NeoKyrA
-
Compteur de contenus
9 -
Inscription
-
Dernière visite
NeoKyrA's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
Salut Lance_yien, Désolé pour le temps de réponse,petit soucis avec internet... Après vérification,cela fait maintenant quelques jours que je n'envoie,ni ne reçois de mail douteux,il semblerai que mon problème soit effectivement résolu et mon pc semble avoir retrouvé sa jeunesse...enfin presque xD. Donc je te remercie encore une fois pour le temps que tu m'as accordé et pour ce résultat final.Bonne chance pour la suite,je vais de ce pas corriger le titre et le marquer comme résolu.Ciaoooo !!! -
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
ADS C:\WINDOWS\System32\XMNT2002.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\xenroll.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wupdmgr.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wshnetbs.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wshisn.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wshatm.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\write.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wpdtrace.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wowfaxui.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wowfax.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wowexec.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wowdeb.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmv8dmoe.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmpui.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmpns.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmpcore.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmpcd.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmp.ocx:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmiprop.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmimgmt.msc:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmidx.ocx:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmerrFRA.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmaudsdk.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\WISPTIS.EXE:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winstrm.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winspool.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winsock.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winoldap.mod:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winnls.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winmsd.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winmine.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winhlp32.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winhelp.hlp:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winfax.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\winchat.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\win87em.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\win.com:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wifeman.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wiavusd.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wiasf.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wgapiloc.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wgapi.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\webhits.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\webfldrs.msi:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wdl.trm:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wcapi.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbdbase.sve:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbdbase.nld:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbdbase.ita:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbdbase.fra:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbdbase.esn:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbdbase.enu:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbdbase.deu:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbcache.sve:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbcache.nld:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbcache.ita:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbcache.fra:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbcache.esn:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbcache.enu:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wbcache.deu:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\w95inf32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\w95inf16.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\w32topl.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\w32tm.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vxdmdcdlg.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vssadmin.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vss_ps.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vjoy.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vidx16.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vga64k.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vga256.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vfpodbc.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\verifier.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ver.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\VEN2232.OLB:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vcdex.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vbsfr.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\VBAME.DLL:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\VBAFR32.OLB:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vatee.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\v7vga.rom:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrvpa.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrvoica.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrv80a.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrv42a.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrsvpia.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrshuta.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrsdpia.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrrtosa.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrprbda.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrmlnka.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrlogon.cmd:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrlbva.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrfaxa.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrdtea.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrdpa.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrcoina.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\usrcntra.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ureg.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\unlodctr.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\unam4ie.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ufat.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\typelib.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TTIC32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TTI32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tsshutdn.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tslabels.ini:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tslabels.h:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tskill.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tsdiscon.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tscupgrd.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tscon.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tsappcmp.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tracert6.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPwrSave.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPSDel.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPSAddin.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tosmreg.ini:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tosmreg.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Toshiba.cab:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ToshBIOS.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\toolhelp.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tm20dec.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tftp.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\telephon.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tcpmon.ini:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tcmsetup.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\taskman.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tapiui.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tapi.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\systray.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sysprtj.sep:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sysprint.sep:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\syskey.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sysinv.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\SYSINFO.OCX:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sysedit.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\SynTPCo2.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\SynCtrl.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\syncapp.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\swprv.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\svcpack.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\subst.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\subrange.uce:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\streamci.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\storage.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sqlwoa.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sqlwid.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\spxcoins.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sprio800.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sprio600.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sprestrt.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\spnike.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sol.exe:KAVICHS deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: iowa ->Temp folder emptied: 796844 bytes ->Temporary Internet Files folder emptied: 21961679 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 15920560 bytes ->Flash cache emptied: 1817 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LogMeInRemoteUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: marion User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 255 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 37,00 mb [EMPTYFLASH] User: Administrateur User: All Users User: Default User ->Flash cache emptied: 0 bytes User: iowa ->Flash cache emptied: 0 bytes User: LocalService User: LogMeInRemoteUser ->Flash cache emptied: 0 bytes User: marion User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.21.0 log created on 02262011_035542 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Voilà,j'espère que j'ai rien oublié. -
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
Bonsoir, Des nouvelles de ma boite mail,pas de nouveau message,pour l'instant...Mais effectivement,changer le mot de passe serait la moindre des choses,j'y ai même pas pensé xD Pour freecorder,tout passe par la barre d'outil donc si ça vient de là il y aura toujours un problème j'imagine,mais c'est pas grave,il me sert juste a enregistrer la piste audio du pc,il existe beaucoup de "logiciel" similaire,donc je peux m'en passer. Voici enfin le rapport d'OTL: All processes killed ========== OTL ========== ADS C:\WINDOWS\winhelp.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wuaueng1.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wuauclt1.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\wfwnet.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\VSFilter.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vga.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\vga.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\user.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\unicode.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tssoft32.acm:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tsd32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TSBWLS.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPwrReg.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPSMainCtl.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPSMain.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPSBattM.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TPeculiarity.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TOSCDSPD.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\timer.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TCtrlIO.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TCtrlCommon.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\TCMSVR.