuninstall$\smi2smir.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:13 File: c:\windows\$ntservicepackuninstall$\smi2smir.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:13 File: c:\windows\$ntservicepackuninstall$\smlogsvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:14 File: c:\windows\$ntservicepackuninstall$\smlogsvc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:14 File: c:\windows\$ntservicepackuninstall$\sndrec32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:15 File: c:\windows\$ntservicepackuninstall$\sndrec32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:15 File: c:\windows\$ntservicepackuninstall$\snmp.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:16 File: c:\windows\$ntservicepackuninstall$\snmp.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:16 File: c:\windows\$ntservicepackuninstall$\snmptrap.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:17 File: c:\windows\$ntservicepackuninstall$\snmptrap.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:17 File: c:\windows\$ntservicepackuninstall$\sort.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:18 File: c:\windows\$ntservicepackuninstall$\sort.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:18 File: c:\windows\$ntservicepackuninstall$\spider.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:19 File: c:\windows\$ntservicepackuninstall$\spider.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:19 File: c:\windows\$ntservicepackuninstall$\spnpinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:20 File: c:\windows\$ntservicepackuninstall$\spnpinst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:20 File: c:\windows\$ntservicepackuninstall$\spoolsv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:20 File: c:\windows\$ntservicepackuninstall$\spoolsv.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:21 File: c:\windows\$ntservicepackuninstall$\ss3dfo.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:21 File: c:\windows\$ntservicepackuninstall$\ss3dfo.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:21 File: c:\windows\$ntservicepackuninstall$\ssbezier.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:22 File: c:\windows\$ntservicepackuninstall$\ssbezier.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:22 File: c:\windows\$ntservicepackuninstall$\ssflwbox.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:23 File: c:\windows\$ntservicepackuninstall$\ssflwbox.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:23 File: c:\windows\$ntservicepackuninstall$\ssmarque.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:24 File: c:\windows\$ntservicepackuninstall$\ssmarque.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:24 File: c:\windows\$ntservicepackuninstall$\ssmypics.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:25 File: c:\windows\$ntservicepackuninstall$\ssmypics.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:25 File: c:\windows\$ntservicepackuninstall$\ssmyst.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:25 File: c:\windows\$ntservicepackuninstall$\ssmyst.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:26 File: c:\windows\$ntservicepackuninstall$\sspipes.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:26 File: c:\windows\$ntservicepackuninstall$\sspipes.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:27 File: c:\windows\$ntservicepackuninstall$\ssstars.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:27 File: c:\windows\$ntservicepackuninstall$\ssstars.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:28 File: c:\windows\$ntservicepackuninstall$\sstext3d.scr detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:28 File: c:\windows\$ntservicepackuninstall$\sstext3d.scr disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:28 File: c:\windows\$ntservicepackuninstall$\stimon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:29 File: c:\windows\$ntservicepackuninstall$\stimon.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:29 File: c:\windows\$ntservicepackuninstall$\svchost.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:30 File: c:\windows\$ntservicepackuninstall$\svchost.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:30 File: c:\windows\$ntservicepackuninstall$\sysocmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:31 File: c:\windows\$ntservicepackuninstall$\sysocmgr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:31 File: c:\windows\$ntservicepackuninstall$\taskmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:32 File: c:\windows\$ntservicepackuninstall$\taskmgr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:32 File: c:\windows\$ntservicepackuninstall$\tcptest.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:33 File: c:\windows\$ntservicepackuninstall$\tcptest.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:33 File: c:\windows\$ntservicepackuninstall$\telnet.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:34 File: c:\windows\$ntservicepackuninstall$\telnet.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:34 File: c:\windows\$ntservicepackuninstall$\tourstart.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:35 File: c:\windows\$ntservicepackuninstall$\tourstart.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:35 File: c:\windows\$ntservicepackuninstall$\tourstrt.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:36 File: c:\windows\$ntservicepackuninstall$\tourstrt.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:36 File: c:\windows\$ntservicepackuninstall$\tracert.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:37 File: c:\windows\$ntservicepackuninstall$\tracert.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:37 File: c:\windows\$ntservicepackuninstall$\uploadm.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:38 File: c:\windows\$ntservicepackuninstall$\uploadm.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:38 File: c:\windows\$ntservicepackuninstall$\upnpcont.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:39 File: c:\windows\$ntservicepackuninstall$\upnpcont.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:39 File: c:\windows\$ntservicepackuninstall$\ups.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:40 File: c:\windows\$ntservicepackuninstall$\ups.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:40 File: c:\windows\$ntservicepackuninstall$\userinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:41 File: c:\windows\$ntservicepackuninstall$\userinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:41 File: c:\windows\$ntservicepackuninstall$\utilman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:42 File: c:\windows\$ntservicepackuninstall$\utilman.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:42 File: c:\windows\$ntservicepackuninstall$\vssvc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:43 File: c:\windows\$ntservicepackuninstall$\vssvc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:43 File: c:\windows\$ntservicepackuninstall$\wab.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:44 File: c:\windows\$ntservicepackuninstall$\wab.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:44 File: c:\windows\$ntservicepackuninstall$\wabmig.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:45 File: c:\windows\$ntservicepackuninstall$\wabmig.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:45 File: c:\windows\$ntservicepackuninstall$\wbemtest.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:46 File: c:\windows\$ntservicepackuninstall$\wbemtest.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:46 File: c:\windows\$ntservicepackuninstall$\wextract.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:47 File: c:\windows\$ntservicepackuninstall$\wextract.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:47 File: c:\windows\$ntservicepackuninstall$\wiaacmgr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:48 File: c:\windows\$ntservicepackuninstall$\wiaacmgr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:48 File: c:\windows\$ntservicepackuninstall$\winhlp32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:49 File: c:\windows\$ntservicepackuninstall$\winhlp32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:50 File: c:\windows\$ntservicepackuninstall$\winlogon.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:51 File: c:\windows\$ntservicepackuninstall$\winlogon.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:51 File: c:\windows\$ntservicepackuninstall$\winver.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:52 File: c:\windows\$ntservicepackuninstall$\winver.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:52 File: c:\windows\$ntservicepackuninstall$\wmiadap.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:53 File: c:\windows\$ntservicepackuninstall$\wmiadap.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:53 File: c:\windows\$ntservicepackuninstall$\wmiapsrv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:54 File: c:\windows\$ntservicepackuninstall$\wmiapsrv.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:54 File: c:\windows\$ntservicepackuninstall$\wmiprvse.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:55 File: c:\windows\$ntservicepackuninstall$\wmiprvse.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:55 File: c:\windows\$ntservicepackuninstall$\wordpad.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:56 File: c:\windows\$ntservicepackuninstall$\wordpad.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:56 File: c:\windows\$ntservicepackuninstall$\wpabaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:57 File: c:\windows\$ntservicepackuninstall$\wpabaln.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:57 File: c:\windows\$ntservicepackuninstall$\wpnpinst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:58 File: c:\windows\$ntservicepackuninstall$\wpnpinst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:58 File: c:\windows\$ntservicepackuninstall$\wscntfy.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 19:59:59 File: c:\windows\$ntservicepackuninstall$\wscntfy.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:00 File: c:\windows\$ntservicepackuninstall$\wscript.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:00 File: c:\windows\$ntservicepackuninstall$\wscript.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:01 File: c:\windows\$ntservicepackuninstall$\wuauclt1.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:01 File: c:\windows\$ntservicepackuninstall$\wuauclt1.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:02 File: c:\windows\$ntservicepackuninstall$\xcopy.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:02 File: c:\windows\$ntservicepackuninstall$\xcopy.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:03 File: c:\windows\$ntservicepackuninstall$\xpnetdiag.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:03 File: c:\windows\$ntservicepackuninstall$\xpnetdiag.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:04 File: c:\windows\$ntuninstallkb886185$\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:04 File: c:\windows\$ntuninstallkb886185$\spuninst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:05 File: c:\windows\$ntuninstallkb886185$\update.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:06 File: c:\windows\$ntuninstallkb886185$\update.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:06 File: c:\windows\$ntuninstallkb886185$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:07 File: c:\windows\$ntuninstallkb886185$\spuninst\spuninst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:07 File: c:\windows\$ntuninstallkb888302$\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:08 File: c:\windows\$ntuninstallkb888302$\spuninst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:08 File: c:\windows\$ntuninstallkb888302$\update.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:09 File: c:\windows\$ntuninstallkb888302$\update.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:09 File: c:\windows\$ntuninstallkb888302$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:10 File: c:\windows\$ntuninstallkb888302$\spuninst\spuninst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:10 File: c:\windows\$ntuninstallkb893756$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:11 File: c:\windows\$ntuninstallkb893756$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:11 File: c:\windows\$ntuninstallkb896358$\hh.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:12 File: c:\windows\$ntuninstallkb896358$\hh.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:12 File: c:\windows\$ntuninstallkb896423$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:13 File: c:\windows\$ntuninstallkb896423$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:13 File: c:\windows\$ntuninstallkb896423$\spoolsv.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:14 File: c:\windows\$ntuninstallkb896423$\spoolsv.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:14 File: c:\windows\$ntuninstallkb896424$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:14 File: c:\windows\$ntuninstallkb896424$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:15 File: c:\windows\$ntuninstallkb896428$\telnet.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:15 File: c:\windows\$ntuninstallkb896428$\telnet.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:16 File: c:\windows\$ntuninstallkb898458$\orun32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:16 File: c:\windows\$ntuninstallkb898458$\orun32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:17 File: c:\windows\$ntuninstallkb899587$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:17 File: c:\windows\$ntuninstallkb899587$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:17 File: c:\windows\$ntuninstallkb899591$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:18 File: c:\windows\$ntuninstallkb899591$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:18 File: c:\windows\$ntuninstallkb900725$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:19 File: c:\windows\$ntuninstallkb900725$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:19 File: c:\windows\$ntuninstallkb901017$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:20 File: c:\windows\$ntuninstallkb901017$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:20 File: c:\windows\$ntuninstallkb902400$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:21 File: c:\windows\$ntuninstallkb902400$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:21 File: c:\windows\$ntuninstallkb902400$\migregdb.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:22 File: c:\windows\$ntuninstallkb902400$\migregdb.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:22 File: c:\windows\$ntuninstallkb905414$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:23 File: c:\windows\$ntuninstallkb905414$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:23 File: c:\windows\$ntuninstallkb905749$\arpidfix.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:24 File: c:\windows\$ntuninstallkb905749$\arpidfix.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:24 File: c:\windows\$ntuninstallkb905915$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:25 File: c:\windows\$ntuninstallkb905915$\iedw.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:25 File: c:\windows\$ntuninstallkb912812$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:26 File: c:\windows\$ntuninstallkb912812$\iedw.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:26 File: c:\windows\$ntuninstallkb916281$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:27 File: c:\windows\$ntuninstallkb916281$\iedw.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:27 File: c:\windows\$ntuninstallkb918899$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:28 File: c:\windows\$ntuninstallkb918899$\iedw.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:28 File: c:\windows\$ntuninstallkb920213$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:29 File: c:\windows\$ntuninstallkb920213$\agentsvr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:29 File: c:\windows\$ntuninstallkb920213_0$\agentsvr.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:30 File: c:\windows\$ntuninstallkb920213_0$\agentsvr.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:30 File: c:\windows\$ntuninstallkb922582$\fltmc.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:31 File: c:\windows\$ntuninstallkb922582$\fltmc.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:31 File: c:\windows\$ntuninstallkb922760$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:32 File: c:\windows\$ntuninstallkb922760$\iedw.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:32 File: c:\windows\$ntuninstallkb923723$\orun32.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:33 File: c:\windows\$ntuninstallkb923723$\orun32.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:33 File: c:\windows\$ntuninstallkb925720$\magnify.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:34 File: c:\windows\$ntuninstallkb925720$\magnify.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:34 File: c:\windows\$ntuninstallkb925720$\narrator.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:35 File: c:\windows\$ntuninstallkb925720$\narrator.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:36 File: c:\windows\$ntuninstallkb925720$\osk.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:36 File: c:\windows\$ntuninstallkb925720$\osk.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:37 File: c:\windows\$ntuninstallkb925720$\utilman.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:37 File: c:\windows\$ntuninstallkb925720$\utilman.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:38 File: c:\windows\$ntuninstallkb933360$\tzchange.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:39 File: c:\windows\$ntuninstallkb933360$\tzchange.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:39 File: c:\windows\$ntuninstallkb938828$\explorer.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:40 File: c:\windows\$ntuninstallkb938828$\explorer.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:40 File: c:\windows\$ntuninstallkb939683$\unregmp2.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:41 File: c:\windows\$ntuninstallkb939683$\unregmp2.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:41 File: c:\windows\$ntuninstallkb942763$\tzchange.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:42 File: c:\windows\$ntuninstallkb942763$\tzchange.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:43 File: c:\windows\$ntuninstallkb952069_wm9$\logagent.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:44 File: c:\windows\$ntuninstallkb952069_wm9$\logagent.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:44 File: c:\windows\$ntuninstallkb952069_wm9$\logagent.exe.000 detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:45 File: c:\windows\$ntuninstallkb952069_wm9$\logagent.exe.000 disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:45 File: c:\windows\$ntuninstallkb958215$\iedw.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:46 File: c:\windows\$ntuninstallkb958215$\iedw.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:46 File: c:\windows\$ntuninstallkb958215$\iedw.exe.000 detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:47 File: c:\windows\$ntuninstallkb958215$\iedw.exe.000 disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:47 File: c:\windows\$ntuninstallq828026$\spuninst\spuninst.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:48 File: c:\windows\$ntuninstallq828026$\spuninst\spuninst.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:48 File: c:\windows\ie7updates\kb933566-ie7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:49 File: c:\windows\ie7updates\kb933566-ie7\ie4uinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:49 File: c:\windows\ie7updates\kb933566-ie7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:50 File: c:\windows\ie7updates\kb933566-ie7\ieudinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:50 File: c:\windows\ie7updates\kb933566-ie7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:51 File: c:\windows\ie7updates\kb933566-ie7\iexplore.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:51 File: c:\windows\ie7updates\kb944533-ie7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:52 File: c:\windows\ie7updates\kb944533-ie7\ie4uinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:52 File: c:\windows\ie7updates\kb944533-ie7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:54 File: c:\windows\ie7updates\kb944533-ie7\ieudinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:54 File: c:\windows\ie7updates\kb944533-ie7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:55 File: c:\windows\ie7updates\kb944533-ie7\iexplore.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:55 File: c:\windows\ie7updates\kb947864-ie7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:56 File: c:\windows\ie7updates\kb947864-ie7\ie4uinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:56 File: c:\windows\ie7updates\kb947864-ie7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:57 File: c:\windows\ie7updates\kb947864-ie7\ieudinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:57 File: c:\windows\ie7updates\kb947864-ie7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:58 File: c:\windows\ie7updates\kb947864-ie7\iexplore.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:58 File: c:\windows\ie7updates\kb953838-ie7\ie4uinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:59 File: c:\windows\ie7updates\kb953838-ie7\ie4uinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:00:59 File: c:\windows\ie7updates\kb953838-ie7\ieudinit.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:01:00 File: c:\windows\ie7updates\kb953838-ie7\ieudinit.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:01:00 File: c:\windows\ie7updates\kb953838-ie7\iexplore.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:01:01 File: c:\windows\ie7updates\kb953838-ie7\iexplore.exe disinfected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:01:02 File: c:\windows\softwaredistribution\download\51f93922a72f4cba24d116598e161b49\oobebaln.exe detected virus 'Virus.Win32.Virut.ce' 09/04/2009 20:01:03 File: c:\windows\softwaredistribution\download\51f93922a72f4cba24d116598e161b49\oobebaln.exe disinfected virus 'Virus.Win32.Virut.ce' Statistics ---------- Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ --------- All objects 1691585 288 0 3 0 56793 8262 704 72 System memory 968 0 0 0 0 0 0 0 0 Startup objects 826 0 0 0 0 5 131 0 0 Disk boot sectors 6 0 0 0 0 0 0 0 0 Mes documents 1692 0 0 0 0 19 2 0 0 Mail databases 0 0 0 0 0 0 0 0 0 Poste de travail 844940 288 0 3 0 28387 4130 352 36 Disquette 3.5 (A:) 0 0 0 0 0 0 0 0 0 HP_PAVILION (C:) 733319 0 0 0 0 19642 3519 352 22 HP_RECOVERY (D:) 85371 0 0 0 0 6687 389 0 0 Lecteur CD (E:) 0 0 0 0 0 0 0 0 0 Disque amovible (F:) 0 0 0 0 0 0 0 0 0 Disque amovible (G:) 0 0 0 0 0 0 0 0 0 Disque amovible (H:) 0 0 0 0 0 0 0 0 0 Disque amovible (I:) 0 0 0 0 0 0 0 0 0 CLÉ USB 2 A (J:) 0 0 0 0 0 0 0 0 0 CLÉ USB 2 B (K:) 18106 0 0 0 0 1643 80 0 4 USB DISK (L:) 6357 0 0 0 0 410 11 0 10 Settings -------- Parameter Value --------- ----- Security Level Recommended Action Prompt for action when the scan is complete Run mode Manually File types Scan all files Scan only new and changed files No Scan archives All Scan embedded OLE objects All Skip if object is larger than No Skip if scan takes longer than No Parse email formats No Scan password-protected archives No Enable iChecker technology No Enable iSwift technology No Show detected threats on "Detected" tab Yes Rootkits search Yes Deep rootkits search No Use heuristic analyzer Yes Quarantine ---------- Status Object Size Added ------ ------ ---- ----- Backup ------ Status Object Size ------ ------ ---- Bonsoir et Joyeuses Pâques en bonne compagnie. A bientôt

Bonjour, Si échec aujourd'hui, formatage complet. Le week-end sera plus tranquille. Je sais combien les petits enfants sont accapareurs de temps, mais ils sont toujours bien mignons. Ai rechargé DrWeb, Combofix, Win replace et Gmer, après les avoir désinstallés. Apparemment la console fonctionne. Pas de rapport DrWeb, il n'a rien trouvé! Voici le rapport tools : [ Rapport ToolsCleaner version 2.3.4 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\Gmer.zip: trouvé ! C:\Combofix.txt: trouvé ! C:\fixnavi.txt: trouvé ! C:\cleannavi.txt: trouvé ! C:\Qoobox: trouvé ! C:\Copie mes documents\cleannavi.txt: trouvé ! C:\Documents and Settings\HP_Propriétaire\Bureau\Rapports\Gmer.txt: trouvé ! C:\Infection\ComboFix.exe: trouvé ! C:\Infection\Rapports\Gmer.txt: trouvé ! C:\Program Files\HijackThis: trouvé ! C:\Program Files\HiJackThis\HijackThis.exe: trouvé ! C:\Utilitaires\SdFix.exe: trouvé ! C:\Utilitaires\Navilog1.exe: trouvé ! C:\Utilitaires\vundoFix.exe: trouvé ! C:\Utilitaires\HijackThis.exe: trouvé ! C:\Utilitaires\hijackthis.log: trouvé ! --------------------------------- --> Suppression: C:\Gmer.zip: supprimé ! C:\Infection\ComboFix.exe: ERREUR DE SUPPRESSION !! C:\Program Files\HiJackThis\HijackThis.exe: supprimé ! C:\Utilitaires\SdFix.exe: supprimé ! C:\Utilitaires\Navilog1.exe: supprimé ! C:\Utilitaires\vundoFix.exe: supprimé ! C:\Utilitaires\HijackThis.exe: supprimé ! C:\Combofix.txt: supprimé ! C:\fixnavi.txt: supprimé ! C:\cleannavi.txt: supprimé ! C:\Copie mes documents\cleannavi.txt: supprimé ! C:\Documents and Settings\HP_Propriétaire\Bureau\Rapports\Gmer.txt: supprimé ! C:\Infection\Rapports\Gmer.txt: supprimé ! C:\Utilitaires\hijackthis.log: supprimé ! C:\Qoobox: supprimé ! C:\Program Files\HijackThis: supprimé ! Corbeille vidée! Fichiers temporaires nettoyés ! Sauvegarde du registre crée ! Point de restauration crée ! Voici Combofix : ComboFix 09-04-04.01 - HP_Propriétaire 2009-04-08 21:20:52.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.382.202 [GMT 2:00] Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\Combix.exe * Un nouveau point de restauration a été créé . ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-08 au 2009-04-08 )))))))))))))))))))))))))))))))))))) . 2009-04-08 20:18 . 2009-04-08 20:18 45,110,670 --a------ C:\Sauv.reg 2009-04-08 18:43 . 2004-08-05 20:00 221,184 --a------ c:\windows\system32\wmpns.dll 2009-04-08 18:43 . 2009-04-08 18:43 1,932 -rahs---- c:\windows\system32\drivers\103C_HP_CPC_EC616AA-ABF t3128.fr_YC_0Pavi_QCZC531_E53FRheBLU4_47_IAMETHYST-M_SMSI_V1.0_B3.20_T050708_WXH2_L40C_M383_J160_7AMD_8Sempron_91.79_#060127_N10EC8 139_Z11C1048C_G10025954_OLITE-ON DVDRW SOHW-1633S_DPTS0307.MRK 2009-04-08 18:42 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-08 18:42 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-08 18:42 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-08 18:42 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-08 18:42 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-08 18:42 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-08 18:42 . 2009-04-08 18:46 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-08 18:42 . 2009-04-08 18:46 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-08 18:42 . 2009-04-08 18:56 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-08 18:42 . 2009-04-08 18:56 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-08 18:42 . 2009-04-08 18:45 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-08 18:42 . 2009-04-08 18:45 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-08 18:42 . 2009-04-08 18:36 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-08 18:42 . 2009-04-08 18:36 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-08 18:42 . 2009-04-08 20:30 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-08 18:42 . 2009-04-08 20:30 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-08 18:42 . 2009-04-08 18:45 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Symantec 2009-04-08 18:42 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\SampleView 2009-04-08 18:42 . 2005-01-02 03:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Apple Computer 2009-04-08 18:42 . 2009-04-08 20:18 <REP> d-------- c:\documents and settings\HP_Propriétaire 2009-04-08 18:40 . 2005-01-02 03:48 <REP> d-------- c:\windows\system32\config\systemprofile\WINDOWS 2009-04-08 16:56 . 2009-04-08 16:56 <REP> d---s---- c:\documents and settings\HP_Propriétaire\UserData 2009-04-08 16:56 . 2009-04-08 16:56 <REP> d---s---- c:\documents and settings\HP_Propriétaire\UserData 2009-04-08 08:49 . 2009-04-08 08:49 <REP> d-------- c:\windows\AU_Temp 2009-04-08 08:49 . 2009-04-08 08:49 22,859,401 --a------ c:\windows\VPTNFILE.951 2009-04-08 08:49 . 2009-04-08 08:49 22,859,401 --a------ c:\windows\LPT$VPN.951 2009-04-08 07:27 . 2009-04-08 07:27 <REP> d-------- c:\program files\SymNetDrv 2009-04-08 03:49 . 2009-04-08 04:04 <REP> d-------- C:\Infection 2009-04-07 20:09 . 2009-04-07 20:09 <REP> d-------- c:\program files\Jcore 2009-04-07 20:09 . 2009-04-07 23:36 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\nidle 2009-04-07 11:18 . 2009-04-08 14:41 <REP> d-------- C:\gamer 2009-04-07 11:16 . 2009-04-07 11:16 278,161 --a------ C:\gamer.zip 2009-04-06 18:44 . 2009-04-08 14:41 <REP> d-------- C:\gmer 2009-04-06 12:28 . 2009-04-07 16:15 <REP> d-------- c:\windows\dhcp 2009-04-06 12:28 . 2009-04-08 14:45 <REP> dr-hs---- c:\program files\ThunMail 2009-04-06 10:47 . 2009-04-07 21:13 679 --a------ C:\Fich2.bat 2009-04-06 10:46 . 2009-04-07 21:11 133 --a------ C:\Fich1.bat 2009-04-04 21:54 . 2009-04-08 14:41 <REP> d-------- C:\FR-files 2009-04-04 21:46 . 2009-04-07 19:28 <REP> d-------- C:\WinFileReplace 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\program files\Avira 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 08:35 . 2009-04-03 14:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\.ABC 2009-04-02 17:20 . 2009-04-08 14:45 <REP> d-------- c:\program files\Sudoku 2009-04-02 16:51 . 2009-04-02 16:51 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Goto.Games 2009-04-02 16:46 . 2009-04-08 14:45 <REP> d-------- c:\program files\Objectif Tarot 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:10 . 2009-04-02 16:10 242,176 --a------ c:\windows\~INSX362.EX_ 2009-04-02 15:52 . 2009-04-02 15:52 <REP> d-------- C:\bases 2009-04-02 15:08 . 2009-04-02 15:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\vlc 2009-04-02 14:53 . 2009-04-03 20:54 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Ahead 2009-04-02 11:58 . 2009-04-02 11:58 <REP> d-------- C:\6761876ae56e766ef0e09bcba4e9d4b7 2009-04-02 11:39 . 2009-04-08 14:45 <REP> d-------- c:\program files\Spamihilator 2009-04-02 11:01 . 2009-04-04 18:43 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Spamihilator 2009-04-02 10:57 . 2009-04-02 10:57 130,813 --a------ C:\F3.tmp 2009-04-02 10:39 . 2009-04-02 10:39 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Microsoft Web Folders 2009-04-02 09:56 . 2009-04-02 09:56 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\ABBYY 2009-04-02 06:54 . 2009-04-05 21:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Orbit 2009-04-02 00:50 . 2009-04-03 12:13 94,208 --a------ c:\windows\DUMP98e4.tmp 2009-04-02 00:50 . 2009-04-02 20:32 94,208 --a------ c:\windows\DUMP832a.tmp 2009-04-01 22:06 . 2009-04-08 20:16 <REP> d-------- C:\Copie mes documents 2009-04-01 18:10 . 2009-04-08 20:16 <REP> d-------- c:\windows\ERUNT 2009-04-01 18:09 . 2009-04-04 22:24 130 --a------ c:\windows\adobe.bat 2009-04-01 18:09 . 2009-04-04 19:53 7 --a------ c:\windows\_id.dat 2009-04-01 18:08 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\WINDOWS 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage réseau 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage d'impression 2009-04-01 18:08 . 2008-10-11 03:30 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Modèles 2009-04-01 18:08 . 2005-01-02 04:16 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Mes documents 2009-04-01 18:08 . 2004-11-25 05:26 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Menu Démarrer 2009-04-01 18:08 . 2008-10-10 19:05 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Favoris 2009-04-01 18:08 . 2005-01-02 03:51 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Bureau 2009-04-01 18:08 . 2005-01-02 04:07 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\Symantec 2009-04-01 18:08 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\SampleView 2009-04-01 18:08 . 2005-01-02 03:47 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\Apple Computer 2009-04-01 18:08 . 2009-04-01 21:35 <REP> d-------- c:\documents and settings\Administrateur.CHRIS 2009-04-01 10:06 . 2009-04-01 10:06 0 --a------ C:\F.tmp 2009-04-01 09:52 . 2009-04-08 14:42 <REP> d-------- c:\program files\CleanUp! 2009-04-01 08:13 . 2009-04-01 08:13 0 --a------ C:\C.tmp 2009-04-01 08:10 . 2009-04-01 08:10 0 --a------ C:\B.tmp 2009-03-31 06:03 . 2009-03-31 06:10 <REP> d-------- c:\windows\vf_hip 2009-03-31 06:03 . 2009-04-08 14:43 <REP> d-------- c:\program files\Hide IP Platinum 2009-03-31 05:07 . 2009-03-31 05:07 <REP> d-------- c:\program files\Tetris 2009-03-31 05:07 . 2009-03-31 05:07 <REP> d-------- c:\program files\Intelore 2009-03-31 04:44 . 2009-03-31 05:07 <REP> d-------- c:\windows\vf_hip(2) 2009-03-31 04:44 . 