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\tapiperf.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\system.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\SynTPFcs.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\SynTPAPI.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\SynCOM.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\stdole32.tlb:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sstunst2.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sstunins.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sound.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sortkey.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\sndvol32.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\RTSndMgr.Cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\rsvpperf.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\rsvp.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\redir.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\RealMediaSplitter.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\rasmontr.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\rasctrs.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\qttask.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\QCUI2.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\pschdprf.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\pifmgr.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\perfts.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\olethk32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\olesvr32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\oleaccrc.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\oggsplitter.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\OEMLOGO.BMP:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\oembios.sig:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\oembios.dat:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\oembios.bin:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ntsdexts.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ntio.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ntdos.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\netmsg.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\netevent.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ncxpnt.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ncpa.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mycomput.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\msxml3r.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mshearts.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\msgsm32.acm:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\msg723.acm:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\msg711.acm:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mscomctl.ocx:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mscdexnt.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\msacm32.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mpg4c32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mouse.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mmsystem.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mmdrv.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Mfc42loc.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mcicda.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\mcd32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\MatroskaSplitter.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\main.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\lz32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Ltkrn12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Ltimg12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Ltfil12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Ltefx12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Ltdis12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\LQCUI2.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\logoxp.jpg:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\LMRTREND.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\libmplayer.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\libavcodec.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\lftif12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\lffax12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Lfcmp12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\lfbmp12n.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\LCamCpl.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\keyboard.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\keyboard.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\kdcom.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\kbdus.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\kbdfr.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\kb16.com:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\IVIresizeA6.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\iuengine.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ir32_32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ipxpromn.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ipxmontr.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\inetcplc.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\HWSETUP.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\hnetmon.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\himem.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\geo.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\fmifs.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ffdshow.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drwtsn32.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drvc.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\WOWHD_kern_i386.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ulink.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\Tvs.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\SynTP.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\sfsync02.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\sfhlp02.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\sfhlp01.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\sfdrv01.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\Rtlnicxp.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\RTL8139.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\prosync1.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\prohlp02.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\prodrv06.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\system32\DRIVERS\pciide.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\null.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\Netdevio.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\NBSMI.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\lv302af.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\lilsgt.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ithsgt.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\system32\DRIVERS\ftdisk.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Drivers\DRVMCDB.SYS:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\DLACDBHM.SYS:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\beep.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ativvpxx.vp:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ativckxx.vp:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ativcaxx.vp:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ativcaxx.cpa:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ati2mtag.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\ar5211.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\AGRSM.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\drivers\AegisP.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\dosx.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\dmocx.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\DLLRES32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\DLLIO32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\DLLDRV32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\DLLDEV32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\dfrg.msc:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\devmgmt.msc:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\dbgeng.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\d3dxof.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\d3drm.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\d3dim.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ctype.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\CpuPerf.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\country.sys:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\CoreVorbis.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\control.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\command.com:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\comm.drv:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\CNMVS66.DLL:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\CNMLM66.DLL:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\CmdLineExt.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\CamCpl.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\c_28591.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\c_1253.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\c_1251.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\c_1250.nls:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\AviSplitter.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\Audiodev.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ativvaxx.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\atitvo32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\atipdlxx.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\atioglxx.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\atikvmag.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\atiicdxx.dat:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ati3duag.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ati2dvag.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ati2cqag.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\athcfg11ResLoc.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\athcfg11res.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ALSndMgr.Cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\AddRemove.ico:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\acs.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\acelpdec.ax:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\ac3filter.cpl:KAVICHS deleted successfully. ADS C:\WINDOWS\System32\$winnt$.inf:KAVICHS deleted successfully. ADS C:\WINDOWS\SoundMan.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\RTHDCPL.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\p_981116.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\IsUninst.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\alcwzrd.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\Alcmtr.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\_default.pif:KAVICHS deleted successfully. ADS C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe:KAVICHS deleted successfully. ADS C:\Program Files\mxfilerelatedcache.mxc2:KAVICHS deleted successfully. ADS C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe:KAVICHS deleted successfully. ADS C:\Documents and Settings\iowa\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini:KAVICHS deleted successfully. ADS C:\Documents and Settings\iowa\Application Data\desktop.ini:KAVICHS deleted successfully. ADS C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk:KAVICHS deleted successfully. ADS C:\Documents and Settings\All Users\Menu Démarrer\Programmes\desktop.ini:KAVICHS deleted successfully. ADS C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini:KAVICHS deleted successfully. ADS C:\Documents and Settings\All Users\Documents\desktop.ini:KAVICHS deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\desktop.ini:KAVICHS deleted successfully. ADS F:\ElbyCDIO.dll:KAVICHS deleted successfully. ADS F:\Copie de desktop.ini:KAVICHS deleted successfully. ADS C:\WINDOWS\www.soyabean.com.scr:KAVICHS deleted successfully. ADS C:\WINDOWS\wmprfFRA.prx:KAVICHS deleted successfully. ADS C:\WINDOWS\winnt256.bmp:KAVICHS deleted successfully. ADS C:\WINDOWS\winnt.bmp:KAVICHS deleted successfully. ADS C:\WINDOWS\wininit.ini:KAVICHS deleted successfully. ADS C:\WINDOWS\wiaservc.log:KAVICHS deleted successfully. ADS C:\WINDOWS\vmmreg32.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\vbaddin.ini:KAVICHS deleted successfully. ADS C:\WINDOWS\vb.ini:KAVICHS deleted successfully. ADS C:\WINDOWS\unin040c.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\twunk_32.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\twunk_16.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\TWallEx43_169.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\twain.dll:KAVICHS deleted successfully. ADS C:\WINDOWS\TVersion.xml:KAVICHS deleted successfully. ADS C:\WINDOWS\TOSHIBA Satellite.bmp.169:KAVICHS deleted successfully. ADS C:\WINDOWS\TLocationShortCut.exe:KAVICHS deleted successfully. ADS C:\WINDOWS\TASKMAN.EXE:KAVICHS deleted successfully. -