2009-03-31 05:07 <REP> d-------- c:\program files\Hide IP Platinum(2) 2009-03-28 13:16 . 2009-03-28 13:16 <REP> d-------- c:\program files\TomTom International B.V 2009-03-18 17:00 . 2009-03-18 17:00 <REP> d-------- c:\program files\VS Revo Group 2009-03-18 15:34 . 2009-03-18 15:34 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-03-13 16:38 . 2009-03-13 16:38 <REP> d-------- c:\program files\SFR . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-08 17:36 --------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-04-08 17:36 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-04-08 16:50 --------- d-----w c:\program files\Symantec 2009-04-08 16:45 --------- d-----w c:\program files\Easy Internet signup 2009-04-08 12:44 --------- d-----w c:\program files\NeoDivx Suite 2009-04-08 12:44 --------- d-----w c:\program files\Microsoft Works 2009-04-08 12:44 --------- d-----w c:\program files\Media Player Classic 2009-04-08 12:44 --------- d-----w c:\program files\MasterSplitter 2009-04-08 12:44 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-08 12:44 --------- d-----w c:\program files\KaraFun 2009-04-08 12:44 --------- d-----w c:\program files\Infra Recorder 2009-04-08 12:43 --------- d-----w c:\program files\GXTranscoder v2 2009-04-08 12:43 --------- d-----w c:\program files\GSpot 2009-04-08 12:43 --------- d-----w c:\program files\Free Window Registry Repair 2009-04-08 12:43 --------- d-----w c:\program files\Free Video Converter 2009-04-08 12:43 --------- d-----w c:\program files\ffdshow 2009-04-08 12:43 --------- d-----w c:\program files\Eraser 2009-04-08 06:49 91,744 -c--a-w c:\windows\BPMNT.dll 2009-04-08 06:49 1,213,784 -c--a-w c:\windows\vsapi32.dll 2009-04-08 06:48 69,689 -c--a-w c:\windows\UNZIP.DLL 2009-04-08 06:48 507,904 -c--a-w c:\windows\TMUPDATE.DLL 2009-04-04 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-04-04 10:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-03 15:50 --------- d-----w c:\program files\Microsoft Money 2009-04-03 04:58 --------- d-----w c:\program files\EPSON 2009-04-02 14:26 --------- d-----w c:\program files\ACE Mega CoDecS Pack 2009-04-02 13:36 --------- d-----w c:\program files\Microsoft Bootvis 2009-04-02 11:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-02 03:56 --------- d-----w c:\program files\CCleaner 2009-04-01 07:25 71,749 -c--a-w c:\windows\hcextoutput.dll 2009-04-01 03:45 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-28 10:26 --------- d-----w c:\program files\TomTom HOME 2 2009-03-18 13:34 --------- d-----w c:\program files\Yahoo! 2005-05-13 15:12 217,073 --sha-r c:\windows\meta4.exe 2007-01-28 18:20 22 --sha-w c:\windows\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952] "PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-03 61440] "HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456] "HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-06 339968] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0\bin\jusched.exe" [2005-01-02 36972] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-10-14 278528] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 c:\windows\AGRSMMSG.exe] c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2003-09-30 57344] c:\documents and settings\Administrateur.CHRIS\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\Administrateur.NOM-EB85C523610.000\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2003-09-30 57344] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= --- Autres Services/Pilotes en mémoire --- *Deregistered* - DwShield0000761E . Contenu du dossier 'Tâches planifiées' 2009-03-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-04-08 c:\windows\Tasks\Connexion facile à Internet.job - c:\program files\Easy Internet signup\HPSdpApp.exe [2005-03-03 19:04] 2009-04-03 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-08 21:25:35 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(532) c:\windows\system32\Ati2evxx.dll . Heure de fin: 2009-04-08 21:27:39 ComboFix-quarantined-files.txt 2009-04-08 19:27:21 Avant-CF: 46 092 042 240 octets libres Après-CF: 46,091,001,856 octets libres 214 Et enfin celui de Gmer : GMER 1.0.15.14966 - http://www.gmer.net Rootkit scan 2009-04-09 05:47:50 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.15 ---- SSDT 82773880 ZwConnectPort Code \??\C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\catchme.sys pIofCallDriver ---- Kernel code sections - GMER 1.0.15 ---- ? C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\catchme.sys Le fichier spécifié est introuvable. ! ? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS Le fichier spécifié est introuvable. ! ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ---- Files - GMER 1.0.15 ---- File C:\Documents and Settings\All Users\Application Data\Adobe\Updater5\AdobeESDGlobalApps.xml 285 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000166.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000083.query 11954 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008b.query 17578 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a7.query 2934 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b8.query 182 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000db.query 1892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f2.query 4150 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000100.query 340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000106.query 7128 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000126.query 7702 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000137.query 7340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000156.query 11238 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000007f.query 8966 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000080.query 222 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000082.query 0 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000084.query 0 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000085.query 2950 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000086.query 2950 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000088.query 284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008a.query 17578 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008c.query 570 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008d.query 1926 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008e.query 1926 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000090.query 214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000092.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000093.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000094.query 300 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000095.query 778 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000096.query 778 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000098.query 198 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009a.query 2968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009b.query 2968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009c.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009e.query 5536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009f.query 5536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a0.query 296 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a2.query 1994 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a3.query 1994 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a4.query 298 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a6.query 2934 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a8.query 212 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000aa.query 2866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ab.query 2866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ac.query 200 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ae.query 3786 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000af.query 3786 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b0.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b1.query 1062 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b2.query 1062 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b4.query 534 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b5.query 3718 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b6.query 3718 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ba.query 7326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000bb.query 7326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000bc.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000be.query 4324 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000bf.query 4324 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c0.query 190 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c2.query 3660 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c3.query 3660 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c4.query 222 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c6.query 5378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c7.query 5378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c8.query 276 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ca.query 3976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000cb.query 3976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000cc.query 254 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ce.query 14864 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000cf.query 14864 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d0.query 204 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d2.query 5480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d3.query 5480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d4.query 200 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d6.query 3256 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d7.query 3256 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d8.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000da.query 1892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000dc.query 368 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000dd.query 514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000de.query 514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e0.query 236 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e1.query 378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e2.query 6314 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e3.query 5944 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e4.query 476 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e5.query 1312 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e6.query 1312 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e8.query 284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ea.query 8102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000eb.query 8102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ec.query 266 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ee.query 8042 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ef.query 8042 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f0.query 276 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f3.query 4150 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f4.query 536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f5.query 2360 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f6.query 2360 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f8.query 328 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fa.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fb.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fc.query 318 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fe.query 3766 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ff.query 3766 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e6.query 5648 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e7.query 5648 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e8.query 564 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ec.query 82 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ed.query 694 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ee.query 694 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f0.query 694 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f1.query 1214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f2.query 2054 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f3.query 848 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f4.query 496 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f8.query 246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001fc.query 244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000200.query 252 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000101.query 506 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000102.query 4902 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000103.query 4404 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000104.query 348 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000107.query 7128 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000108.query 266 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000010a.query 1480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000010b.query 1480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000010c.query 356 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000110.query 452 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000111.query 942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000112.query 942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000114.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000115.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000116.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000118.query 518 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000119.query 990 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011a.query 990 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011c.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011d.query 2078 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011e.query 2078 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000120.query 338 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000121.query 1086 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000122.query 1086 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000124.query 246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000127.query 7702 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000128.query 152 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012a.query 296 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012b.query 296 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012c.query 444 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012d.query 4082 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012e.query 4082 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000130.query 238 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000132.query 9370 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000133.query 9370 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000134.query 306 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000136.query 7340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000138.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013a.query 5652 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013b.query 5652 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013c.query 232 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013e.query 7606 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013f.query 7606 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000140.query 348 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000142.query 9044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000143.query 9044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000144.query 294 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000146.query 8426 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000147.query 8426 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000148.query 218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014a.query 6942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014b.query 6942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014c.query 226 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014e.query 7550 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014f.query 7550 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000150.query 274 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000152.query 5448 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000153.query 5448 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000154.query 340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000157.query 11238 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000158.query 478 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000015c.query 504 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000160.query 462 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000162.query 4968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000163.query 4968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000164.query 388 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000165.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000168.query 252 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016a.query 19148 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016b.query 19148 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016c.query 196 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016e.query 7594 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016f.query 7594 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000170.query 168 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000172.query 3420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000173.query 3420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000174.query 124 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000176.query 10956 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000177.query 10956 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000178.query 134 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000179.query 184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017a.query 2642 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017b.query 2466 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017c.query 156 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017e.query 6006 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017f.query 6006 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000180.query 234 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000182.query 21404 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000183.query 21404 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000184.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000186.query 9900 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000187.query 9900 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018a.query 4206 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018b.query 4206 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018c.query 282 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018d.query 546 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018e.query 1050 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018f.query 512 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000190.query 252 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000191.query 598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000192.query 598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000194.query 210 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000196.query 1960 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000197.query 1960 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000198.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019a.query 19024 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019b.query 19024 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019c.query 188 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019e.query 6536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019f.query 6536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a0.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a2.query 9952 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a3.query 9952 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a4.query 432 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a8.query 246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001aa.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ab.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ac.query 364 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ad.query 3866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ae.query 3866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b0.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000188.query 204 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b2.query 17598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c8.query 274 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e4.query 262 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000204.query 84 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000219.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022c.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024a.query 2154 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025e.query 664 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000278.query 220 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028c.query 196 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ba.query 2542 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b3.query 17598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b4.query 262 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b6.query 7244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b7.query 7244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b8.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ba.query 11944 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001bb.query 11944 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001bc.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001be.query 2004 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001bf.query 2004 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c0.query 242 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c2.query 18050 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c3.query 18050 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c4.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c6.query 7300 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c7.query 7300 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002bb.query 2542 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000205.query 476 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000206.query 476 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000208.query 160 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000020a.query 3892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000020b.query 3892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000020c.query 230 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000210.query 102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000212.query 1420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000213.query 1420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000214.query 84 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000215.query 2102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000216.query 2102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000218.query 244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021a.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021c.query 174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021d.query 1670 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021e.query 1670 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000220.query 172 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000221.query 2330 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000222.query 2330 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000224.query 208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000226.query 2284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000227.query 2284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000228.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000229.query 354 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022a.query 4378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022b.query 4032 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022d.query 1884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022e.query 1884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000230.query 206 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000231.query 3184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000232.query 3184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000234.query 218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000236.query 5838 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000237.query 5838 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000238.query 282 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000239.query 1520 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023a.query 1520 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023c.query 446 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023d.query 2444 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023e.query 2444 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000240.query 146 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000241.query 1592 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000242.query 1592 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000244.query 210 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000246.query 1780 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000247.query 1780 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000248.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024b.query 2154 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024c.query 200 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024e.query 3142 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024f.query 3142 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000250.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000252.query 3586 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000253.query 3586 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000254.query 244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000255.query 2218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000256.query 2218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000258.query 162 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025a.query 3562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025b.query 3562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025c.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025f.query 664 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000260.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000261.query 562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000262.query 562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000264.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000266.query 3514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000267.query 3514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000268.query 184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000269.query 972 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026a.query 972 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026c.query 156 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026e.query 2260 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026f.query 2260 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000270.query 184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000272.query 4014 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000273.query 4014 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000274.query 156 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000276.query 904 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000277.query 904 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027a.query 1018 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027b.query 1018 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027c.query 214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027e.query 5064 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027f.query 5064 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000280.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000282.query 2858 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000283.query 2858 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000284.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000285.query 974 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000286.query 974 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000288.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000289.query 322 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028a.query 322 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028d.query 976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028e.query 976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000290.query 134 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000292.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000293.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000294.query 146 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000296.query 5174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000297.query 5174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000298.query 364 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000299.query 2044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029a.query 2044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029c.query 350 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029e.query 1458 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029f.query 1458 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a0.query 402 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a2.query 1996 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a3.query 1996 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a4.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a6.query 1968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a7.query 1968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a8.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002aa.query 1180 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ab.query 1180 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ac.query 222 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ad.query 614 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ae.query 1628 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002af.query 1022 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b0.query 230 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b2.query 3174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b3.query 3174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b4.query 214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b6.query 3162 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b7.query 3162 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b8.query 208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ca.query 7884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001cb.query 7884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001cc.query 292 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ce.query 24326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001cf.query 24326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d0.query 242 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d2.query 4332 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d3.query 4332 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d4.query 326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d6.query 8208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d7.query 8208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d8.query 204 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001da.query 6792 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001db.query 6792 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001dc.query 516 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e0.query 440 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e2.query 4792 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e3.query 4792 bytes ---- EOF - GMER 1.0.15 ---- Est-ce très mauvais? ou acceptable? De toute façon, c'est le dernier essai. Je rappppelle que je n'ai toujours pas d'antivirus installé. Conseil? A bientôt

OK. Je vais essayer une dernière fois mais ça m'embête de capituler devant une machine. Merci en tout cas pour votre assistance, vos conseils et votre parience A bientôt

Désolé Pear, Quand je veux telecharger Kaspersky, il me demande de mettre à jour Java et si je télécharge java, l'installer me dit à un moment qu'il ne peut pas décompresser les fichiers Core et l'installation s'arrête. Je suis bloqué avant de commencer!