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
Salut, Comme tu me l'as conseillé j'ai gardé ton ton script de correction sans le modifier,de toute façon je ne me sert plus des programme sités depuis un bon bout de temps,mis a part freecorder,mais bon tampis... Donc voici le rapport d'OTL après la correction: All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{1392b8d2-5c05-419f-a8f6-b9f15a596612} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\ deleted successfully. C:\Program Files\Freecorder\tbFre0.dll moved successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully. C:\Program Files\Vuze_Remote\tbVuze.dll moved successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Prefs.js: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.2.0 removed from extensions.enabledItems Prefs.js: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0 removed from extensions.enabledItems C:\Documents and Settings\iowa\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Extensions folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}\chrome folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9} folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\lib folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\lib folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\custombuttons folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\contenthandling folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\components folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\searchplugin folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\META-INF folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\lib folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\defaults folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\chrome folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} folder moved successfully. C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions folder moved successfully. Folder C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\ not found. Folder C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\tb-amulet-of-protection\content folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\tb-amulet-of-protection folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\google3 folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\firefox folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} folder moved successfully. C:\Program Files\Mozilla Firefox\extensions folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\ not found. File C:\Program Files\Freecorder\tbFre0.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully. C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. C:\Program Files\ConduitEngine\ConduitEngine.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully. C:\Program Files\AVG\AVG9\avgssie.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CA3D70E-1895-11CF-8E15-001234567890}\ deleted successfully. C:\WINDOWS\system32\DLA\DLASHX_W.DLL moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found. File C:\Program Files\Vuze_Remote\tbVuze.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1392b8d2-5c05-419f-a8f6-b9f15a596612} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\ not found. File C:\Program Files\Freecorder\tbFre0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found. File C:\Program Files\Vuze_Remote\tbVuze.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1392B8D2-5C05-419F-A8F6-B9F15A596612} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}\ not found. File C:\Program Files\Freecorder\tbFre0.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found. File C:\Program Files\Vuze_Remote\tbVuze.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Freecorder FLV Service deleted successfully. C:\Program Files\Freecorder\FLVSrvc.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Winamp Toolbar Search\ deleted successfully. C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{043a218d-f1d2-11db-a3fc-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043a218d-f1d2-11db-a3fc-0011f5df645d}\ not found. File RavMonE.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{043a218d-f1d2-11db-a3fc-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043a218d-f1d2-11db-a3fc-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14f3f19a-294d-11df-a95c-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14f3f19a-294d-11df-a95c-0011f5df645d}\ not found. File SamsungSoftware\APPInst.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{231bbb28-ff9c-11db-a427-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{231bbb28-ff9c-11db-a427-0011f5df645d}\ not found. File AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{231bbb28-ff9c-11db-a427-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{231bbb28-ff9c-11db-a427-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36fac9b2-f056-11dc-a5f7-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36fac9b2-f056-11dc-a5f7-0011f5df645d}\ not found. File AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36fac9b2-f056-11dc-a5f7-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36fac9b2-f056-11dc-a5f7-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3efff826-2633-11de-a7d2-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3efff826-2633-11de-a7d2-0011f5df645d}\ not found. File E:\AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3efff826-2633-11de-a7d2-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3efff826-2633-11de-a7d2-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65dc4288-fba4-11dd-a797-0011f5df645d}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65dc4288-fba4-11dd-a797-0011f5df645d}\ not found. File C:\RECYCLER\RECYCLER\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65dc4288-fba4-11dd-a797-0011f5df645d}\ not found. File C:\RECYCLER\RECYCLER\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65dc4288-fba4-11dd-a797-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\RECYCLER\autorun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65f340a6-6e78-11dc-a51c-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65f340a6-6e78-11dc-a51c-0011f5df645d}\ not found. File AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65f340a6-6e78-11dc-a51c-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65f340a6-6e78-11dc-a51c-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ec2860-fc02-11da-a087-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82ec2860-fc02-11da-a087-0011f5df645d}\ not found. File AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ec2860-fc02-11da-a087-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82ec2860-fc02-11da-a087-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83ce6e50-da6c-11dd-a771-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ce6e50-da6c-11dd-a771-0011f5df645d}\ not found. File cold\hott\raidhost.