OK. Ca commence mal, je suis incapable d'installer java. il me di qu'il ne peut pas decompresser les fichiers core. je vais encore réinstaller windows.

OK. Vais faire votre procédure. Tout avait bien fonctionné jusqu'à secuser.com. Scan. Trouvé un tas de PE Virux.F. J'ai dû supprimer des fichiers qu'il ne fallait pas. J'ai dû réinstaller Windows dans les même conditions que précédemment. Merci de bien vouloir m'assister. Je lance votre procédure immédiatement.

Suis toujour en cours de vérification. J'ai fait un bon nettoyage avec DrWeb CureIt. Puis Combofix Voici le log : ComboFix 09-04-04.01 - HP_Propriétaire 2009-04-08 5:05:52.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.382.81 [GMT 2:00] Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe AV: Norton Internet Security *On-access scanning enabled* (Updated) FW: Norton Internet Security *enabled* * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\HP_Propriétaire\reader_s.exe c:\windows\system32\reader_s.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_restore ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-08 au 2009-04-08 )))))))))))))))))))))))))))))))))))) . 2009-04-08 05:02 . 2009-04-08 05:02 80 --a------ c:\windows\system32\7F.tmp 2009-04-08 04:42 . 2004-08-05 20:00 221,184 --a------ c:\windows\system32\wmpns.dll 2009-04-08 04:42 . 2009-04-08 04:42 1,932 -rahs---- c:\windows\system32\drivers\103C_HP_CPC_EC616AA-ABF t3128.fr_YC_0Pavi_QCZC531_E53FRheBLU4_47_IAMETHYST-M_SMSI_V1.0_B3.20_T050708_WXH2_L40C_M383_J160_7AMD_8Sempron_91.79_#060127_N10EC8 139_Z11C1048C_G10025954_OLITE-ON DVDRW SOHW-1633S_DPTS0307.MRK 2009-04-08 04:41 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-08 04:41 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-08 04:41 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-08 04:41 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-08 04:41 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-08 04:41 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-08 04:41 . 2009-04-08 04:44 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-08 04:41 . 2009-04-08 04:44 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-08 04:41 . 2009-04-08 04:44 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-08 04:41 . 2009-04-08 04:44 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-08 04:41 . 2009-04-08 04:44 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-08 04:41 . 2009-04-08 04:44 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-08 04:41 . 2009-04-08 04:44 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-08 04:41 . 2009-04-08 04:44 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-08 04:41 . 2009-04-08 04:44 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-08 04:41 . 2009-04-08 04:44 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-08 04:41 . 2005-01-02 04:07 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Symantec 2009-04-08 04:41 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\SampleView 2009-04-08 04:41 . 2005-01-02 03:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Apple Computer 2009-04-08 04:41 . 2009-04-08 05:06 <REP> d-------- c:\documents and settings\HP_Propriétaire 2009-04-08 04:39 . 2005-01-02 03:48 <REP> d-------- c:\windows\system32\config\systemprofile\WINDOWS 2009-04-08 04:39 . 2005-01-02 04:07 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\Symantec 2009-04-08 04:39 . 2005-01-02 03:58 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\SampleView 2009-04-08 04:39 . 2005-01-02 03:47 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\Apple Computer 2009-04-08 03:49 . 2009-04-08 04:04 <REP> d-------- C:\Infection 2009-04-07 20:09 . 2009-04-07 20:09 <REP> d-------- c:\program files\Jcore 2009-04-07 20:09 . 2009-04-07 23:36 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\nidle 2009-04-07 11:18 . 2009-04-07 11:19 <REP> d-------- C:\gamer 2009-04-07 11:16 . 2009-04-07 11:16 278,161 --a------ C:\gamer.zip 2009-04-06 18:44 . 2009-04-06 18:44 <REP> d-------- C:\gmer 2009-04-06 18:42 . 2009-04-06 18:42 278,161 --a------ C:\gmer.zip 2009-04-06 12:28 . 2009-04-07 16:15 <REP> d-------- c:\windows\dhcp 2009-04-06 12:28 . 2009-04-07 06:55 <REP> dr-hs---- c:\program files\ThunMail 2009-04-06 10:47 . 2009-04-07 21:13 679 --a------ C:\Fich2.bat 2009-04-06 10:46 . 2009-04-07 21:11 133 --a------ C:\Fich1.bat 2009-04-04 21:58 . 2004-08-05 20:00 1,055,232 --a------ c:\windows\explorer.backup 2009-04-04 21:54 . 2009-04-07 19:33 <REP> d-------- C:\FR-files 2009-04-04 21:46 . 2009-04-07 19:28 <REP> d-------- C:\WinFileReplace 2009-04-04 19:53 . 2009-04-04 19:53 11,452,389 --a------ c:\windows\services.ex_ 2009-04-04 16:47 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\LPT$VPN.943 2009-04-04 16:46 . 2009-04-04 16:46 <REP> d-------- c:\windows\AU_Temp 2009-04-04 16:46 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\VPTNFILE.943 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\program files\Avira 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 08:35 . 2009-04-03 14:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\.ABC 2009-04-02 17:20 . 2009-04-05 06:28 <REP> d-------- c:\program files\Sudoku 2009-04-02 16:51 . 2009-04-02 16:51 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Goto.Games 2009-04-02 16:46 . 2009-04-02 16:47 <REP> d-------- c:\program files\Objectif Tarot 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:10 . 2009-04-02 16:10 242,176 --a------ c:\windows\~INSX362.EX_ 2009-04-02 15:52 . 2009-04-02 15:52 <REP> d-------- C:\bases 2009-04-02 15:08 . 2009-04-02 15:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\vlc 2009-04-02 14:53 . 2009-04-03 20:54 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Ahead 2009-04-02 11:58 . 2009-04-02 11:58 <REP> d-------- C:\6761876ae56e766ef0e09bcba4e9d4b7 2009-04-02 11:39 . 2009-04-04 16:26 <REP> d-------- c:\program files\Spamihilator 2009-04-02 11:01 . 2009-04-04 18:43 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Spamihilator 2009-04-02 10:57 . 2009-04-02 10:57 130,813 --a------ C:\F3.tmp 2009-04-02 10:39 . 2009-04-02 10:39 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Microsoft Web Folders 2009-04-02 09:56 . 2009-04-02 09:56 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\ABBYY 2009-04-02 06:54 . 2009-04-05 21:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Orbit 2009-04-02 00:50 . 2009-04-03 12:13 94,208 --a------ c:\windows\DUMP98e4.tmp 2009-04-02 00:50 . 2009-04-02 20:32 94,208 --a------ c:\windows\DUMP832a.tmp 2009-04-01 22:06 . 2009-04-03 18:55 <REP> d-------- C:\Copie mes documents 2009-04-01 18:10 . 2009-04-01 18:10 <REP> d-------- c:\windows\ERUNT 2009-04-01 18:09 . 2009-04-04 22:24 130 --a------ c:\windows\adobe.bat 2009-04-01 18:09 . 2009-04-04 19:53 7 --a------ c:\windows\_id.dat 2009-04-01 18:08 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\WINDOWS 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage réseau 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage d'impression 2009-04-01 18:08 . 2008-10-11 03:30 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Modèles 2009-04-01 18:08 . 2005-01-02 04:16 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Mes documents 2009-04-01 18:08 . 2004-11-25 05:26 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Menu Démarrer 2009-04-01 18:08 . 2008-10-10 19:05 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Favoris 2009-04-01 18:08 . 2005-01-02 03:51 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Bureau 2009-04-01 18:08 . 2005-01-02 04:07 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\Symantec 2009-04-01 18:08 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\SampleView 2009-04-01 18:08 . 2005-01-02 03:47 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\Apple Computer 2009-04-01 18:08 . 2009-04-01 21:35 <REP> d-------- c:\documents and settings\Administrateur.CHRIS 2009-04-01 10:06 . 2009-04-01 10:06 0 --a------ C:\F.tmp 2009-04-01 09:52 . 2009-04-01 09:52 <REP> d-------- c:\program files\CleanUp! 2009-04-01 08:13 . 2009-04-01 08:13 0 --a------ C:\C.tmp 2009-04-01 08:10 . 2009-04-01 08:10 0 --a------ C:\B.tmp 2009-03-31 06:03 . 2009-03-31 06:10 <REP> d-------- c:\windows\vf_hip 2009-03-31 06:03 . 2009-03-31 08:52 <REP> d-------- c:\program files\Hide IP Platinum 2009-03-31 05:07 . 2009-03-31 05:07 <REP> d-------- c:\program files\Tetris 2009-03-31 05:07 . 2009-03-31 05:07 <REP> d-------- c:\program files\Intelore 2009-03-31 04:44 . 2009-03-31 05:07 <REP> d-------- c:\windows\vf_hip(2) 2009-03-31 04:44 . 2009-03-31 05:07 <REP> d-------- c:\program files\Hide IP Platinum(2) 2009-03-28 13:16 . 2009-03-28 13:16 <REP> d-------- c:\program files\TomTom International B.V 2009-03-18 17:00 . 2009-03-18 17:00 <REP> d-------- c:\program files\VS Revo Group 2009-03-18 15:34 . 2009-03-18 15:34 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-03-13 16:38 . 2009-03-13 16:38 <REP> d-------- c:\program files\SFR . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-08 03:03 213,376 ----a-w c:\windows\system32\drivers\ndis.sys 2009-04-04 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-04-04 14:46 91,744 -c--a-w c:\windows\BPMNT.dll 2009-04-04 14:46 1,213,784 -c--a-w c:\windows\vsapi32.dll 2009-04-04 14:45 69,689 -c--a-w c:\windows\UNZIP.DLL 2009-04-04 14:45 507,904 -c--a-w c:\windows\TMUPDATE.DLL 2009-04-04 10:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-03 20:00 --------- d-----w c:\program files\DAP 2009-04-03 15:50 --------- d-----w c:\program files\Microsoft Money 2009-04-03 06:35 --------- d-----w c:\program files\ABC 2009-04-03 05:10 --------- d-----w c:\program files\Smart Panel 2009-04-03 04:58 --------- d-----w c:\program files\EPSON 2009-04-02 20:32 --------- d-----w c:\program files\AsfTools 2009-04-02 14:34 --------- d-----w c:\program files\BzTarot 2009-04-02 14:26 --------- d-----w c:\program files\ACE Mega CoDecS Pack 2009-04-02 13:48 --------- d-----w c:\program files\ACD Systems 2009-04-02 13:36 --------- d-----w c:\program files\Microsoft Bootvis 2009-04-02 11:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-02 09:37 --------- d-----w c:\program files\Orbitdownloader 2009-04-02 08:58 --------- d-----w c:\program files\Eliminate Spam! 2009-04-02 04:57 --------- d-----w c:\program files\A.S.C 2009-04-02 04:36 --------- d-----w c:\program files\PeckJoin 2009-04-02 03:56 --------- d-----w c:\program files\CCleaner 2009-04-01 07:25 71,749 -c--a-w c:\windows\hcextoutput.dll 2009-04-01 07:25 368,709 -c--a-w c:\windows\tsc.exe 2009-04-01 03:45 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-04-01 00:18 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-03-31 05:50 --------- d-----w c:\program files\eMule 2009-03-28 10:26 --------- d-----w c:\program files\TomTom HOME 2 2009-03-18 15:38 --------- d-----w c:\program files\Tomtomax Maxi-Box 2009-03-18 13:34 --------- d-----w c:\program files\Yahoo! 2009-02-22 09:26 --------- d-----w c:\program files\WinAVI Video Converter 9.0 2009-02-16 14:17 --------- d-----w c:\program files\Video Strip Poker Full Version - NICOLE 2005-05-13 15:12 217,073 --sha-r c:\windows\meta4.exe 2007-01-28 18:20 22 --sha-w c:\windows\SMINST\HPCD.sys . ------- Sigcheck ------- 2004-08-05 20:00 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\$NtServicePackUninstall$\ndis.sys 2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys 2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys 2009-04-08 05:03 213376 ff85ebd2ad3679254cf251136c62d764 c:\windows\system32\dllcache\ndis.sys 2009-04-08 05:03 213376 ff85ebd2ad3679254cf251136c62d764 c:\windows\system32\drivers\ndis.sys 2004-08-05 20:00 34304 ecf932debc3adb435a516f58ddffec9d c:\windows\$NtServicePackUninstall$\ctfmon.exe 2008-04-14 04:33 34304 8181a7405cfba23178508c8b837e1333 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ctfmon.exe 2008-04-14 04:33 34304 330f39a904e20672ffc4a035fb3e78af c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ctfmon.exe 2004-08-05 20:00 34304 c3f1c42466430fff66e79b581f0d9ca6 c:\windows\system32\ctfmon.exe 2004-08-05 20:00 34304 c437c943ef10877cf017794cf5bb1527 c:\windows\system32\dllcache\ctfmon.exe 2008-04-14 04:34 131584 94cc30176ce100887fc8cb71421020a5 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\wuauclt.exe 2008-04-14 04:34 131584 e94df3f47d5d9c29fea0ec7cc129d253 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wuauclt.exe 2004-08-05 20:00 131584 a2813cbef1cdd7b0e6b41238493d9083 c:\windows\system32\wuauclt.exe 2004-08-05 20:00 131584 4356a19011204a240e8ef7c2351828e1 c:\windows\system32\dllcache\wuauclt.exe 2004-08-05 20:00 44032 340283e6986ec63596f2e16d06e21279 c:\windows\$NtServicePackUninstall$\userinit.exe 2008-04-14 04:34 45568 26bf6b49401333ff2d061a47ccfb90f5 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\userinit.exe 2008-04-14 04:34 45568 4cf572364737db447420c278abdfab49 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\userinit.exe 2004-08-05 20:00 44032 1a0d800c5e4e0161a6a12684146c1525 c:\windows\system32\userinit.exe 2004-08-05 20:00 44032 bcc11f664d57aa3faff42fff244b5ef9 c:\windows\system32\dllcache\userinit.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0\bin\jusched.exe" [2005-01-02 36972] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-06 339968] "HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 69632] "HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 679936] "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-03 61440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-10-14 278528] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 253952] "SSC_UserPrompt"="c:\program files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-08-16 218240] "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 58488] "IS CfgWiz"="c:\program files\Norton Internet Security\cfgwiz.exe" [2004-08-24 132248] "URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 33936] "PS2"="c:\windows\system32\ps2.exe" [2004-10-25 110592] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 274432] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 c:\windows\AGRSMMSG.exe] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE] c:\documents and settings\Administrateur.CHRIS\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\Administrateur.NOM-EB85C523610.000\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= S3 kkr188b;kkr188b;c:\windows\system32\drivers\kkr188b.sys --> c:\windows\system32\drivers\kkr188b.sys [?] . Contenu du dossier 'Tâches planifiées' 2009-03-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-04-03 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [] 2005-01-02 c:\windows\Tasks\Symantec NetDetect.job - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 19:22] . - - - - ORPHELINS SUPPRIMES - - - - HKU-Default-Run-reader_s - c:\documents and settings\HP_Propriétaire\reader_s.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-08 05:13:30 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwOpenFile Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(536) c:\windows\system32\Ati2evxx.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Fichiers communs\Symantec Shared\ccProxy.exe c:\windows\system32\ati2evxx.exe c:\program files\Fichiers communs\Symantec Shared\ccSetMgr.exe c:\program files\Fichiers communs\Symantec Shared\ccEvtMgr.exe c:\windows\system32\HPZipm12.exe c:\windows\system32\wdfmgr.exe c:\program files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Fichiers communs\Symantec Shared\SNDSrvc.exe . ************************************************************************** . Heure de fin: 2009-04-08 5:17:36 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-08 03:17:30 ComboFix2.txt 2009-04-07 18:05:22 ComboFix3.txt 2009-04-07 16:58:47 ComboFix4.txt 2009-04-07 16:33:13 ComboFix5.txt 2009-04-08 03:00:47 Avant-CF: 45 557 862 400 octets libres Après-CF: 45,471,227,904 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect 279 Le problème vient de ce que Combofix supprime reader_s.exe. Ceci oblige à une restauration Windows à partir de la sauvegarde constructeur sur D . Elle es verrouillée et donc non polluée. On a quand même besoin du DVD de sauvegarde pur trouver un fichie indispensabble dans i386 sur le DVD. Reinstallation de Windows non destructrice. Ensuite : redémarrage en mode sans échec : DrWeb CureIt. Pas de Virut détecté suivant la procédure que vous avez recommandée. Installer Norton Antivirus fourni avec l'installation. Mise à jour. scan antivirus : 2 virus trouvés: Trojan.pandex dans fichiers BN1 et BN2.temp. Désinfectés. Scan en ligne secuser.com. Trouve une multitude de "PE Virux.F, F-1 et F-2" . La très grande majorité est cleanable. En cours. Peut-être suis-je tombé de Charybde en Scylla?

N'ai pas pu attendre. Pour l'instant j'ai une procédure encours et pas trace de Virut! jusqu'à maintenant. Attendons la fin : je vous communiquerai les résultats. Je crois avoir compris pourquoi batch n'a pas fonctionné. D'après l'aide de Windows que j'ai récupérée, batch d'adresse à des fichiers .txt et non à des fichiers.bat; il aurait donc fallu enregistrer fich1.txt et non fich1.bat. Je suis plein d'espoir et j'espère n'être pas déçu. Je vous tiens au courant dès que le vérifications sont terminées, avant d'entamer une nouvelle procédure en cas d'échec. Pour info : suis d'origine Bretonne : ça explique!

Bonjour, Avant de lancer la bombe atomique(formatage), jai fait une reinstallation de Windows non destructive à partir de la sauvegarde constructeur sur le disque D. Après la réinstallation de Windows, j'ai passé DrWeb CureIt suivant la procédure recommandée au départ, en mode sans échec. Il ne détecte rien. Donc, pas de rapport. avant de faire une bêtise, je me suis arrêté là. Que faire ensuite?. Je ne sais pas si la console fonctionne.

Tout n'est peut-être pas perdu! Lorsque je veux ouvrir la console, il me demande sur quelle session de windows je veux travailler : 1 : D:\i386 2 : D:\miniNT 3 : c:\windows. Est-ce que çà peut aider? Bonne nuit. A demain.

Désolé, Ai retenté la manip, elle coince au niveau batch comme hier. En utilisation console, je ne sais pas faire de copier/coller. La console fonctionne sur la sauvegarde de windows cachée sur une partition spéciale du disque dur. Je ne sais pas où elle se trouve. Enfin, je n'ai plus d'imprimante opérationnelle. Elle a dû être désinstallée au cours des différentes manoeuvres. Si j'introduis le CDrom de réinstallation, il me propose soit la réinstallation non destructive avec conservation de mes fichiers, soit le formatage pur et simple avec effacement total. Moralité, nous en sommes toujours au même point avec quelques bugs supplémentaires. Espérons que nous seront plus efficaces demain. L'espoir fait vivre. Bonne nuit.

Ai essayé de faire correctement la proédure : Gros problèmes . Le premier passage de Combofix s'est bien passé. Voici son log : ComboFix 09-04-04.01 - HP_Propriétaire 2009-04-07 18:21:01.10 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.382.122 [GMT 2:00] Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\HP_Propriétaire\Bureau\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Outdated) * Un nouveau point de restauration a été créé FILE :: c:\windows\DUMP32e7.tmp c:\windows\DUMP4352.tmp c:\windows\DUMP66f7.tmp c:\windows\system32\10.tmp c:\windows\system32\11.tmp c:\windows\system32\12.tmp c:\windows\system32\13.tmp c:\windows\system32\2.tmp c:\windows\system32\3.tmp c:\windows\system32\3361 c:\windows\system32\4.tmp c:\windows\system32\8.tmp c:\windows\system32\A.tmp c:\windows\system32\B.tmp c:\windows\system32\C.tmp c:\windows\system32\D.tmp c:\windows\system32\E.tmp c:\windows\system32\F.tmp . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\DUMP32e7.tmp c:\windows\DUMP4352.tmp c:\windows\DUMP66f7.tmp c:\windows\system32\10.tmp c:\windows\system32\11.tmp c:\windows\system32\12.tmp c:\windows\system32\13.tmp c:\windows\system32\2.tmp c:\windows\system32\3.tmp c:\windows\system32\4.tmp c:\windows\system32\8.tmp c:\windows\system32\A.tmp c:\windows\system32\B.tmp c:\windows\system32\C.tmp c:\windows\system32\D.tmp c:\windows\system32\drivers\dywbxpcpqbzpkzn.sys c:\windows\system32\drivers\str.sys c:\windows\system32\E.tmp c:\windows\system32\F.tmp c:\windows\system32\svchost.exe . . . est infecté!! c:\windows\system32\spoolsv.exe . . . est infecté!! c:\windows\explorer.exe . . . est infecté!! . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SYNSEND -------\Service_restore -------\Service_synsend ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-07 au 2009-04-07 )))))))))))))))))))))))))))))))))))) . 2009-04-07 11:18 . 2009-04-07 11:19 <REP> d-------- C:\gamer 2009-04-07 11:16 . 2009-04-07 11:16 278,161 --a------ C:\gamer.zip 2009-04-07 10:24 . 2009-04-07 10:24 84 --a------ c:\windows\system32\6.tmp 2009-04-06 18:44 . 2009-04-06 18:44 <REP> d-------- C:\gmer 2009-04-06 18:42 . 2009-04-06 18:42 278,161 --a------ C:\gmer.zip 2009-04-06 12:28 . 2009-04-07 16:28 <REP> d-------- c:\windows\system32\3361 2009-04-06 12:28 . 2009-04-07 16:15 <REP> d-------- c:\windows\dhcp 2009-04-06 12:28 . 2009-04-07 06:55 <REP> dr-hs---- c:\program files\ThunMail 2009-04-06 12:28 . 2009-04-06 12:28 108,336 --a------ c:\windows\system32\MSWINSCK.OCX 2009-04-06 12:28 . 2009-04-05 22:51 21,704 --a------ c:\windows\system32\vv.exe 2009-04-06 10:47 . 2009-04-06 10:47 679 --a------ C:\Fich2.bat 2009-04-06 10:46 . 2009-04-06 10:46 127 --a------ C:\Fich1.bat 2009-04-04 21:58 . 2004-08-05 20:00 1,055,232 --a------ c:\windows\explorer.backup 2009-04-04 21:58 . 2004-08-05 20:00 76,800 --a------ c:\windows\system32\spoolsv.backup 2009-04-04 21:57 . 2004-08-05 20:00 33,280 --a------ c:\windows\system32\svchost.backup 2009-04-04 21:54 . 2009-04-05 21:12 <REP> d-------- C:\FR-files 2009-04-04 21:46 . 2009-04-05 21:09 <REP> d-------- C:\WinFileReplace 2009-04-04 19:53 . 2009-04-04 19:53 11,452,389 --a------ c:\windows\services.ex_ 2009-04-04 16:47 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\LPT$VPN.943 2009-04-04 16:46 . 2009-04-04 16:46 <REP> d-------- c:\windows\AU_Temp 2009-04-04 16:46 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\VPTNFILE.943 2009-04-04 08:26 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\program files\Avira 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 08:35 . 2009-04-03 14:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\.ABC 2009-04-02 17:20 . 2009-04-05 06:28 <REP> d-------- c:\program files\Sudoku 2009-04-02 16:51 . 2009-04-02 16:51 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Goto.Games 2009-04-02 16:46 . 2009-04-02 16:47 <REP> d-------- c:\program files\Objectif Tarot 2009-04-02 16:46 . 2009-04-02 16:46 150,528 --a------ c:\windows\system32\SpoonUninstall.exe 2009-04-02 16:46 . 2009-04-02 16:46 82,994 --a------ c:\windows\system32\SpoonUninstall-Objectif Tarot.bmp 2009-04-02 16:46 . 2009-04-02 16:46 1,722 --a------ c:\windows\system32\SpoonUninstall-Objectif Tarot.dat 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:28 . 2009-04-03 21:59 98,304 --a------ c:\windows\system32\qttask.exe 2009-04-02 16:24 . 2004-02-17 10:11 53,248 --a------ c:\windows\system32\vp6dec_settings.cpl 2009-04-02 16:23 . 2003-08-18 05:10 122,880 --a------ c:\windows\system32\directx.cpl 2009-04-02 16:23 . 2003-03-25 05:49 106,544 --a------ c:\windows\system32\tweakui.cpl 2009-04-02 16:23 . 2003-03-25 05:49 98,304 --a------ c:\windows\system32\startup.cpl 2009-04-02 16:23 . 2003-03-25 05:49 51,238 --a------ c:\windows\system32\tweakui.hlp 2009-04-02 16:18 . 2004-05-25 16:06 417,792 --a------ c:\windows\system32\ac3filter.cpl 2009-04-02 16:10 . 2009-04-02 16:10 242,176 --a------ c:\windows\~INSX362.EX_ 2009-04-02 15:52 . 2009-04-02 15:52 <REP> d-------- C:\bases 2009-04-02 15:08 . 2009-04-02 15:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\vlc 2009-04-02 15:02 . 2009-04-02 15:02 124 --a------ c:\windows\system32\7.tmp 2009-04-02 14:53 . 2009-04-03 20:54 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Ahead 2009-04-02 12:23 . 2009-04-02 12:23 <REP> d-------- c:\windows\system32\fr-fr 2009-04-02 11:58 . 2009-04-02 11:58 <REP> d-------- C:\6761876ae56e766ef0e09bcba4e9d4b7 2009-04-02 11:39 . 2009-04-04 16:26 <REP> d-------- c:\program files\Spamihilator 2009-04-02 11:01 . 2009-04-04 18:43 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Spamihilator 2009-04-02 10:57 . 2009-04-02 10:57 130,813 --a------ C:\F3.tmp 2009-04-02 10:39 . 2009-04-02 10:39 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Microsoft Web Folders 2009-04-02 10:35 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys 2009-04-02 10:31 . 2001-11-02 15:10 184,320 --a------ c:\windows\system32\PhotoImpression Screen Saver.scr 2009-04-02 09:58 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys 2009-04-02 09:58 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2009-04-02 09:57 . 2003-05-23 03:06 73,869 --a------ c:\windows\system32\EBPMON24.DLL 2009-04-02 09:57 . 2003-05-21 04:27 64,000 --a------ c:\windows\system32\ECBTEG.DLL 2009-04-02 09:57 . 2009-04-03 21:58 39,936 --a------ c:\windows\system32\drivers\CDAC11BA.EXE 2009-04-02 09:57 . 2000-06-07 03:01 34,304 --a------ c:\windows\system32\EBPCHP.DLL 2009-04-02 09:57 . 2001-09-04 04:04 182 --a------ c:\windows\system32\EBPPORT4.DAT 2009-04-02 09:56 . 2009-04-02 09:56 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\ABBYY 2009-04-02 09:54 . 2003-04-02 00:00 217,088 --a------ c:\windows\system32\esdtr.dll 2009-04-02 09:54 . 2001-11-15 00:00 47,104 --a------ c:\windows\system32\escimgd.dll 2009-04-02 09:54 . 2002-06-20 00:00 32,256 --a------ c:\windows\system32\escwiad.dll 2009-04-02 09:54 . 2002-06-20 00:00 22,528 --a------ c:\windows\system32\esccmd.dll 2009-04-02 06:54 . 2009-04-05 21:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Orbit 2009-04-02 06:50 . 2009-04-02 06:50 172,032 --a------ c:\windows\system32\AniGIF.ocx 2009-04-02 06:35 . 1997-09-28 14:22 92,672 --a------ c:\windows\system32\COMDLG32.OCX 2009-04-02 06:35 . 1997-09-28 14:22 37,376 --a------ c:\windows\system32\VbVfw.dll 2009-04-02 03:09 . 2009-04-02 03:31 <REP> d-------- c:\windows\system32\CatRoot_bak 2009-04-02 03:06 . 2008-08-14 15:44 2,182,400 --------- c:\windows\system32\dllcache\ntoskrnl.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,138,112 --------- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,059,776 --------- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,017,792 --------- c:\windows\system32\dllcache\ntkrpamp.exe 2009-04-02 03:03 . 2008-10-24 13:10 453,632 --------- c:\windows\system32\dllcache\mrxsmb.sys 2009-04-02 03:01 . 2006-09-06 16:43 22,752 --a------ c:\windows\system32\spupdsvc.exe 2009-04-02 01:10 . 2008-06-14 19:59 272,768 --------- c:\windows\system32\drivers\bthport.sys 2009-04-02 01:10 . 2008-06-14 19:59 272,768 --------- c:\windows\system32\dllcache\bthport.sys 2009-04-02 01:07 . 2009-04-02 01:07 8,192 --a------ c:\windows\system32\edb.chk 2009-04-02 01:06 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-02 01:06 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-02 01:06 . 2009-04-02 08:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-02 01:06 . 2009-04-02 08:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-02 01:06 . 2009-04-07 16:30 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-02 01:06 . 2009-04-07 16:30 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-02 01:06 . 2009-04-02 10:38 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-02 01:06 . 2009-04-02 10:38 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-02 01:06 . 2009-04-07 06:54 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-02 01:06 . 2009-04-07 06:54 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-02 01:06 . 2009-04-07 18:20 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-02 01:06 . 2009-04-07 18:20 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-02 01:06 . 2005-01-02 04:07 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Symantec 2009-04-02 01:06 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\SampleView 2009-04-02 01:06 . 2005-01-02 03:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Apple Computer 2009-04-02 01:06 . 2009-04-07 16:15 <REP> d-------- c:\documents and settings\HP_Propriétaire 2009-04-02 01:06 . 2004-08-05 20:00 221,184 --a------ c:\windows\system32\wmpns.dll 2009-04-02 01:06 . 2009-04-02 01:06 1,832 -rahs---- c:\windows\system32\drivers\103C_HP_CPC_EC616AA-ABF t3128.fr_YC_0Pavi_QCZC531_E53FRheBLU4_47_IAMETHYST-M_SMSI_V1.0_B3.20_T050708_WXH2_L40C_M383_J160_7AMD_8Sempron_91.79_#060127_N10EC8 139_Z11C1048C_G10025954_OLITE-ON DVDRW SOHW-1633S_DPTS0307.MRK 2009-04-02 01:02 . 2005-01-02 03:48 <REP> d-------- c:\windows\system32\config\systemprofile\WINDOWS 2009-04-02 01:02 . 2005-01-02 04:07 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\Symantec 2009-04-02 01:02 . 2005-01-02 03:58 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\SampleView 2009-04-02 01:02 . 2005-01-02 03:47 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\Apple Computer 2009-04-02 00:50 . 2009-04-03 12:13 94,208 --a------ c:\windows\DUMP98e4.tmp 2009-04-02 00:50 . 2009-04-02 20:32 94,208 --a------ c:\windows\DUMP832a.tmp 2009-04-01 22:06 . 2009-04-03 18:55 <REP> d-------- C:\Copie mes documents 2009-04-01 18:10 . 2009-04-01 18:10 <REP> d-------- c:\windows\ERUNT 2009-04-01 18:09 . 2009-04-04 22:24 130 --a------ c:\windows\adobe.bat 2009-04-01 18:09 . 2009-04-04 19:53 7 --a------ c:\windows\_id.dat 2009-04-01 18:08 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\WINDOWS 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage réseau 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage d'impression 2009-04-01 18:08 . 2008-10-11 03:30 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Modèles 2009-04-01 18:08 . 2005-01-02 04:16 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Mes documents 2009-04-01 18:08 . 2004-11-25 05:26 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Menu Démarrer 2009-04-01 18:08 . 2008-10-10 19:05 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Favoris 2009-04-01 18:08 . 2005-01-02 03:51 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Bureau 2009-04-01 18:08 . 2005-01-02 04:07 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\Symantec 2009-04-01 18:08 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Application Data\SampleView . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-07 14:15 1,055,232 ----a-w c:\windows\explorer.exe 2009-04-06 14:13 213,376 ----a-w c:\windows\system32\drivers\ndis.sys 2009-04-04 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-04-04 14:46 91,744 -c--a-w c:\windows\BPMNT.dll 2009-04-04 14:46 1,213,784 -c--a-w c:\windows\vsapi32.dll 2009-04-04 14:45 69,689 -c--a-w c:\windows\UNZIP.DLL 2009-04-04 14:45 507,904 -c--a-w c:\windows\TMUPDATE.DLL 2009-04-04 10:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-03 20:00 --------- d-----w c:\program files\DAP 2009-04-03 19:58 57,344 ----a-w c:\windows\ALCXMNTR.EXE 2009-04-03 15:50 --------- d-----w c:\program files\Microsoft Money 2009-04-03 06:35 --------- d-----w c:\program files\ABC 2009-04-03 05:10 --------- d-----w c:\program files\Smart Panel 2009-04-03 05:09 --------- d--h--w c:\program files\InstallShield Installation Information 2009-04-03 04:58 --------- d-----w c:\program files\EPSON 2009-04-02 20:32 --------- d-----w c:\program files\AsfTools 2009-04-02 14:34 --------- d-----w c:\program files\BzTarot 2009-04-02 14:28 --------- d-----w c:\program files\Quicktime 2009-04-02 14:26 --------- d-----w c:\program files\ACE Mega CoDecS Pack 2009-04-02 13:48 --------- d-----w c:\program files\ACD Systems 2009-04-02 13:36 --------- d-----w c:\program files\Microsoft Bootvis 2009-04-02 11:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-02 09:37 --------- d-----w c:\program files\Orbitdownloader 2009-04-02 08:58 --------- d-----w c:\program files\Eliminate Spam! 2009-04-02 08:38 --------- d-----w c:\program files\microsoft frontpage 2009-04-02 04:57 --------- d-----w c:\program files\A.S.C 2009-04-02 04:36 --------- d-----w c:\program files\PeckJoin 2009-04-02 03:56 --------- d-----w c:\program files\CCleaner 2009-04-02 03:53 --------- d-----w c:\program files\Easy Internet signup 2009-04-01 23:08 --------- d-----w c:\program files\Symantec 2009-04-01 23:08 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-04-01 07:25 71,749 -c--a-w c:\windows\hcextoutput.dll 2009-04-01 07:25 368,709 -c--a-w c:\windows\tsc.exe 2009-04-01 03:45 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-04-01 00:18 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-03-31 05:50 --------- d-----w c:\program files\eMule 2009-03-28 10:26 --------- d-----w c:\program files\TomTom HOME 2 2009-03-18 15:38 --------- d-----w c:\program files\Tomtomax Maxi-Box 2009-03-18 13:34 --------- d-----w c:\program files\Yahoo! 2009-02-22 09:26 --------- d-----w c:\program files\WinAVI Video Converter 9.0 2009-02-16 14:17 --------- d-----w c:\program files\Video Strip Poker Full Version - NICOLE 2005-05-13 15:12 217,073 --sha-r c:\windows\meta4.exe 2007-01-28 18:20 22 --sha-w c:\windows\SMINST\HPCD.sys 2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll . ------- Sigcheck ------- 2004-08-05 20:00 33280 f2e9e2bb32afa47558ed88a19c00d32a c:\windows\$NtServicePackUninstall$\svchost.exe 2008-04-14 04:34 33280 4d185cc4379906b3131dfeb549a2a27e c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\svchost.exe 2008-04-14 04:34 33280 d938f7919cdae924800ff857482dd052 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\svchost.exe 2009-04-07 16:16 33280 e073bdd9f0d227e937d359f6d318ab14 c:\windows\system32\svchost.exe 2004-08-19 16:10 33280 48e130102a691a742cf082e34a39ce8b c:\windows\system32\dllcache\svchost.exe 2004-08-05 20:00 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\$NtServicePackUninstall$\ndis.sys 2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys 2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys 2009-04-06 16:13 213376 ff85ebd2ad3679254cf251136c62d764 c:\windows\system32\dllcache\ndis.sys 2009-04-06 16:13 213376 ff85ebd2ad3679254cf251136c62d764 c:\windows\system32\drivers\ndis.sys 2009-04-07 16:15 1055232 e1837536d4d0c12d328ec68b4b238750 c:\windows\explorer.exe 2007-06-13 15:10 1056256 6e77d2e39fdf839e2475406b0e854d9f c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-05 20:00 1055232 678e4eae8ed8741191bac5743157f12f c:\windows\$NtServicePackUninstall$\explorer.exe 2004-08-05 20:00 1055232 3a52c5525902fb158b435f5dcc9764fe c:\windows\$NtUninstallKB938828$\explorer.exe 2008-04-14 04:34 1056768 58f989c78fcfa836ac446b39a9e49d0c c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\explorer.exe 2008-04-14 04:34 1056768 2a6361367c665bec3f2b31c423af2cf8 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe 2004-08-19 16:09 1055232 dde1fb7c583310811b326a8563b8eed8 c:\windows\system32\dllcache\explorer.exe 2004-08-05 20:00 34304 ecf932debc3adb435a516f58ddffec9d c:\windows\$NtServicePackUninstall$\ctfmon.exe 2008-04-14 04:33 34304 8181a7405cfba23178508c8b837e1333 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ctfmon.exe 2008-04-14 04:33 34304 330f39a904e20672ffc4a035fb3e78af c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ctfmon.exe 2009-04-03 21:58 15360 14f3132dc8d481eba108ba9e2cf1389e c:\windows\system32\ctfmon.exe 2004-08-05 20:00 34304 9b8145273b153cba00630a03f3ffd31c c:\windows\system32\dllcache\ctfmon.exe 2005-06-11 02:17 76800 101d417010dee6004a41675dad35b720 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe 2004-08-05 20:00 76800 68167077066c4e7712b48d0268a46130 c:\windows\$NtServicePackUninstall$\spoolsv.exe 2004-08-05 20:00 76800 67a22c54ac31dc3b94a01db45d77b642 c:\windows\$NtUninstallKB896423$\spoolsv.exe 2008-04-14 04:34 76800 59d0d18b7cd8d3811282751758e94372 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\spoolsv.exe 2008-04-14 04:34 76800 9beabc5acd60828b61be65231878f7a5 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\spoolsv.exe 2009-04-07 16:16 57856 9d10cde0735ca583eaeb7ec4bacb0839 c:\windows\system32\spoolsv.exe 2004-08-19 16:10 76800 ac2a0001265ad3e7cf82e0225bd21cd5 c:\windows\system32\dllcache\spoolsv.exe 2004-08-05 20:00 44032 340283e6986ec63596f2e16d06e21279 c:\windows\$NtServicePackUninstall$\userinit.exe 2008-04-14 04:34 45568 26bf6b49401333ff2d061a47ccfb90f5 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\userinit.exe 2008-04-14 04:34 45568 4cf572364737db447420c278abdfab49 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\userinit.exe 2009-04-03 21:59 25088 1fa37ceb2e7eb9fc851d14ad1a56a335 c:\windows\system32\userinit.exe 2004-08-05 20:00 44032 7e493f374f6fda57e47bc498a9ba9bf3 c:\windows\system32\dllcache\userinit.exe . ((((((((((((((((((((((((((((( SnapShot@2009-04-07_16.44.29.48 ))))))))))))))))))))))))))))))))))))))))) . - 2009-04-07 14:41:11 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-04-07 16:19:21 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2009-04-07 14:41:11 65,536 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2009-04-07 16:19:21 65,536 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2009-04-07 14:41:11 114,688 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2009-04-07 16:19:21 311,296 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2009-04-03 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2009-04-03 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X] c:\documents and settings\Administrateur.CHRIS\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\Administrateur.NOM-EB85C523610.000\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\ThunMail\testabd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax "msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm "vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL "vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll "vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll "vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll "msacm.msadpcm"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msadp32.acm "msacm.imaadpcm"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\imaadp32.acm "msacm.msg711"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msg711.acm "msacm.msg723"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msg723.acm "msacm.msgsm610"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msgsm32.acm "vidc.m261"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh261.drv "vidc.m263"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh263.drv "vidc.i420"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh263.drv "vidc.mrle"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msrle32.dll "vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.msvc"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msvidc32.dll "vidc.cram"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msvidc32.dll "vidc.mpg4"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp41"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp42"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp43"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp4s"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp4v"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.wmv3"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\WMV9VCM.dll "msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msaud32.acm "vidc.vp30"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp31vfw.dll "vidc.vp31"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp31vfw.dll "vidc.vp60"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp6vfw.dll "vidc.vp61"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp6vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avg8emc"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-04-04 108032] . Contenu du dossier 'Tâches planifiées' 2009-03-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-04-03 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.sfr.fr/ uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Download with &DAP - c:\progra~1\DAP\dapextie.htm IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-07 18:28:39 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwOpenFile Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(532) c:\windows\system32\Ati2evxx.dll c:\windows\system32\WININET.DLL . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\windows\system32\drivers\CDAC11BA.EXE c:\windows\system32\HPZipm12.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wscntfy.exe c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe . ************************************************************************** . Heure de fin: 2009-04-07 18:33:06 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-07 16:33:03 ComboFix2.txt 2009-04-07 14:45:37 ComboFix3.txt 2009-04-06 08:21:00 Avant-CF: 45 723 656 192 octets libres Après-CF: 45,712,318,464 octets libres 397 --- E O F --- 2009-04-02 07:30:34 Pour WinFilereplace, ça été difficile. Il a commencé a travailler eta obligé le pc a redémarrer très vite : voici le log WinFileRep - ver : 1.00 - by Loup blanc --------------------------- Microsoft Windows XP Service Pack 2 Français --------------------------- ============ Comparaison des fichiers avant remplacement ============ --------- Les fichiers "c:\WINDOWS\system32\svchost.exe" et "C:\FR-files\svchost.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\explorer.exe" et "C:\FR-files\explorer.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\ctfmon.exe" et "C:\FR-files\ctfmon.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\spoolsv.exe" et "C:\FR-files\spoolsv.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\userinit.exe" et "C:\FR-files\userinit.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\drivers\ndis.sys" et "C:\FR-files\ndis.sys" sont différents... ----------- Manifestement il n'a pas fait son travail. A la remise en route plusieurs bugs : En mode normal, l'adresse 0x00390681 ne peut pas être "written". En mode sans échec, l'adresse memoire 0x0000005c ne peut pas être "read". Ecran bleu. Ai été obligé de lancer explorer par CTRL+Alt+Supp. Ai relancé WinFile replace en mode sans échec. Voici le log : pas satisfaisant. WinFileRep - ver : 1.00 - by Loup blanc --------------------------- Microsoft Windows XP Service Pack 2 Français --------------------------- ============ Comparaison des fichiers avant remplacement ============ --------- Les fichiers "c:\WINDOWS\system32\svchost.exe" et "C:\FR-files\svchost.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\explorer.exe" et "C:\FR-files\explorer.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\ctfmon.exe" et "C:\FR-files\ctfmon.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\spoolsv.exe" et "C:\FR-files\spoolsv.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\userinit.exe" et "C:\FR-files\userinit.exe" sont différents... ----------- Les fichiers "c:\WINDOWS\system32\drivers\ndis.sys" et "C:\FR-files\ndis.sys" sont identiques... ----------- Ai quand même repassé ComboFix. Voici le log : toujours infecté. ComboFix 09-04-04.01 - HP_Propriétaire 2009-04-07 19:34:15.12 - NTFSx86 NETWORK Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\userinit.exe . . . est infecté!! c:\windows\system32\svchost.exe . . . est infecté!! c:\windows\system32\spoolsv.exe . . . est infecté!! c:\windows\explorer.exe . . . est infecté!! . ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-07 au 2009-04-07 )))))))))))))))))))))))))))))))))))) . 2009-04-07 18:39 . 2009-04-06 16:13 213,376 --a------ c:\windows\system32\drivers\ndis.backup 2009-04-07 18:39 . 2009-04-03 21:59 25,088 --a------ c:\windows\system32\userinit.backup 2009-04-07 18:39 . 2009-04-03 21:58 15,360 --a------ c:\windows\system32\ctfmon.backup 2009-04-07 11:18 . 2009-04-07 11:19 <REP> d-------- C:\gamer 2009-04-07 11:16 . 2009-04-07 11:16 278,161 --a------ C:\gamer.zip 2009-04-07 10:24 . 2009-04-07 10:24 84 --a------ c:\windows\system32\6.tmp 2009-04-06 18:44 . 2009-04-06 18:44 <REP> d-------- C:\gmer 2009-04-06 18:42 . 2009-04-06 18:42 278,161 --a------ C:\gmer.zip 2009-04-06 12:28 . 2009-04-07 16:28 <REP> d-------- c:\windows\system32\3361 2009-04-06 12:28 . 2009-04-07 16:15 <REP> d-------- c:\windows\dhcp 2009-04-06 12:28 . 2009-04-07 06:55 <REP> dr-hs---- c:\program files\ThunMail 2009-04-06 12:28 . 2009-04-06 12:28 108,336 --a------ c:\windows\system32\MSWINSCK.OCX 2009-04-06 12:28 . 2009-04-05 22:51 21,704 --a------ c:\windows\system32\vv.exe 2009-04-06 10:47 . 2009-04-06 10:47 679 --a------ C:\Fich2.bat 2009-04-06 10:46 . 2009-04-06 10:46 127 --a------ C:\Fich1.bat 2009-04-04 21:58 . 2004-08-05 20:00 1,055,232 --a------ c:\windows\explorer.backup 2009-04-04 21:58 . 2004-08-05 20:00 76,800 --a------ c:\windows\system32\spoolsv.backup 2009-04-04 21:57 . 2004-08-05 20:00 33,280 --a------ c:\windows\system32\svchost.backup 2009-04-04 21:54 . 2009-04-07 19:33 <REP> d-------- C:\FR-files 2009-04-04 21:46 . 2009-04-07 19:28 <REP> d-------- C:\WinFileReplace 2009-04-04 19:53 . 2009-04-04 19:53 11,452,389 --a------ c:\windows\services.ex_ 2009-04-04 16:47 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\LPT$VPN.943 2009-04-04 16:46 . 2009-04-04 16:46 <REP> d-------- c:\windows\AU_Temp 2009-04-04 16:46 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\VPTNFILE.943 2009-04-04 08:26 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\program files\Avira 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 08:35 . 2009-04-03 14:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\.ABC 2009-04-02 17:20 . 2009-04-05 06:28 <REP> d-------- c:\program files\Sudoku 2009-04-02 16:51 . 2009-04-02 16:51 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Goto.Games 2009-04-02 16:46 . 2009-04-02 16:47 <REP> d-------- c:\program files\Objectif Tarot 2009-04-02 16:46 . 2009-04-02 16:46 150,528 --a------ c:\windows\system32\SpoonUninstall.exe 2009-04-02 16:46 . 2009-04-02 16:46 82,994 --a------ c:\windows\system32\SpoonUninstall-Objectif Tarot.bmp 2009-04-02 16:46 . 2009-04-02 16:46 1,722 --a------ c:\windows\system32\SpoonUninstall-Objectif Tarot.dat 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:28 . 2009-04-03 21:59 98,304 --a------ c:\windows\system32\qttask.exe 2009-04-02 16:24 . 2004-02-17 10:11 53,248 --a------ c:\windows\system32\vp6dec_settings.cpl 2009-04-02 16:23 . 2003-08-18 05:10 122,880 --a------ c:\windows\system32\directx.cpl 2009-04-02 16:23 . 2003-03-25 05:49 106,544 --a------ c:\windows\system32\tweakui.cpl 2009-04-02 16:23 . 2003-03-25 05:49 98,304 --a------ c:\windows\system32\startup.cpl 2009-04-02 16:23 . 2003-03-25 05:49 51,238 --a------ c:\windows\system32\tweakui.hlp 2009-04-02 16:18 . 2004-05-25 16:06 417,792 --a------ c:\windows\system32\ac3filter.cpl 2009-04-02 16:10 . 2009-04-02 16:10 242,176 --a------ c:\windows\~INSX362.EX_ 2009-04-02 15:52 . 2009-04-02 15:52 <REP> d-------- C:\bases 2009-04-02 15:08 . 2009-04-02 15:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\vlc 2009-04-02 15:02 . 2009-04-02 15:02 124 --a------ c:\windows\system32\7.tmp 2009-04-02 14:53 . 