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83ce6e50-da6c-11dd-a771-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ce6e50-da6c-11dd-a771-0011f5df645d}\ not found. File cold\hott\raidhost.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83ce6e50-da6c-11dd-a771-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ce6e50-da6c-11dd-a771-0011f5df645d}\ not found. File cold\hott\raidhost.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8df0509e-a182-11db-a2e9-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8df0509e-a182-11db-a2e9-0011f5df645d}\ not found. File E:\AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8df0509e-a182-11db-a2e9-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8df0509e-a182-11db-a2e9-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91021662-abe3-11dc-a593-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91021662-abe3-11dc-a593-0011f5df645d}\ not found. File G:\AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91021662-abe3-11dc-a593-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91021662-abe3-11dc-a593-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a262d41e-0ea5-11e0-aa8e-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a262d41e-0ea5-11e0-aa8e-0011f5df645d}\ not found. File E:\Toshiba\Launcher\start.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5d2d4a7-d6bf-11da-986b-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5d2d4a7-d6bf-11da-986b-0011f5df645d}\ not found. File E:\AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5d2d4a7-d6bf-11da-986b-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5d2d4a7-d6bf-11da-986b-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb802be6-0d32-11dc-a458-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb802be6-0d32-11dc-a458-0011f5df645d}\ not found. File AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb802be6-0d32-11dc-a458-0011f5df645d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb802be6-0d32-11dc-a458-0011f5df645d}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f00c7b60-da11-11da-9ff5-0011f5df645d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f00c7b60-da11-11da-9ff5-0011f5df645d}\ not found. File .pspware\PSPWareLauncher.exe not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== C:\Program Files\Azureus\plugins\azupnpav folder moved successfully. C:\Program Files\Azureus\plugins\azupdater folder moved successfully. C:\Program Files\Azureus\plugins\azrating folder moved successfully. C:\Program Files\Azureus\plugins\azplugins folder moved successfully. C:\Program Files\Azureus\plugins\azitunes folder moved successfully. C:\Program Files\Azureus\plugins\azemp\mplayer folder moved successfully. C:\Program Files\Azureus\plugins\azemp folder moved successfully. C:\Program Files\Azureus\plugins folder moved successfully. C:\Program Files\Azureus\.install4j folder moved successfully. C:\Program Files\Azureus folder moved successfully. C:\Program Files\eMule\webserver folder moved successfully. C:\Program Files\eMule\Temp folder moved successfully. C:\Program Files\eMule\skins folder moved successfully. C:\Program Files\eMule\lang folder moved successfully. C:\Program Files\eMule\Incoming folder moved successfully. C:\Program Files\eMule\config folder moved successfully. C:\Program Files\eMule folder moved successfully. File\Folder C:\Program Files\BitTorrent_DNA not found. File\Folder C:\Program Files\BitTorrent not found. C:\Program Files\Freecorder\Uninstall folder moved successfully. C:\Program Files\Freecorder folder moved successfully. C:\Program Files\Vuze_Remote folder moved successfully. C:\Program Files\Winamp Toolbar folder moved successfully. C:\Program Files\ConduitEngine folder moved successfully. C:\Documents and Settings\iowa\Local Settings\Application Data\ConduitEngine\MyStuffApps folder moved successfully. C:\Documents and Settings\iowa\Local Settings\Application Data\ConduitEngine\Logs folder moved successfully. C:\Documents and Settings\iowa\Local Settings\Application Data\ConduitEngine\ExternalComponent folder moved successfully. C:\Documents and Settings\iowa\Local Settings\Application Data\ConduitEngine\CacheIcons folder moved successfully. C:\Documents and Settings\iowa\Local Settings\Application Data\ConduitEngine folder moved successfully. C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully. C:\WINDOWS\tasks\Google Software Updater.job moved successfully. C:\sqmdata00.sqm moved successfully. C:\sqmdata01.sqm moved successfully. C:\sqmdata02.sqm moved successfully. C:\sqmdata03.sqm moved successfully. C:\sqmdata04.sqm moved successfully. C:\sqmdata05.sqm moved successfully. C:\sqmdata06.sqm moved successfully. C:\sqmdata07.sqm moved successfully. C:\sqmdata08.sqm moved successfully. C:\sqmdata09.sqm moved successfully. C:\sqmdata10.sqm moved successfully. C:\sqmdata11.sqm moved successfully. C:\sqmdata12.sqm moved successfully. C:\sqmdata13.sqm moved successfully. C:\sqmdata14.sqm moved successfully. C:\sqmdata15.sqm moved successfully. C:\sqmdata16.sqm moved successfully. C:\sqmdata17.sqm moved successfully. C:\sqmdata18.sqm moved successfully. C:\sqmdata19.sqm moved successfully. C:\sqmnoopt00.sqm moved successfully. C:\sqmnoopt01.sqm moved successfully. C:\sqmnoopt02.sqm moved successfully. C:\sqmnoopt03.sqm moved successfully. C:\sqmnoopt04.sqm moved successfully. C:\sqmnoopt05.sqm moved successfully. C:\sqmnoopt06.sqm moved successfully. C:\sqmnoopt07.sqm moved successfully. C:\sqmnoopt08.sqm moved successfully. C:\sqmnoopt09.sqm moved successfully. C:\sqmnoopt10.sqm moved successfully. C:\sqmnoopt11.sqm moved successfully. C:\sqmnoopt12.sqm moved successfully. C:\sqmnoopt13.sqm moved successfully. C:\sqmnoopt14.sqm moved successfully. C:\sqmnoopt15.sqm moved successfully. C:\sqmnoopt16.sqm moved successfully. C:\sqmnoopt17.sqm moved successfully. C:\sqmnoopt18.sqm moved successfully. C:\sqmnoopt19.sqm moved successfully. C:\Program Files\setup.