2009-04-03 20:54 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Ahead 2009-04-02 12:23 . 2009-04-02 12:23 <REP> d-------- c:\windows\system32\fr-fr 2009-04-02 11:58 . 2009-04-02 11:58 <REP> d-------- C:\6761876ae56e766ef0e09bcba4e9d4b7 2009-04-02 11:39 . 2009-04-04 16:26 <REP> d-------- c:\program files\Spamihilator 2009-04-02 11:01 . 2009-04-04 18:43 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Spamihilator 2009-04-02 10:57 . 2009-04-02 10:57 130,813 --a------ C:\F3.tmp 2009-04-02 10:39 . 2009-04-02 10:39 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Microsoft Web Folders 2009-04-02 10:35 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys 2009-04-02 10:31 . 2001-11-02 15:10 184,320 --a------ c:\windows\system32\PhotoImpression Screen Saver.scr 2009-04-02 09:58 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys 2009-04-02 09:58 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2009-04-02 09:57 . 2003-05-23 03:06 73,869 --a------ c:\windows\system32\EBPMON24.DLL 2009-04-02 09:57 . 2003-05-21 04:27 64,000 --a------ c:\windows\system32\ECBTEG.DLL 2009-04-02 09:57 . 2009-04-03 21:58 39,936 --a------ c:\windows\system32\drivers\CDAC11BA.EXE 2009-04-02 09:57 . 2000-06-07 03:01 34,304 --a------ c:\windows\system32\EBPCHP.DLL 2009-04-02 09:57 . 2001-09-04 04:04 182 --a------ c:\windows\system32\EBPPORT4.DAT 2009-04-02 09:56 . 2009-04-02 09:56 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\ABBYY 2009-04-02 09:54 . 2003-04-02 00:00 217,088 --a------ c:\windows\system32\esdtr.dll 2009-04-02 09:54 . 2001-11-15 00:00 47,104 --a------ c:\windows\system32\escimgd.dll 2009-04-02 09:54 . 2002-06-20 00:00 32,256 --a------ c:\windows\system32\escwiad.dll 2009-04-02 09:54 . 2002-06-20 00:00 22,528 --a------ c:\windows\system32\esccmd.dll 2009-04-02 06:54 . 2009-04-05 21:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Orbit 2009-04-02 06:50 . 2009-04-02 06:50 172,032 --a------ c:\windows\system32\AniGIF.ocx 2009-04-02 06:35 . 1997-09-28 14:22 92,672 --a------ c:\windows\system32\COMDLG32.OCX 2009-04-02 06:35 . 1997-09-28 14:22 37,376 --a------ c:\windows\system32\VbVfw.dll 2009-04-02 03:09 . 2009-04-02 03:31 <REP> d-------- c:\windows\system32\CatRoot_bak 2009-04-02 03:06 . 2008-08-14 15:44 2,182,400 --------- c:\windows\system32\dllcache\ntoskrnl.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,138,112 --------- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,059,776 --------- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,017,792 --------- c:\windows\system32\dllcache\ntkrpamp.exe 2009-04-02 03:03 . 2008-10-24 13:10 453,632 --------- c:\windows\system32\dllcache\mrxsmb.sys 2009-04-02 03:01 . 2006-09-06 16:43 22,752 --a------ c:\windows\system32\spupdsvc.exe 2009-04-02 01:10 . 2008-06-14 19:59 272,768 --------- c:\windows\system32\drivers\bthport.sys 2009-04-02 01:10 . 2008-06-14 19:59 272,768 --------- c:\windows\system32\dllcache\bthport.sys 2009-04-02 01:07 . 2009-04-02 01:07 8,192 --a------ c:\windows\system32\edb.chk 2009-04-02 01:06 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-02 01:06 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-02 01:06 . 2009-04-02 08:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-02 01:06 . 2009-04-02 08:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-02 01:06 . 2009-04-07 16:30 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-02 01:06 . 2009-04-07 16:30 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-02 01:06 . 2009-04-02 10:38 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-02 01:06 . 2009-04-02 10:38 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-02 01:06 . 2009-04-07 06:54 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-02 01:06 . 2009-04-07 06:54 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-02 01:06 . 2009-04-07 19:33 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-02 01:06 . 2009-04-07 19:33 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-02 01:06 . 2005-01-02 04:07 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Symantec 2009-04-02 01:06 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\SampleView 2009-04-02 01:06 . 2005-01-02 03:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Apple Computer 2009-04-02 01:06 . 2009-04-07 16:15 <REP> d-------- c:\documents and settings\HP_Propriétaire 2009-04-02 01:06 . 2004-08-05 20:00 221,184 --a------ c:\windows\system32\wmpns.dll 2009-04-02 01:06 . 2009-04-02 01:06 1,832 -rahs---- c:\windows\system32\drivers\103C_HP_CPC_EC616AA-ABF t3128.fr_YC_0Pavi_QCZC531_E53FRheBLU4_47_IAMETHYST-M_SMSI_V1.0_B3.20_T050708_WXH2_L40C_M383_J160_7AMD_8Sempron_91.79_#060127_N10EC8 139_Z11C1048C_G10025954_OLITE-ON DVDRW SOHW-1633S_DPTS0307.MRK 2009-04-02 01:02 . 2005-01-02 03:48 <REP> d-------- c:\windows\system32\config\systemprofile\WINDOWS 2009-04-02 01:02 . 2005-01-02 04:07 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\Symantec 2009-04-02 01:02 . 2005-01-02 03:58 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\SampleView 2009-04-02 01:02 . 2005-01-02 03:47 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\Apple Computer 2009-04-02 00:50 . 2009-04-03 12:13 94,208 --a------ c:\windows\DUMP98e4.tmp 2009-04-02 00:50 . 2009-04-02 20:32 94,208 --a------ c:\windows\DUMP832a.tmp 2009-04-01 22:06 . 2009-04-03 18:55 <REP> d-------- C:\Copie mes documents 2009-04-01 18:10 . 2009-04-01 18:10 <REP> d-------- c:\windows\ERUNT 2009-04-01 18:09 . 2009-04-04 22:24 130 --a------ c:\windows\adobe.bat 2009-04-01 18:09 . 2009-04-04 19:53 7 --a------ c:\windows\_id.dat 2009-04-01 18:08 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\WINDOWS 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage réseau 2009-04-01 18:08 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Voisinage d'impression 2009-04-01 18:08 . 2008-10-11 03:30 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Modèles 2009-04-01 18:08 . 2005-01-02 04:16 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Mes documents 2009-04-01 18:08 . 2004-11-25 05:26 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Menu Démarrer 2009-04-01 18:08 . 2008-10-10 19:05 <REP> d-------- c:\documents and settings\Administrateur.CHRIS\Favoris . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-04 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-04-04 14:46 91,744 -c--a-w c:\windows\BPMNT.dll 2009-04-04 14:46 1,213,784 -c--a-w c:\windows\vsapi32.dll 2009-04-04 14:45 69,689 -c--a-w c:\windows\UNZIP.DLL 2009-04-04 14:45 507,904 -c--a-w c:\windows\TMUPDATE.DLL 2009-04-04 10:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-03 20:00 --------- d-----w c:\program files\DAP 2009-04-03 19:58 57,344 ----a-w c:\windows\ALCXMNTR.EXE 2009-04-03 15:50 --------- d-----w c:\program files\Microsoft Money 2009-04-03 06:35 --------- d-----w c:\program files\ABC 2009-04-03 05:10 --------- d-----w c:\program files\Smart Panel 2009-04-03 05:09 --------- d--h--w c:\program files\InstallShield Installation Information 2009-04-03 04:58 --------- d-----w c:\program files\EPSON 2009-04-02 20:32 --------- d-----w c:\program files\AsfTools 2009-04-02 14:34 --------- d-----w c:\program files\BzTarot 2009-04-02 14:28 --------- d-----w c:\program files\Quicktime 2009-04-02 14:26 --------- d-----w c:\program files\ACE Mega CoDecS Pack 2009-04-02 13:48 --------- d-----w c:\program files\ACD Systems 2009-04-02 13:36 --------- d-----w c:\program files\Microsoft Bootvis 2009-04-02 11:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-02 09:37 --------- d-----w c:\program files\Orbitdownloader 2009-04-02 08:58 --------- d-----w c:\program files\Eliminate Spam! 2009-04-02 08:38 --------- d-----w c:\program files\microsoft frontpage 2009-04-02 04:57 --------- d-----w c:\program files\A.S.C 2009-04-02 04:36 --------- d-----w c:\program files\PeckJoin 2009-04-02 03:56 --------- d-----w c:\program files\CCleaner 2009-04-02 03:53 --------- d-----w c:\program files\Easy Internet signup 2009-04-01 23:08 --------- d-----w c:\program files\Symantec 2009-04-01 23:08 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-04-01 07:25 71,749 -c--a-w c:\windows\hcextoutput.dll 2009-04-01 07:25 368,709 -c--a-w c:\windows\tsc.exe 2009-04-01 03:45 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-04-01 00:18 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-03-31 05:50 --------- d-----w c:\program files\eMule 2009-03-28 10:26 --------- d-----w c:\program files\TomTom HOME 2 2009-03-18 15:38 --------- d-----w c:\program files\Tomtomax Maxi-Box 2009-03-18 13:34 --------- d-----w c:\program files\Yahoo! 2009-02-22 09:26 --------- d-----w c:\program files\WinAVI Video Converter 9.0 2009-02-16 14:17 --------- d-----w c:\program files\Video Strip Poker Full Version - NICOLE 2005-05-13 15:12 217,073 --sha-r c:\windows\meta4.exe 2007-01-28 18:20 22 --sha-w c:\windows\SMINST\HPCD.sys 2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll . ------- Sigcheck ------- 2004-08-05 20:00 33280 f2e9e2bb32afa47558ed88a19c00d32a c:\windows\$NtServicePackUninstall$\svchost.exe 2008-04-14 04:34 33280 4d185cc4379906b3131dfeb549a2a27e c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\svchost.exe 2008-04-14 04:34 33280 d938f7919cdae924800ff857482dd052 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\svchost.exe 2004-08-19 16:10 33280 48e130102a691a742cf082e34a39ce8b c:\windows\system32\svchost.exe 2004-08-19 16:10 33280 2eb7705c212597ddd0091c0eaf6a77ea c:\windows\system32\dllcache\svchost.exe 2004-08-19 16:09 1055232 dde1fb7c583310811b326a8563b8eed8 c:\windows\explorer.exe 2007-06-13 15:10 1056256 6e77d2e39fdf839e2475406b0e854d9f c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-05 20:00 1055232 678e4eae8ed8741191bac5743157f12f c:\windows\$NtServicePackUninstall$\explorer.exe 2004-08-05 20:00 1055232 3a52c5525902fb158b435f5dcc9764fe c:\windows\$NtUninstallKB938828$\explorer.exe 2008-04-14 04:34 1056768 58f989c78fcfa836ac446b39a9e49d0c c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\explorer.exe 2008-04-14 04:34 1056768 2a6361367c665bec3f2b31c423af2cf8 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe 2004-08-19 16:09 1055232 6fd85256f32e33ab9d00f892cf0e5aae c:\windows\system32\dllcache\explorer.exe 2004-08-05 20:00 34304 ecf932debc3adb435a516f58ddffec9d c:\windows\$NtServicePackUninstall$\ctfmon.exe 2008-04-14 04:33 34304 8181a7405cfba23178508c8b837e1333 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ctfmon.exe 2008-04-14 04:33 34304 330f39a904e20672ffc4a035fb3e78af c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ctfmon.exe 2004-08-19 16:09 34304 9cecfa76e38e5a0d3860659e93ef8d68 c:\windows\system32\ctfmon.exe 2004-08-19 16:09 34304 9cecfa76e38e5a0d3860659e93ef8d68 c:\windows\system32\dllcache\ctfmon.exe 2005-06-11 02:17 76800 101d417010dee6004a41675dad35b720 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe 2004-08-05 20:00 76800 68167077066c4e7712b48d0268a46130 c:\windows\$NtServicePackUninstall$\spoolsv.exe 2004-08-05 20:00 76800 67a22c54ac31dc3b94a01db45d77b642 c:\windows\$NtUninstallKB896423$\spoolsv.exe 2008-04-14 04:34 76800 59d0d18b7cd8d3811282751758e94372 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\spoolsv.exe 2008-04-14 04:34 76800 9beabc5acd60828b61be65231878f7a5 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\spoolsv.exe 2004-08-19 16:10 76800 ac2a0001265ad3e7cf82e0225bd21cd5 c:\windows\system32\spoolsv.exe 2004-08-19 16:10 76800 4de0f3618f2e858eb0fa355712ca01bb c:\windows\system32\dllcache\spoolsv.exe 2004-08-05 20:00 44032 340283e6986ec63596f2e16d06e21279 c:\windows\$NtServicePackUninstall$\userinit.exe 2008-04-14 04:34 45568 26bf6b49401333ff2d061a47ccfb90f5 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\userinit.exe 2008-04-14 04:34 45568 4cf572364737db447420c278abdfab49 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\userinit.exe 2004-08-05 20:00 44032 7e493f374f6fda57e47bc498a9ba9bf3 c:\windows\system32\userinit.exe 2004-08-19 16:10 44032 8ed7f48c8db4ec01b4ae2a188cfe449d c:\windows\system32\dllcache\userinit.exe . ((((((((((((((((((((((((((((( SnapShot@2009-04-07_16.44.29.48 ))))))))))))))))))))))))))))))))))))))))) . - 2009-04-07 14:41:11 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-04-07 17:26:23 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2009-04-07 14:41:11 65,536 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2009-04-07 17:26:23 65,536 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2009-04-07 14:41:11 114,688 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2009-04-07 17:26:23 311,296 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2009-04-06 14:13:58 213,376 ----a-w c:\windows\system32\dllcache\ndis.sys + 2004-08-03 21:14:30 182,912 ----a-w c:\windows\system32\dllcache\ndis.sys - 2009-04-06 14:13:58 213,376 ----a-w c:\windows\system32\drivers\ndis.sys + 2004-08-03 21:14:30 182,912 ----a-w c:\windows\system32\drivers\ndis.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 34304] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2009-04-03 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X] c:\documents and settings\Administrateur.CHRIS\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\Administrateur.NOM-EB85C523610.000\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\ThunMail\testabd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax "msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm "vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL "vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll "vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll "vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll "msacm.msadpcm"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msadp32.acm "msacm.imaadpcm"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\imaadp32.acm "msacm.msg711"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msg711.acm "msacm.msg723"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msg723.acm "msacm.msgsm610"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msgsm32.acm "vidc.m261"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh261.drv "vidc.m263"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh263.drv "vidc.i420"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh263.drv "vidc.mrle"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msrle32.dll "vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.msvc"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msvidc32.dll "vidc.cram"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msvidc32.dll "vidc.mpg4"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp41"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp42"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp43"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp4s"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp4v"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.wmv3"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\WMV9VCM.dll "msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msaud32.acm "vidc.vp30"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp31vfw.dll "vidc.vp31"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp31vfw.dll "vidc.vp60"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp6vfw.dll "vidc.vp61"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp6vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avg8emc"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-04-05 108032] --- Autres Services/Pilotes en mémoire --- *Deregistered* - AFD *Deregistered* - AntiVirSchedulerService *Deregistered* - AntiVirService *Deregistered* - Arp1394 *Deregistered* - Ati HotKey Poller *Deregistered* - audstub *Deregistered* - avgio *Deregistered* - avgntflt *Deregistered* - avipbb *Deregistered* - Beep *Deregistered* - C-DillaCdaC11BA *Deregistered* - Cdfs *Deregistered* - CryptSvc *Deregistered* - Fastfat *Deregistered* - Fips *Deregistered* - FltMgr *Deregistered* - Ftdisk *Deregistered* - Gpc *Deregistered* - IpNat *Deregistered* - IPSec *Deregistered* - KSecDD *Deregistered* - mnmdd *Deregistered* - MountMgr *Deregistered* - MRxDAV *Deregistered* - MRxSmb *Deregistered* - Msfs *Deregistered* - mssmbios *Deregistered* - Mup *Deregistered* - NDIS *Deregistered* - NdisTapi *Deregistered* - Ndisuio *Deregistered* - NdisWan *Deregistered* - NDProxy *Deregistered* - NetBIOS *Deregistered* - NetBT *Deregistered* - Npfs *Deregistered* - Ntfs *Deregistered* - Null *Deregistered* - PartMgr *Deregistered* - Pml Driver HPZ12 *Deregistered* - PptpMiniport *Deregistered* - PSched *Deregistered* - RasAcd *Deregistered* - Rasl2tp *Deregistered* - RasMan *Deregistered* - RasPppoe *Deregistered* - Raspti *Deregistered* - Rdbss *Deregistered* - RDPCDD *Deregistered* - RpcSs *Deregistered* - sr *Deregistered* - ssmdrv *Deregistered* - swenum *Deregistered* - TapiSrv *Deregistered* - Tcpip *Deregistered* - TermDD *Deregistered* - Update *Deregistered* - VgaSave *Deregistered* - VolSnap *Deregistered* - Wanarp . Contenu du dossier 'Tâches planifiées' 2009-03-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-04-03 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.sfr.fr/ uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Download with &DAP - c:\progra~1\DAP\dapextie.htm IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-07 20:00:53 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(532) c:\windows\system32\Ati2evxx.dll c:\windows\system32\WININET.DLL . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\windows\system32\drivers\CDAC11BA.EXE c:\windows\system32\HPZipm12.exe . ************************************************************************** . Heure de fin: 2009-04-07 20:05:17 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-07 18:05:13 ComboFix2.txt 2009-04-07 16:58:47 ComboFix3.txt 2009-04-07 16:33:13 ComboFix4.txt 2009-04-07 14:45:37 ComboFix5.txt 2009-04-07 17:33:59 Avant-CF: 46 094 757 888 octets libres Après-CF: 45,678,551,040 octets libres 406 --- E O F --- 2009-04-02 07:30:34 Je sens le courage faiblir.... A bientôt

Ai tout fait dans l'ordre. Au début de l'utilisation de DrWeb le PC a redémarré. J'ai dû le relancer ainsi que l'application. Voici le rapport DrWeb : 3605485352.exe c:\documents and settings\hp_propriétaire\local settings\temp Win32.Virut.56 Irréparable.Quarantaine. svchost.exe c:\windows\system32\3361 Probablement BACKDOOR.Trojan Quarantaine. et voici celui de ComboFix : ComboFix 09-04-04.01 - HP_Propriétaire 2009-04-07 16:35:00.9 - NTFSx86 NETWORK Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.382.234 [GMT 2:00] Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Outdated) . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Install.txt c:\windows\system32\5.tmp c:\windows\system32\6to4v32.dll c:\windows\system32\9.tmp c:\windows\system32\afisicx.exe c:\windows\system32\at1394.sys c:\windows\system32\comsa32.sys c:\windows\system32\drivers\str.sys c:\windows\system32\ds43g4nfjkn93.dll c:\windows\system32\Iasv32.dll c:\windows\system32\Install.txt c:\windows\system32\sopidkc.exe c:\windows\system32\tdctxte.exe c:\windows\system32\tpszxyd.sys c:\windows\system32\w.exe c:\windows\temp\2693290560.exe c:\windows\temp\3815590690.exe c:\windows\temp\3815903190.exe c:\windows\temp\3830794206.exe c:\windows\system32\svchost.exe . . . est infecté!! c:\windows\system32\spoolsv.exe . . . est infecté!! c:\windows\explorer.exe . . . est infecté!! . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_AFISICX -------\Legacy_AT1394 -------\Legacy_DHCPSRV -------\Legacy_IAS -------\Legacy_PROTECT -------\Legacy_RESTORE -------\Legacy_SOPIDKC -------\Legacy_SYNSEND -------\Legacy_TDCTXTE -------\Service_afisicx -------\Service_at1394 -------\Service_Ias -------\Service_restore -------\Service_sopidkc -------\Service_synsend -------\Service_tdctxte ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-07 au 2009-04-07 )))))))))))))))))))))))))))))))))))) . 2009-04-07 14:03 . 2009-04-07 14:03 80 --a------ c:\windows\system32\11.tmp 2009-04-07 11:18 . 2009-04-07 11:19 <REP> d-------- C:\gamer 2009-04-07 11:16 . 2009-04-07 11:16 278,161 --a------ C:\gamer.zip 2009-04-07 10:27 . 2009-04-07 10:28 64,512 --a------ c:\windows\system32\12.tmp 2009-04-07 10:27 . 2009-04-07 10:27 84 --a------ c:\windows\system32\D.tmp 2009-04-07 10:24 . 2009-04-07 10:25 64,512 --a------ c:\windows\system32\F.tmp 2009-04-07 10:24 . 2009-04-07 10:24 84 --a------ c:\windows\system32\6.tmp 2009-04-07 07:00 . 2009-04-07 07:00 0 --a------ c:\windows\system32\C.tmp 2009-04-07 06:58 . 2009-04-07 06:58 128 --a------ c:\windows\system32\4.tmp 2009-04-06 18:44 . 2009-04-06 18:44 <REP> d-------- C:\gmer 2009-04-06 18:42 . 2009-04-06 18:42 278,161 --a------ C:\gmer.zip 2009-04-06 18:42 . 2009-04-06 18:42 0 --a------ c:\windows\system32\13.tmp 2009-04-06 18:41 . 2009-04-06 18:42 64,512 --a------ c:\windows\system32\10.tmp 2009-04-06 18:41 . 2009-04-06 18:41 128 --a------ c:\windows\system32\E.tmp 2009-04-06 18:04 . 2009-04-06 18:04 0 --a------ c:\windows\system32\B.tmp 2009-04-06 18:03 . 2009-04-06 18:04 31,454 --a------ c:\windows\system32\A.tmp 2009-04-06 18:03 . 2009-04-06 18:03 128 --a------ c:\windows\system32\8.tmp 2009-04-06 17:13 . 2009-04-07 16:04 94,208 --a------ c:\windows\DUMP66f7.tmp 2009-04-06 17:13 . 2009-04-07 10:22 94,208 --a------ c:\windows\DUMP4352.tmp 2009-04-06 17:13 . 2009-04-06 20:02 90,112 --a------ c:\windows\DUMP32e7.tmp 2009-04-06 16:12 . 2009-04-06 16:13 64,512 --a------ c:\windows\system32\3.tmp 2009-04-06 16:12 . 2009-04-06 16:12 128 --a------ c:\windows\system32\2.tmp 2009-04-06 12:28 . 2009-04-07 16:28 <REP> d-------- c:\windows\system32\3361 2009-04-06 12:28 . 2009-04-07 16:15 <REP> d-------- c:\windows\dhcp 2009-04-06 12:28 . 2009-04-07 06:55 <REP> dr-hs---- c:\program files\ThunMail 2009-04-06 12:28 . 2009-04-06 12:28 108,336 --a------ c:\windows\system32\MSWINSCK.OCX 2009-04-06 12:28 . 2009-04-05 22:51 21,704 --a------ c:\windows\system32\vv.exe 2009-04-06 10:47 . 2009-04-06 10:47 679 --a------ C:\Fich2.bat 2009-04-06 10:46 . 2009-04-06 10:46 127 --a------ C:\Fich1.bat 2009-04-04 21:58 . 2004-08-05 20:00 1,055,232 --a------ c:\windows\explorer.backup 2009-04-04 21:58 . 2004-08-05 20:00 76,800 --a------ c:\windows\system32\spoolsv.backup 2009-04-04 21:57 . 2004-08-05 20:00 33,280 --a------ c:\windows\system32\svchost.backup 2009-04-04 21:54 . 2009-04-05 21:12 <REP> d-------- C:\FR-files 2009-04-04 21:46 . 2009-04-05 21:09 <REP> d-------- C:\WinFileReplace 2009-04-04 19:53 . 2009-04-04 19:53 11,452,389 --a------ c:\windows\services.ex_ 2009-04-04 16:47 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\LPT$VPN.943 2009-04-04 16:46 . 2009-04-04 16:46 <REP> d-------- c:\windows\AU_Temp 2009-04-04 16:46 . 2009-04-04 16:46 22,722,697 --a------ c:\windows\VPTNFILE.943 2009-04-04 08:26 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\program files\Avira 2009-04-04 08:25 . 2009-04-04 08:25 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 21:55 . 2009-04-04 05:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\DoctorWeb 2009-04-03 08:35 . 2009-04-03 14:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\.ABC 2009-04-02 17:20 . 2009-04-05 06:28 <REP> d-------- c:\program files\Sudoku 2009-04-02 16:51 . 2009-04-02 16:51 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Goto.Games 2009-04-02 16:46 . 2009-04-02 16:47 <REP> d-------- c:\program files\Objectif Tarot 2009-04-02 16:46 . 2009-04-02 16:46 150,528 --a------ c:\windows\system32\SpoonUninstall.exe 2009-04-02 16:46 . 2009-04-02 16:46 82,994 --a------ c:\windows\system32\SpoonUninstall-Objectif Tarot.bmp 2009-04-02 16:46 . 2009-04-02 16:46 1,722 --a------ c:\windows\system32\SpoonUninstall-Objectif Tarot.dat 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 <REP> d-------- c:\documents and settings\HP_Propriétaire\.bztarot 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:34 . 2009-04-02 16:34 8 --a------ c:\documents and settings\HP_Propriétaire\.bztarotcumul.dat 2009-04-02 16:28 . 2009-04-03 21:59 98,304 --a------ c:\windows\system32\qttask.exe 2009-04-02 16:24 . 2004-02-17 10:11 53,248 --a------ c:\windows\system32\vp6dec_settings.cpl 2009-04-02 16:23 . 2003-08-18 05:10 122,880 --a------ c:\windows\system32\directx.cpl 2009-04-02 16:23 . 2003-03-25 05:49 106,544 --a------ c:\windows\system32\tweakui.cpl 2009-04-02 16:23 . 2003-03-25 05:49 98,304 --a------ c:\windows\system32\startup.cpl 2009-04-02 16:23 . 2003-03-25 05:49 51,238 --a------ c:\windows\system32\tweakui.hlp 2009-04-02 16:18 . 2004-05-25 16:06 417,792 --a------ c:\windows\system32\ac3filter.cpl 2009-04-02 16:10 . 2009-04-02 16:10 242,176 --a------ c:\windows\~INSX362.EX_ 2009-04-02 15:52 . 2009-04-02 15:52 <REP> d-------- C:\bases 2009-04-02 15:08 . 2009-04-02 15:08 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\vlc 2009-04-02 15:02 . 2009-04-02 15:02 124 --a------ c:\windows\system32\7.tmp 2009-04-02 14:53 . 2009-04-03 20:54 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Ahead 2009-04-02 12:23 . 2009-04-02 12:23 <REP> d-------- c:\windows\system32\fr-fr 2009-04-02 11:58 . 2009-04-02 11:58 <REP> d-------- C:\6761876ae56e766ef0e09bcba4e9d4b7 2009-04-02 11:39 . 2009-04-04 16:26 <REP> d-------- c:\program files\Spamihilator 2009-04-02 11:01 . 2009-04-04 18:43 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Spamihilator 2009-04-02 10:57 . 2009-04-02 10:57 130,813 --a------ C:\F3.tmp 2009-04-02 10:39 . 2009-04-02 10:39 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Microsoft Web Folders 2009-04-02 10:35 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys 2009-04-02 10:31 . 2001-11-02 15:10 184,320 --a------ c:\windows\system32\PhotoImpression Screen Saver.scr 2009-04-02 09:58 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys 2009-04-02 09:58 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2009-04-02 09:57 . 2003-05-23 03:06 73,869 --a------ c:\windows\system32\EBPMON24.DLL 2009-04-02 09:57 . 2003-05-21 04:27 64,000 --a------ c:\windows\system32\ECBTEG.DLL 2009-04-02 09:57 . 2009-04-03 21:58 39,936 --a------ c:\windows\system32\drivers\CDAC11BA.EXE 2009-04-02 09:57 . 2000-06-07 03:01 34,304 --a------ c:\windows\system32\EBPCHP.DLL 2009-04-02 09:57 . 2001-09-04 04:04 182 --a------ c:\windows\system32\EBPPORT4.DAT 2009-04-02 09:56 . 2009-04-02 09:56 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\ABBYY 2009-04-02 09:54 . 2003-04-02 00:00 217,088 --a------ c:\windows\system32\esdtr.dll 2009-04-02 09:54 . 2001-11-15 00:00 47,104 --a------ c:\windows\system32\escimgd.dll 2009-04-02 09:54 . 2002-06-20 00:00 32,256 --a------ c:\windows\system32\escwiad.dll 2009-04-02 09:54 . 2002-06-20 00:00 22,528 --a------ c:\windows\system32\esccmd.dll 2009-04-02 06:54 . 2009-04-05 21:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Orbit 2009-04-02 06:50 . 2009-04-02 06:50 172,032 --a------ c:\windows\system32\AniGIF.ocx 2009-04-02 06:35 . 1997-09-28 14:22 92,672 --a------ c:\windows\system32\COMDLG32.OCX 2009-04-02 06:35 . 1997-09-28 14:22 37,376 --a------ c:\windows\system32\VbVfw.dll 2009-04-02 03:09 . 2009-04-02 03:31 <REP> d-------- c:\windows\system32\CatRoot_bak 2009-04-02 03:06 . 2008-08-14 15:44 2,182,400 --------- c:\windows\system32\dllcache\ntoskrnl.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,138,112 --------- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,059,776 --------- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-04-02 03:06 . 2008-08-14 15:44 2,017,792 --------- c:\windows\system32\dllcache\ntkrpamp.exe 2009-04-02 03:03 . 2008-10-24 13:10 453,632 --------- c:\windows\system32\dllcache\mrxsmb.sys 2009-04-02 03:01 . 2006-09-06 16:43 22,752 --a------ c:\windows\system32\spupdsvc.exe 2009-04-02 01:10 . 2008-06-14 19:59 272,768 --------- c:\windows\system32\drivers\bthport.sys 2009-04-02 01:10 . 2008-06-14 19:59 272,768 --------- c:\windows\system32\dllcache\bthport.sys 2009-04-02 01:07 . 2009-04-02 01:07 8,192 --a------ c:\windows\system32\edb.chk 2009-04-02 01:06 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-02 01:06 . 2005-01-02 03:48 <REP> d-------- c:\documents and settings\HP_Propriétaire\WINDOWS 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage réseau 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-02 01:06 . 2004-11-24 03:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Voisinage d'impression 2009-04-02 01:06 . 2009-04-02 08:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-02 01:06 . 2009-04-02 08:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Modèles 2009-04-02 01:06 . 2009-04-07 16:30 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-02 01:06 . 2009-04-07 16:30 <REP> dr------- c:\documents and settings\HP_Propriétaire\Mes documents 2009-04-02 01:06 . 2009-04-02 10:38 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-02 01:06 . 2009-04-02 10:38 <REP> d-------- c:\documents and settings\HP_Propriétaire\Menu Démarrer 2009-04-02 01:06 . 2009-04-07 06:54 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-02 01:06 . 2009-04-07 06:54 <REP> dr------- c:\documents and settings\HP_Propriétaire\Favoris 2009-04-02 01:06 . 2009-04-07 16:30 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-02 01:06 . 2009-04-07 16:30 <REP> d-------- c:\documents and settings\HP_Propriétaire\Bureau 2009-04-02 01:06 . 2005-01-02 04:07 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Symantec 2009-04-02 01:06 . 2005-01-02 03:58 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\SampleView 2009-04-02 01:06 . 2005-01-02 03:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Apple Computer 2009-04-02 01:06 . 2009-04-07 16:15 <REP> d-------- c:\documents and settings\HP_Propriétaire 2009-04-02 01:06 . 2004-08-05 20:00 221,184 --a------ c:\windows\system32\wmpns.dll 2009-04-02 01:06 . 2009-04-02 01:06 1,832 -rahs---- c:\windows\system32\drivers\103C_HP_CPC_EC616AA-ABF t3128.fr_YC_0Pavi_QCZC531_E53FRheBLU4_47_IAMETHYST-M_SMSI_V1.0_B3.20_T050708_WXH2_L40C_M383_J160_7AMD_8Sempron_91.79_#060127_N10EC8 139_Z11C1048C_G10025954_OLITE-ON DVDRW SOHW-1633S_DPTS0307.MRK 2009-04-02 01:02 . 2005-01-02 03:48 <REP> d-------- c:\windows\system32\config\systemprofile\WINDOWS 2009-04-02 01:02 . 2005-01-02 04:07 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\Symantec 2009-04-02 01:02 . 2005-01-02 03:58 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\SampleView . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-07 14:15 1,055,232 ----a-w c:\windows\explorer.exe 2009-04-06 14:13 213,376 ----a-w c:\windows\system32\drivers\ndis.sys 2009-04-04 21:16 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-04-04 14:46 91,744 -c--a-w c:\windows\BPMNT.dll 2009-04-04 14:46 1,213,784 -c--a-w c:\windows\vsapi32.dll 2009-04-04 14:45 69,689 -c--a-w c:\windows\UNZIP.DLL 2009-04-04 14:45 507,904 -c--a-w c:\windows\TMUPDATE.DLL 2009-04-04 10:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-03 20:00 --------- d-----w c:\program files\DAP 2009-04-03 19:58 57,344 ----a-w c:\windows\ALCXMNTR.EXE 2009-04-03 15:50 --------- d-----w c:\program files\Microsoft Money 2009-04-03 06:35 --------- d-----w c:\program files\ABC 2009-04-03 05:10 --------- d-----w c:\program files\Smart Panel 2009-04-03 05:09 --------- d--h--w c:\program files\InstallShield Installation Information 2009-04-03 04:58 --------- d-----w c:\program files\EPSON 2009-04-02 20:32 --------- d-----w c:\program files\AsfTools 2009-04-02 14:34 --------- d-----w c:\program files\BzTarot 2009-04-02 14:28 --------- d-----w c:\program files\Quicktime 2009-04-02 14:26 --------- d-----w c:\program files\ACE Mega CoDecS Pack 2009-04-02 13:48 --------- d-----w c:\program files\ACD Systems 2009-04-02 13:36 --------- d-----w c:\program files\Microsoft Bootvis 2009-04-02 11:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-02 09:37 --------- d-----w c:\program files\Orbitdownloader 2009-04-02 08:58 --------- d-----w c:\program files\Eliminate Spam! 2009-04-02 08:38 --------- d-----w c:\program files\microsoft frontpage 2009-04-02 04:57 --------- d-----w c:\program files\A.S.C 2009-04-02 04:36 --------- d-----w c:\program files\PeckJoin 2009-04-02 03:56 --------- d-----w c:\program files\CCleaner 2009-04-02 03:53 --------- d-----w c:\program files\Easy Internet signup 2009-04-01 23:08 --------- d-----w c:\program files\Symantec 2009-04-01 23:08 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2009-04-01 07:25 71,749 -c--a-w c:\windows\hcextoutput.dll 2009-04-01 07:25 368,709 -c--a-w c:\windows\tsc.exe 2009-04-01 03:45 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-04-01 00:18 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-03-31 05:50 --------- d-----w c:\program files\eMule 2009-03-28 10:26 --------- d-----w c:\program files\TomTom HOME 2 2009-03-18 15:38 --------- d-----w c:\program files\Tomtomax Maxi-Box 2009-03-18 13:34 --------- d-----w c:\program files\Yahoo! 2009-02-22 09:26 --------- d-----w c:\program files\WinAVI Video Converter 9.0 2009-02-16 14:17 --------- d-----w c:\program files\Video Strip Poker Full Version - NICOLE 2005-05-13 15:12 217,073 --sha-r c:\windows\meta4.exe 2007-01-28 18:20 22 --sha-w c:\windows\SMINST\HPCD.sys 2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll . ------- Sigcheck ------- 2004-08-05 20:00 33280 f2e9e2bb32afa47558ed88a19c00d32a c:\windows\$NtServicePackUninstall$\svchost.exe 2008-04-14 04:34 33280 4d185cc4379906b3131dfeb549a2a27e c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\svchost.exe 2008-04-14 04:34 33280 d938f7919cdae924800ff857482dd052 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\svchost.exe 2009-04-07 16:16 33280 e073bdd9f0d227e937d359f6d318ab14 c:\windows\system32\svchost.exe 2004-08-19 16:10 33280 48e130102a691a742cf082e34a39ce8b c:\windows\system32\dllcache\svchost.exe 2004-08-05 20:00 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\$NtServicePackUninstall$\ndis.sys 2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys 2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys 2009-04-06 16:13 213376 ff85ebd2ad3679254cf251136c62d764 c:\windows\system32\dllcache\ndis.sys 2009-04-06 16:13 213376 ff85ebd2ad3679254cf251136c62d764 c:\windows\system32\drivers\ndis.sys 2009-04-07 16:15 1055232 e1837536d4d0c12d328ec68b4b238750 c:\windows\explorer.exe 2007-06-13 15:10 1056256 6e77d2e39fdf839e2475406b0e854d9f c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-05 20:00 1055232 678e4eae8ed8741191bac5743157f12f c:\windows\$NtServicePackUninstall$\explorer.exe 2004-08-05 20:00 1055232 3a52c5525902fb158b435f5dcc9764fe c:\windows\$NtUninstallKB938828$\explorer.exe 2008-04-14 04:34 1056768 58f989c78fcfa836ac446b39a9e49d0c c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\explorer.exe 2008-04-14 04:34 1056768 2a6361367c665bec3f2b31c423af2cf8 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe 2004-08-19 16:09 1055232 dde1fb7c583310811b326a8563b8eed8 c:\windows\system32\dllcache\explorer.exe 2004-08-05 20:00 34304 ecf932debc3adb435a516f58ddffec9d c:\windows\$NtServicePackUninstall$\ctfmon.exe 2008-04-14 04:33 34304 8181a7405cfba23178508c8b837e1333 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ctfmon.exe 2008-04-14 04:33 34304 330f39a904e20672ffc4a035fb3e78af c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ctfmon.exe 2009-04-03 21:58 15360 14f3132dc8d481eba108ba9e2cf1389e c:\windows\system32\ctfmon.exe 2004-08-05 20:00 34304 9b8145273b153cba00630a03f3ffd31c c:\windows\system32\dllcache\ctfmon.exe 2005-06-11 02:17 76800 101d417010dee6004a41675dad35b720 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe 2004-08-05 20:00 76800 68167077066c4e7712b48d0268a46130 c:\windows\$NtServicePackUninstall$\spoolsv.exe 2004-08-05 20:00 76800 67a22c54ac31dc3b94a01db45d77b642 c:\windows\$NtUninstallKB896423$\spoolsv.exe 2008-04-14 04:34 76800 59d0d18b7cd8d3811282751758e94372 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\spoolsv.exe 2008-04-14 04:34 76800 9beabc5acd60828b61be65231878f7a5 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\spoolsv.exe 2009-04-07 16:16 57856 9d10cde0735ca583eaeb7ec4bacb0839 c:\windows\system32\spoolsv.exe 2004-08-19 16:10 76800 ac2a0001265ad3e7cf82e0225bd21cd5 c:\windows\system32\dllcache\spoolsv.exe 2004-08-05 20:00 44032 340283e6986ec63596f2e16d06e21279 c:\windows\$NtServicePackUninstall$\userinit.exe 2008-04-14 04:34 45568 26bf6b49401333ff2d061a47ccfb90f5 c:\windows\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\userinit.exe 2008-04-14 04:34 45568 4cf572364737db447420c278abdfab49 c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\userinit.exe 2009-04-03 21:59 25088 1fa37ceb2e7eb9fc851d14ad1a56a335 c:\windows\system32\userinit.exe 2004-08-05 20:00 44032 7e493f374f6fda57e47bc498a9ba9bf3 c:\windows\system32\dllcache\userinit.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2009-04-03 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2009-04-03 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X] c:\documents and settings\Administrateur.CHRIS\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\Administrateur.NOM-EB85C523610.000\Menu D‚marrer\Programmes\D‚marrage\ AutoTBar.exe [2009-04-03 57344] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\ThunMail\testabd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.iac2"= c:\progra~1\ACEMEG~1\SystemS\Intel\iac25_32.ax "msacm.sl_anet"= c:\progra~1\ACEMEG~1\SystemS\sl_anet.acm "vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL "vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll "vidc.iyuv"= c:\progra~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll "vidc.yvu9"= c:\progra~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll "msacm.msadpcm"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msadp32.acm "msacm.imaadpcm"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\imaadp32.acm "msacm.msg711"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msg711.acm "msacm.msg723"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msg723.acm "msacm.msgsm610"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msgsm32.acm "vidc.m261"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh261.drv "vidc.m263"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh263.drv "vidc.i420"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msh263.drv "vidc.mrle"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msrle32.dll "vidc.uyvy"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.yuy2"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.yvyu"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msyuv.dll "vidc.msvc"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msvidc32.dll "vidc.cram"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msvidc32.dll "vidc.mpg4"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp41"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp42"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp43"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp4s"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.mp4v"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\mpg4c32.dll "vidc.wmv3"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\WMV9VCM.dll "msacm.msaudio1"= c:\progra~1\ACEMEG~1\SystemS\MICROS~2\msaud32.acm "vidc.vp30"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp31vfw.dll "vidc.vp31"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp31vfw.dll "vidc.vp60"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp6vfw.dll "vidc.vp61"= c:\progra~1\ACEMEG~1\SystemS\ON2TEC~2\vp6vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "avg8emc"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-04-04 108032] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - SYNSEND . Contenu du dossier 'Tâches planifiées' 2009-03-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-04-03 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{D5BF49A0-94F3-42BD-F434-3604812C8955} - c:\windows\system32\ds43g4nfjkn93.dll HKLM-Run-10699 - c:\windows\system32\5.tmp.exe HKU-Default-Run-svc - c:\program files\ThunMail\testabd.exe HKU-Default-Run-Windows Resurections - c:\windows\TEMP\cdeje2y.exe HKU-Default-Run-Diagnostic Manager - c:\windows\TEMP\3510478060.exe SharedTaskScheduler-{D5BF49A0-94F3-42BD-F434-3604812C8955} - c:\windows\system32\ds43g4nfjkn93.dll . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.sfr.fr/ uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Download with &DAP - c:\progra~1\DAP\dapextie.htm IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-07 16:40:53 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwOpenFile Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\windows\system32\drivers\dywbxpcpqbzpkzn.sys 47232 bytes executable c:\windows\system32\drivers\str.sys 69765 bytes Scan terminé avec succès Fichiers cachés: 2 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\qcsmdwvf] "ImagePath"="\??\c:\windows\system32\drivers\dywbxpcpqbzpkzn.sys" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(536) c:\windows\system32\Ati2evxx.dll c:\windows\system32\WININET.DLL . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\windows\system32\drivers\CDAC11BA.EXE c:\windows\system32\HPZipm12.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wscntfy.exe c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe c:\program files\Internet Explorer\iexplore.exe . ************************************************************************** . Heure de fin: 2009-04-07 16:45:31 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-07 14:45:26 ComboFix2.txt 2009-04-06 08:21:00 Avant-CF: 46 177 206 272 octets libres Après-CF: 45,750,624,256 octets libres 393 --- E O F --- 2009-04-02 07:30:34

Voici le log de Gmer(Gamer) : il a retrouve les lignes IAT, mais par les "hidden process". Serait-il possible qu'ils aient été supprimés? GMER 1.0.15.14966 - http://www.gmer.net Rootkit scan 2009-04-07 13:17:46 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.15 ---- Code 8291E4D0 pIofCallDriver ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\drivers\CDAC11BA.EXE[136] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\drivers\CDAC11BA.EXE[136] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\drivers\CDAC11BA.EXE[136] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\drivers\CDAC11BA.EXE[136] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\drivers\CDAC11BA.EXE[136] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .rsrc C:\WINDOWS\dhcp\svchost.exe[188] C:\WINDOWS\dhcp\svchost.exe section is executable [0x00482000, 0x7000, 0xE0000040] .rsrc C:\WINDOWS\dhcp\svchost.exe[188] C:\WINDOWS\dhcp\svchost.exe entry point in ".rsrc" section [0x00483328] .text C:\WINDOWS\dhcp\svchost.exe[188] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\dhcp\svchost.exe[188] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\dhcp\svchost.exe[188] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\dhcp\svchost.exe[188] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\dhcp\svchost.exe[188] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\HPZipm12.exe[248] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\HPZipm12.exe[248] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\HPZipm12.exe[248] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\HPZipm12.exe[248] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\HPZipm12.exe[248] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\sopidkc.exe[332] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\sopidkc.exe[332] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\sopidkc.exe[332] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\sopidkc.exe[332] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\sopidkc.exe[332] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\winlogon.exe[528] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\winlogon.exe[528] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\winlogon.exe[528] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\winlogon.exe[528] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\winlogon.exe[528] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E ? C:\WINDOWS\System32\svchost.exe[548] number of sections mismatch; time/date stamp mismatch; .text C:\WINDOWS\System32\svchost.exe[548] C:\WINDOWS\System32\svchost.exe section is writeable [0x00401000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\System32\svchost.exe[548] C:\WINDOWS\System32\svchost.exe section is executable [0x00405000, 0x6600, 0xE0000040] .text C:\WINDOWS\System32\svchost.exe[548] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\svchost.exe[548] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\svchost.exe[548] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\svchost.exe[548] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\svchost.exe[548] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\services.exe[572] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\services.exe[572] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\services.exe[572] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\services.exe[572] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\services.exe[572] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\lsass.exe[588] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\lsass.exe[588] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\lsass.exe[588] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\lsass.exe[588] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\lsass.exe[588] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E ? C:\WINDOWS\System32\svchost.exe[700] number of sections mismatch; time/date stamp mismatch; .text C:\WINDOWS\System32\svchost.exe[700] C:\WINDOWS\System32\svchost.exe section is writeable [0x00401000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\System32\svchost.exe[700] C:\WINDOWS\System32\svchost.exe section is executable [0x00405000, 0x6600, 0xE0000040] .text C:\WINDOWS\System32\svchost.exe[700] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\svchost.exe[700] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\svchost.exe[700] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\svchost.exe[700] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\svchost.exe[700] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\Ati2evxx.exe[748] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\Ati2evxx.exe[748] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\Ati2evxx.exe[748] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\Ati2evxx.exe[748] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\Ati2evxx.exe[748] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\svchost.exe[760] C:\WINDOWS\system32\svchost.exe section is writeable [0x01001000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\system32\svchost.exe[760] C:\WINDOWS\system32\svchost.exe section is executable [0x01005000, 0x6600, 0xE0000040] .text C:\WINDOWS\system32\svchost.exe[760] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\svchost.exe[760] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\svchost.exe[760] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\svchost.exe[760] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\svchost.exe[760] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\svchost.exe[852] C:\WINDOWS\system32\svchost.exe section is writeable [0x01001000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\system32\svchost.exe[852] C:\WINDOWS\system32\svchost.exe section is executable [0x01005000, 0x6600, 0xE0000040] .text C:\WINDOWS\system32\svchost.exe[852] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\svchost.exe[852] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\svchost.exe[852] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\svchost.exe[852] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\svchost.exe[852] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E ? C:\WINDOWS\System32\svchost.exe[896] number of sections mismatch; time/date stamp mismatch; .text C:\WINDOWS\System32\svchost.exe[896] C:\WINDOWS\System32\svchost.exe section is writeable [0x00401000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\System32\svchost.exe[896] C:\WINDOWS\System32\svchost.exe section is executable [0x00405000, 0x6600, 0xE0000040] .text C:\WINDOWS\System32\svchost.exe[896] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\svchost.exe[896] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\svchost.exe[896] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\svchost.exe[896] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\svchost.exe[896] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\System32\svchost.exe[916] C:\WINDOWS\System32\svchost.exe section is writeable [0x01001000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\System32\svchost.exe[916] C:\WINDOWS\System32\svchost.exe section is executable [0x01005000, 0x6600, 0xE0000040] .text C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\svchost.exe[916] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\svchost.exe[980] C:\WINDOWS\system32\svchost.exe section is writeable [0x01001000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\system32\svchost.exe[980] C:\WINDOWS\system32\svchost.exe section is executable [0x01005000, 0x6600, 0xE0000040] .text C:\WINDOWS\system32\svchost.exe[980] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\svchost.exe[980] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\svchost.exe[980] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\svchost.exe[980] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\svchost.exe[980] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\svchost.exe[1072] C:\WINDOWS\system32\svchost.exe section is writeable [0x01001000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\system32\svchost.exe[1072] C:\WINDOWS\system32\svchost.exe section is executable [0x01005000, 0x6600, 0xE0000040] .text C:\WINDOWS\system32\svchost.exe[1072] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\svchost.exe[1072] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\svchost.exe[1072] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\svchost.exe[1072] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\svchost.exe[1072] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\Ati2evxx.exe[1260] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\Ati2evxx.exe[1260] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\Ati2evxx.exe[1260] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\Ati2evxx.exe[1260] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\Ati2evxx.exe[1260] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\Explorer.EXE[1388] Explorer.EXE 0101E26B 4 Bytes [FF, 15, 98, 10] .text C:\WINDOWS\Explorer.EXE[1388] C:\WINDOWS\Explorer.EXE section is writeable [0x01001000, 0x44689, 0xE0000060] .reloc C:\WINDOWS\Explorer.EXE[1388] C:\WINDOWS\Explorer.EXE section is executable [0x010FC000, 0x9800, 0xE2000040] .text C:\WINDOWS\Explorer.EXE[1388] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\Explorer.EXE[1388] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\Explorer.EXE[1388] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\Explorer.EXE[1388] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\Explorer.EXE[1388] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\spoolsv.exe[1416] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\spoolsv.exe[1416] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\spoolsv.exe[1416] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\spoolsv.exe[1416] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\spoolsv.exe[1416] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .rsrc C:\WINDOWS\system32\3361\svchost.exe[1696] C:\WINDOWS\system32\3361\svchost.exe section is executable [0x00411000, 0x7000, 0xE0000040] .rsrc C:\WINDOWS\system32\3361\svchost.exe[1696] C:\WINDOWS\system32\3361\svchost.exe entry point in ".rsrc" section [0x00412249] .text C:\WINDOWS\system32\3361\svchost.exe[1696] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\3361\svchost.exe[1696] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\3361\svchost.exe[1696] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\3361\svchost.exe[1696] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\3361\svchost.exe[1696] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\System32\reader_s.exe[1844] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\reader_s.exe[1844] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\reader_s.exe[1844] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\reader_s.exe[1844] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\reader_s.exe[1844] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\afisicx.exe[1884] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\afisicx.exe[1884] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\afisicx.exe[1884] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\afisicx.exe[1884] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\afisicx.exe[1884] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\ctfmon.exe[1900] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\ctfmon.exe[1900] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\ctfmon.exe[1900] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\ctfmon.exe[1900] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\ctfmon.exe[1900] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe[1912] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe[1912] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe[1912] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe[1912] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe[1912] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\2818290560.exe[1936] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\2818290560.exe[1936] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\2818290560.exe[1936] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\2818290560.exe[1936] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\2818290560.exe[1936] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\Documents and Settings\HP_Propriétaire\reader_s.exe[1948] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\Documents and Settings\HP_Propriétaire\reader_s.exe[1948] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\Documents and Settings\HP_Propriétaire\reader_s.exe[1948] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\Documents and Settings\HP_Propriétaire\reader_s.exe[1948] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\Documents and Settings\HP_Propriétaire\reader_s.exe[1948] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1972] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1972] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1972] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1972] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1972] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe[2044] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe[2044] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe[2044] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe[2044] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe[2044] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E ? C:\WINDOWS\System32\svchost.exe[2240] number of sections mismatch; time/date stamp mismatch; unknown module: gdiplus.dllunknown module: OLEAUT32.dll .text C:\WINDOWS\System32\svchost.exe[2240] C:\WINDOWS\System32\svchost.exe section is writeable [0x13141000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\System32\svchost.exe[2240] C:\WINDOWS\System32\svchost.exe section is executable [0x13145000, 0x6600, 0xE0000040] .text C:\WINDOWS\System32\svchost.exe[2240] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\svchost.exe[2240] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\svchost.exe[2240] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\svchost.exe[2240] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\svchost.exe[2240] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\svchost.exe[2260] C:\WINDOWS\system32\svchost.exe section is writeable [0x01001000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\system32\svchost.exe[2260] C:\WINDOWS\system32\svchost.exe section is executable [0x01005000, 0x6600, 0xE0000040] .text C:\WINDOWS\system32\svchost.exe[2260] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\svchost.exe[2260] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\svchost.exe[2260] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\svchost.exe[2260] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\svchost.exe[2260] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\tdctxte.exe[2276] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\tdctxte.exe[2276] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\tdctxte.exe[2276] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\tdctxte.exe[2276] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\tdctxte.exe[2276] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\wdfmgr.exe[2312] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\wdfmgr.exe[2312] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\wdfmgr.exe[2312] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\wdfmgr.exe[2312] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\wdfmgr.exe[2312] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E ? C:\WINDOWS\System32\svchost.exe[2416] number of sections mismatch; time/date stamp mismatch; unknown module: gdiplus.dllunknown module: OLEAUT32.dll .text C:\WINDOWS\System32\svchost.exe[2416] C:\WINDOWS\System32\svchost.exe section is writeable [0x13141000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\System32\svchost.exe[2416] C:\WINDOWS\System32\svchost.exe section is executable [0x13145000, 0x6600, 0xE0000040] .text C:\WINDOWS\System32\svchost.exe[2416] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\svchost.exe[2416] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\svchost.exe[2416] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\svchost.exe[2416] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\svchost.exe[2416] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\system32\wscntfy.exe[3012] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\system32\wscntfy.exe[3012] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\system32\wscntfy.exe[3012] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\system32\wscntfy.exe[3012] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\system32\wscntfy.exe[3012] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\gamer\gamer.exe[3128] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\gamer\gamer.exe[3128] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\gamer\gamer.exe[3128] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\gamer\gamer.exe[3128] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\gamer\gamer.exe[3128] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\System32\alg.exe[3212] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\alg.exe[3212] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\alg.exe[3212] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\alg.exe[3212] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\alg.exe[3212] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E .text C:\WINDOWS\System32\svchost.exe[3860] C:\WINDOWS\System32\svchost.exe section is writeable [0x01001000, 0x2C00, 0xE0000060] .rsrc C:\WINDOWS\System32\svchost.exe[3860] C:\WINDOWS\System32\svchost.exe section is executable [0x01005000, 0x6600, 0xE0000040] .text C:\WINDOWS\System32\svchost.exe[3860] ntdll.dll!NtCreateFile 7C91D682 5 Bytes CALL 7FFA4491 .text C:\WINDOWS\System32\svchost.exe[3860] ntdll.dll!NtCreateProcess 7C91D754 5 Bytes CALL 7FFA4520 .text C:\WINDOWS\System32\svchost.exe[3860] ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes CALL 7FFA452D .text C:\WINDOWS\System32\svchost.exe[3860] ntdll.dll!NtOpenFile 7C91DCFD 5 Bytes CALL 7FFA4516 .text C:\WINDOWS\System32\svchost.exe[3860] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes CALL 7FFA456E ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] CB8401C7 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] 0BE90043 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] 560001D4 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] 06C7F18B IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [0043CB84] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] 01D3FDE8 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] 2444F600 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] 07740108 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] D4CCE856 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] 8B590001 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] 04C25EC6 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] 8B55C300 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] 1475FFEC IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] FF1075FF IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] 10C48308 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] 8B55C35D IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] 1475FFEC IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] FF1075FF IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] 75FF0C75 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] D9C8E808 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 458B0001 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] 2270E800 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] F18B0002 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] E8F07589 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] 0001D2CB IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] 00FC6583 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] 8D0875FF IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] 06C70C4E IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [0043CB90] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] 001C9AE8 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] E8C68B00 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 00022322 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] 560004C2 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] 006AF18B IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] 4E8D016A IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] 9006C70C IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] E80043CB IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] 000021DB IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] E95ECE8B IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] 0001D35E IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] E8F18B56 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] FFFFFFDB IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] 082444F6 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] 56077401 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] 01D425E8 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] 0004C25E IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] CB9C01C7 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] BCE90043 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] 56FFFFFF IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] 06C7F18B IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [0043CB9C] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] FFFFAEE8 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] 2444F6FF IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] 07740108 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] D3F8E856 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] 8B590001 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] 04C25EC6 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] B8046A00 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [00436DDD] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] 0221D5E8 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] 89F18B00 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] 7D8BF075 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] A3E85708 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] 830001D2 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] 8300FC65 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] 06C70C4E IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [0043CB90] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] 001BFAE8 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] E8C68B00 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 00022282 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] 830004C2 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] 60830020 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] 0A8B0004 IAT C:\WINDOWS\System32\svchost.exe[548] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] 04728B56 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] CB8401C7 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] 0BE90043 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] 560001D4 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] 06C7F18B IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [0043CB84] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] 01D3FDE8 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] 2444F600 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] 07740108 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] D4CCE856 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] 8B590001 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] 04C25EC6 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] 8B55C300 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] 1475FFEC IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] FF1075FF IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] 10C48308 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] 8B55C35D IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] 1475FFEC IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] FF1075FF IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] 75FF0C75 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] D9C8E808 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 458B0001 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] 2270E800 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] F18B0002 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] E8F07589 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] 0001D2CB IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] 00FC6583 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] 8D0875FF IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] 06C70C4E IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [0043CB90] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] 001C9AE8 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] E8C68B00 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 00022322 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] 560004C2 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] 006AF18B IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] 4E8D016A IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] 9006C70C IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] E80043CB IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] 000021DB IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] E95ECE8B IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] 0001D35E IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] E8F18B56 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] FFFFFFDB IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] 082444F6 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] 56077401 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] 01D425E8 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] 0004C25E IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] CB9C01C7 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] BCE90043 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] 56FFFFFF IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] 06C7F18B IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [0043CB9C] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] FFFFAEE8 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] 2444F6FF IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] 07740108 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] D3F8E856 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] 8B590001 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] 04C25EC6 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] B8046A00 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [00436DDD] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] 0221D5E8 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] 89F18B00 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] 7D8BF075 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] A3E85708 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] 830001D2 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] 8300FC65 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] 06C70C4E IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [0043CB90] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] 001BFAE8 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] E8C68B00 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 00022282 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] 830004C2 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] 60830020 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] 0A8B0004 IAT C:\WINDOWS\System32\svchost.exe[700] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] 04728B56 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] CB8401C7 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] 0BE90043 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] 560001D4 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] 06C7F18B IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [0043CB84] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] 01D3FDE8 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] 2444F600 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] 07740108 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] D4CCE856 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] 8B590001 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] 04C25EC6 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] 8B55C300 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] 1475FFEC IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] FF1075FF IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] 10C48308 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] 8B55C35D IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] 1475FFEC IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] FF1075FF IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] 75FF0C75 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] D9C8E808 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 458B0001 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] 2270E800 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] F18B0002 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] E8F07589 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] 0001D2CB IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] 00FC6583 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] 8D0875FF IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] 06C70C4E IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [0043CB90] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] 001C9AE8 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] E8C68B00 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 00022322 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] 560004C2 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] 006AF18B IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] 4E8D016A IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] 9006C70C IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] E80043CB IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] 000021DB IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] E95ECE8B IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] 0001D35E IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] E8F18B56 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] FFFFFFDB IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] 082444F6 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] 56077401 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] 01D425E8 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] 0004C25E IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] CB9C01C7 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] BCE90043 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] 56FFFFFF IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] 06C7F18B IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [0043CB9C] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] FFFFAEE8 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] 2444F6FF IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] 07740108 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] D3F8E856 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] 8B590001 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] 04C25EC6 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] B8046A00 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [00436DDD] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] 0221D5E8 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] 89F18B00 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] 7D8BF075 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] A3E85708 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] 830001D2 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] 8300FC65 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] 06C70C4E IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [0043CB90] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] 001BFAE8 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] E8C68B00 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 00022282 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] 830004C2 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] 60830020 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] 0A8B0004 IAT C:\WINDOWS\System32\svchost.exe[896] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] 04728B56 IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DAEAF4] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DA6A78] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DA6FC8] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DAD7CC] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [77DCC8C1] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [77DCC1B5] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [77DA7883] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] [77DAEBE7] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [77DCC123] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [77DA6BF0] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [77DA761B] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [7C80D47E] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] [7C809A81] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C812BE6] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C812E03] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C80E00D] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C801E16] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C80B357] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C812CA9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C810386] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C809750] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C80B529] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C80B859] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C812851] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C947A40] C:\WINDOWS\system32\ntdll.dll (DLL Couche NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C832E2B] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C80CEC4] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C838CB9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C81CAA2] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C80C729] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C810311] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C812C8D] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C8114AB] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C802530] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C81082F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C809C4C] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C81E4BD] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C80EB3F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C802442] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C809B77] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C80EC1B] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C9110ED] C:\WINDOWS\system32\ntdll.dll (DLL Couche NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C911005] C:\WINDOWS\system32\ntdll.dll (DLL Couche NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C809FA1] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C809C28] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C8097AD] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C838FB9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C81EE79] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C8092AC] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C80C9C1] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C80A480] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] [7C80B929] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7C8097C6] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] [7C81486A] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [7C81E92A] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [7C862849] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [7C80220F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [7C809AA2] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [7C8021CC] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [7C838EEB] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [7C802367] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] [7C8024A7] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [7C80180E] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] [7C810C8F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] [7C920331] C:\WINDOWS\system32\ntdll.dll (DLL Couche NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [7C810F9F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] [7C810976] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] [7C81114A] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] [7C81E5E9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] [7C80A0C7] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] [7C809A39] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] [7C809CAD] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2240] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] [7C81EAE1] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DAEAF4] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DA6A78] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DA6FC8] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DAD7CC] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [77DCC8C1] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [77DCC1B5] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [77DA7883] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] [77DAEBE7] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] [77DCC123] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [77DA6BF0] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [77DA761B] C:\WINDOWS\system32\ADVAPI32.dll (API avancées Windows 32/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] 00000000 IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [7C80D47E] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] [7C809A81] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C812BE6] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] [7C812E03] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] [7C80E00D] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C801E16] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C80B357] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C812CA9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C810386] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C809750] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C80B529] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C80B859] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C947A40] C:\WINDOWS\system32\ntdll.dll (DLL Couche NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C832E2B] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] [7C80CEC4] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C838CB9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C80A480] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C81CAA2] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C80C729] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C810311] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C812C8D] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C8114AB] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [7C802530] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [7C81082F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] [7C809C4C] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [7C81E4BD] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] [7C80EB3F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7C802442] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] [7C809B77] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] [7C80EC1B] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] [7C9110ED] C:\WINDOWS\system32\ntdll.dll (DLL Couche NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] [7C911005] C:\WINDOWS\system32\ntdll.dll (DLL Couche NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [7C809FA1] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [7C809C28] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] [7C8097AD] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] [7C838FB9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] [7C81EE79] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] [7C8092AC] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] [7C80C9C1] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [7C80B929] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] [7C8097C6] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] [7C81486A] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] [7C81E92A] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [7C862849] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] [7C80220F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [7C809AA2] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [7C8021CC] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [7C838EEB] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] [7C802367] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] [7C8024A7] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] [7C80180E] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] [7C810C8F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] [7C801A24] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] [7C810F9F] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] [7C810976] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] [7C81114A] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] [7C81E5E9] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] [7C80A0C7] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] [7C809A39] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] [7C809CAD] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] [7C81EAE1] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[2416] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] [7C80A859] C:\WINDOWS\system32\kernel32.dll (DLL du client API BASE Windows NT/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \Driver\NDIS \Device\Ndis [828F8982] NDIS.sys[.reloc] AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Files - GMER 1.0.15 ---- File C:\Documents and Settings\All Users\Application Data\Adobe\Updater5\AdobeESDGlobalApps.xml 285 bytes File C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys (size mismatch) 182656/182912 bytes executable File C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys (size mismatch) 182656/182912 bytes executable File C:\WINDOWS\system32\drivers\ndis.sys (size mismatch) 213376/182912 bytes executable File C:\WINDOWS\system32\dllcache\ndis.sys (size mismatch) 213376/182912 bytes executable File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000179.query 184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000084.query 314 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000096.query 778 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b4.query 534 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c7.query 5378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e4.query 476 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fb.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000106.query 7128 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000119.query 990 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000137.query 7340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000148.query 218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000168.query 252 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000007f.query 8966 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000080.query 222 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000082.query 0 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000083.query 11954 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000085.query 2950 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000086.query 2950 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000088.query 284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008a.query 17578 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008b.query 17578 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008c.query 570 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008d.query 1926 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000008e.query 1926 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000090.query 214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000092.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000093.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000094.query 300 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000095.query 778 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000098.query 198 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009a.query 2968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009b.query 2968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009c.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009e.query 5536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000009f.query 5536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a0.query 296 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a2.query 1994 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a3.query 1994 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a4.query 298 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a6.query 2934 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a7.query 2934 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000a8.query 212 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000aa.query 2866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ab.query 2866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ac.query 200 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ae.query 3786 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000af.query 3786 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b0.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b1.query 1062 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b2.query 1062 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b5.query 3718 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b6.query 3718 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000b8.query 182 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ba.query 7326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000bb.query 7326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000bc.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000be.query 4324 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000bf.query 4324 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c0.query 190 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c2.query 3660 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c3.query 3660 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c4.query 222 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c6.query 5378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000c8.query 276 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ca.query 3976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000cb.query 3976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000cc.query 254 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ce.query 14864 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000cf.query 14864 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d0.query 204 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d2.query 5480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d3.query 5480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d4.query 200 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d6.query 3256 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d7.query 3256 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000d8.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000da.query 1892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000db.query 1892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000dc.query 368 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000dd.query 514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000de.query 514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e0.query 236 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e1.query 378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e2.query 6314 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e3.query 5944 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e5.query 1312 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e6.query 1312 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000e8.query 284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ea.query 8102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000eb.query 8102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ec.query 266 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ee.query 8042 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ef.query 8042 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f0.query 276 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f2.query 4150 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f3.query 4150 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f4.query 536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f5.query 2360 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f6.query 2360 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000f8.query 328 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fa.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fc.query 318 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000fe.query 3766 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000000ff.query 3766 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000100.query 340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000101.query 506 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000102.query 4902 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000103.query 4404 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000104.query 348 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f1.query 1214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f2.query 2054 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f3.query 848 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f4.query 496 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f8.query 246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001fc.query 244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000200.query 252 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000204.query 84 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000205.query 476 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000206.query 476 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000208.query 160 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000107.query 7128 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000108.query 266 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000010a.query 1480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000010b.query 1480 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000010c.query 356 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000110.query 452 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000111.query 942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000112.query 942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000114.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000115.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000116.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000118.query 518 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011a.query 990 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011c.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011d.query 2078 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000011e.query 2078 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000120.query 338 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000121.query 1086 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000122.query 1086 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000124.query 246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000126.query 7702 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000127.query 7702 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000128.query 152 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012a.query 296 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012b.query 296 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012c.query 444 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012d.query 4082 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000012e.query 4082 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000130.query 238 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000132.query 9370 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000133.query 9370 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000134.query 306 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000136.query 7340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000138.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013a.query 5652 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013b.query 5652 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013c.query 232 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013e.query 7606 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000013f.query 7606 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000140.query 348 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000142.query 9044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000143.query 9044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000144.query 294 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000146.query 8426 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000147.query 8426 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014a.query 6942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014b.query 6942 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014c.query 226 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014e.query 7550 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000014f.query 7550 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000150.query 274 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000152.query 5448 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000153.query 5448 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000154.query 340 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000156.query 11238 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000157.query 11238 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000158.query 478 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000015c.query 504 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000160.query 462 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000162.query 4968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000163.query 4968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000164.query 388 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000165.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000166.query 3626 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016a.query 19148 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016b.query 19148 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016c.query 196 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016e.query 7594 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000016f.query 7594 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000170.query 168 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000172.query 3420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000173.query 3420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000174.query 124 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000176.query 10956 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000177.query 10956 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000178.query 134 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017a.query 2642 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017b.query 2466 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017c.query 156 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017e.query 6006 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000017f.query 6006 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000180.query 234 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000182.query 21404 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000183.query 21404 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000184.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000186.query 9900 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000187.query 9900 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000188.query 204 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018a.query 4206 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018b.query 4206 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018c.query 282 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018d.query 546 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018e.query 1050 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000018f.query 512 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000190.query 252 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000191.query 598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000192.query 598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000194.query 210 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000196.query 1960 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000197.query 1960 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000198.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019a.query 19024 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019b.query 19024 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019c.query 188 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019e.query 6536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000019f.query 6536 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a0.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a3.query 9952 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a4.query 432 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a8.query 246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001aa.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ab.query 5456 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ac.query 364 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ad.query 3866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ae.query 3866 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b0.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b2.query 17598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b3.query 17598 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b4.query 262 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b6.query 7244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b7.query 7244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001b8.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ba.query 11944 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001a2.query 9952 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001bb.query 11944 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d4.query 326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001f0.query 694 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000020a.query 3892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000227.query 2284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000239.query 1520 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000256.query 2218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000269.query 972 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000285.query 974 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000299.query 2044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001bc.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001be.query 2004 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001bf.query 2004 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c0.query 242 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c2.query 18050 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c3.query 18050 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c4.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c6.query 7300 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c7.query 7300 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001c8.query 274 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ca.query 7884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001cb.query 7884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001cc.query 292 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ce.query 24326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001cf.query 24326 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d0.query 242 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d2.query 4332 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d3.query 4332 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000020b.query 3892 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000020c.query 230 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000210.query 102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000212.query 1420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000213.query 1420 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000214.query 84 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000215.query 2102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000216.query 2102 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000218.query 244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000219.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021a.query 2246 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021c.query 174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021d.query 1670 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000021e.query 1670 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000220.query 172 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000221.query 2330 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000222.query 2330 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000224.query 208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000226.query 2284 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000228.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000229.query 354 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022a.query 4378 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022b.query 4032 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022c.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022d.query 1884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000022e.query 1884 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000230.query 206 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000231.query 3184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000232.query 3184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000234.query 218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000236.query 5838 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000237.query 5838 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000238.query 282 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023a.query 1520 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023c.query 446 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023d.query 2444 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000023e.query 2444 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000240.query 146 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000241.query 1592 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000242.query 1592 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000244.query 210 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000246.query 1780 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000247.query 1780 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000248.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024a.query 2154 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024b.query 2154 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024c.query 200 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024e.query 3142 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000024f.query 3142 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000250.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000252.query 3586 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000253.query 3586 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000254.query 244 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000255.query 2218 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000258.query 162 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025a.query 3562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025b.query 3562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025c.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025e.query 664 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000025f.query 664 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000260.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000261.query 562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000262.query 562 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000264.query 202 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000266.query 3514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000267.query 3514 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000268.query 184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026a.query 972 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026c.query 156 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026e.query 2260 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000026f.query 2260 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000270.query 184 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000272.query 4014 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000273.query 4014 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000274.query 156 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000276.query 904 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000277.query 904 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000278.query 220 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027a.query 1018 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027b.query 1018 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027c.query 214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027e.query 5064 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000027f.query 5064 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000280.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000282.query 2858 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000283.query 2858 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000284.query 194 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000286.query 974 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000288.query 264 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000289.query 322 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028a.query 322 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028c.query 196 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028d.query 976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000028e.query 976 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000290.query 134 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000292.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000293.query 278 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000294.query 146 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000296.query 5174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000297.query 5174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\00000298.query 364 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029a.query 2044 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029c.query 350 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029e.query 1458 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\0000029f.query 1458 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a0.query 402 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a2.query 1996 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a3.query 1996 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a4.query 216 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a6.query 1968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a7.query 1968 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002a8.query 258 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002aa.query 1180 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ab.query 1180 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ac.query 222 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ad.query 614 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ae.query 1628 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002af.query 1022 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b0.query 230 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b2.query 3174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b3.query 3174 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b4.query 214 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b6.query 3162 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b7.query 3162 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002b8.query 208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002ba.query 2542 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000002bb.query 2542 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d6.query 8208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d7.query 8208 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001d8.query 204 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001da.query 6792 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001db.query 6792 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001dc.query 516 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e0.query 440 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e2.query 4792 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e3.query 4792 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e4.query 262 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e6.query 5648 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e7.query 5648 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001e8.query 564 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ec.query 82 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ed.query 694 bytes File C:\WINDOWS\pchealth\helpctr\OfflineCache\Personal_32#040c\000001ee.query 694 bytes ---- EOF - GMER 1.0.15 ---- Espérons que les renseignements trouvés soient suffisants.