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 83 bytes User: iowa ->Temp folder emptied: 67384722 bytes ->Temporary Internet Files folder emptied: 11988776 bytes ->Java cache emptied: 132516 bytes ->FireFox cache emptied: 98837458 bytes ->Flash cache emptied: 5074 bytes User: LocalService ->Temp folder emptied: 115616 bytes ->Temporary Internet Files folder emptied: 7152013 bytes User: LogMeInRemoteUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 83 bytes User: marion User: NetworkService ->Temp folder emptied: 1136658 bytes ->Temporary Internet Files folder emptied: 519371 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 4906 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 17048 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 91183498 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 266,00 mb [EMPTYFLASH] User: Administrateur User: All Users User: Default User ->Flash cache emptied: 0 bytes User: iowa ->Flash cache emptied: 0 bytes User: LocalService User: LogMeInRemoteUser ->Flash cache emptied: 0 bytes User: marion User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.21.0 log created on 02252011_013152 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-0c558528e06bc524d3d66a4cad6d966a45149dc1e1fb3cb4c6f729d14d956430347661f9f33fff40f748f2233c1cb9e86c4c4e4ed083176528ae3418049e53fa3a15919bb0fbd7f2f38440f7f63aeab21ffffe213cebfe219c189697b0f6870afda7af1c9 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-46ce515f51a445bfc8d297abc835ba57be41f1e0d20066c25876ae5020a9fc9bcdb8ff4a8179f16d500e272c7143dc11b7ed2113c11ce282e87167aba9a554bedef5337c348925de679aa23628bdce646df39b4d431b60bb161a072288c6a7138c2a27381 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-67c27090e6f1f50dbc289fd4bdcc395ae83222b651e85fae32f5129e35849e73a1615c1896aa0ef64289769ae970592eed49894f3c588a8147bbf854e479a880e1b54ef16759d9d8b452c33c0ca28a0d62fc07163b35926c1f7fa65a478096312637df7a1 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-692cb9558ffaeb66cd6d7aa19aae24ac98f0bc2361a4285f3f38e01a02b2d2f69b1a47a03dae76d7049bd15d51fe5056aaf378cf5709a3c9f82b06866a4aabaae0fcc26deef6c24a2b1083c85d0f56211571ecad2ca25257d7260dd92b46a6b4a46715a0f not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-6a44abc68224e8e5fd7f61c34c7727b7c316c7aee82602cc28412f5de5decc21ae5eb4516e1d3dabf9eac8b64ebbee924b93f773e460b7227f959d55800516fb1578f47411528ee8d403cacca0d12f8e100b04e61883c17ecdb70e968b3095344bc4a776b not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-984832b180fbd8af14fcdf9aec29e9003b4f96ceddbc56f4def0ef4fbb3a761dc4fe5c7f571da640fd44ad8e30ffcdf2fbea0e3b2fb34c6a71afe84af7c9a113f9b66392f80b8fd8b5aa8bf7189f97c3d4f3e502e60dbf4b88a4b8431de1893a1591264ea not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-9dd11ad270b51d7f898899f1f81e2deac25bf1724f2bb4cf59896277c8476fd1ea87e443ea6a6c854aae6b70357f872a7321e72c6bfe2d41a00c8113497a7cf9a26e3f002dffe9acb43de2d78d4b0af53dcb5f3a0fe3d2d3b1a3787ad81e998957a8c364f not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-a80d1caa70906497c6637919919fd927d834ab8892e650a1b5ffde2eabe86d9ec03d08b0bdec04632bb1f813a4d7d26ea33f32cef4cb04a0ccac34de1735c1f0c55c60f6d063318292c7aecd107ba01ec8bc19b1d263fa12a6ea374ce46608b3f732d8c18 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-b421b61ac9d4e320cd8d7d5c40aeab6ca9d909ef7e6c6941c1152abc32555f1a72239d7e9b6f5168671d28b534e5d9375c97d9e0d87a07ae8d1839fe0e302f6fc85915b80939889c59606c184fa315838e174f89caf50c837237090e956fed6a12e77e102 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-c55d7f15ae8fb19292d68f47439d4e3daf115c92006525fe7c5a8bf20faff2cb8b74dbc530f1c9b849cf15deb31a9aab63e15eb879b73dc343bf4453fd694eeec0869c15b14b2d765b0c07b1de0728c1312b220c3c34011871aed8664d3e0dbc689e63a1c not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-cdfc2e362cc99151df00753855d1e69e077bafdfaa764fa11abd530de9d116d45ec3a93d945218b8be70a0621f649aad13d3ca4d9fdde59539218657a1e571713f490b3850f82de367b9cdd54f3fb23c88e1edb205e35150973289e5f7218a1438dbf918c not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-28\plugin-e549f0b57b70f066ff84ce0ad528b923643b6f6546f310945bdce20dcadea16d26241eed60f7015c42bb3f0752eec1fb5b66a2754ad8ee9d2ae2a6d2c55ca7e0a894f173bb75aab05b996145bccc08aad4c5aeea0d5e14ae6fbf21b896f3ecf431659bd72 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-2\plugin-00b09c9f51a48ccbc98837ff6ab4b1a25bdb6a421183ec5228363f3b43b7a315f02ee74e244a615c45a493dd784fd3e6889ea9b9256ee3fbe47e91c8f06772254356039c9bc4f77dd3b075664ae8578e122450b39b517c93ddee80aee45f3443 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-2\plugin-00b09c9f51a48ccbc98837ff6ab4b1a25bdb6a421183ec5228363f3b43b7a315f02ee74e244a615c45a493dd784fd3e6889ea9b9256ee3fbe47e91c8f06772254356039c9bc4f77dd3b075664ae8578e122450b39b517c93ddee80aee45f3443-1 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-2\plugin-00b09c9f51a48ccbc98837ff6ab4b1a25bdb6a421183ec5228363f3b43b7a315f02ee74e244a615c45a493dd784fd3e6889ea9b9256ee3fbe47e91c8f06772254356039c9bc4f77dd3b075664ae8578e122450b39b517c93ddee80aee45f3443-2 not found! File\Folder C:\Documents and Settings\iowa\Local Settings\Temp\plugtmp-1\plugin-3f8977a31d9e59e0ac81792a45a2cad801ca94dd0ee6a52f6701249de928099e96e17942246666fedc27f91f886f690307bc577ee5ebbfdbd380824c8d7ac8e0859bdd068eba17a76a8dcf336e3f13152fe2d5338769f4f6113c4455753ccb61 not found! Registry entries deleted on Reboot... Pour ce qui est des soucis,je viens de consulter ma boite mail,j'ai encore reçu des messages de mon coté mais il semblerai que cela date d'avant les corrections d'OTL,je viens juste de relancer mon pc il a une heure donc je n'ose pas trop m'avancer sur le résultat mais une chose est sûre,les différentes manip que tu m'as demandé de faire ne lui ont fait que du bien,c'est déjà ça !! En ce qui concerne l'état de la mémoire je sais qu'il y a pas mal de bouleau a faire,il commence a être "relativement" agé et a force d'installer,désinstaller des logiciels,tenter diverse manip sans vraiment connaitre grand chose je pense que j'ai bien mit la pagaille dans mon disque dur,du coup je n'arrive plus a récupérer la place nécessaire,je ne sais pas vraiment quoi supprimer. Je garde un oeil sur ma boite mail et je renverrai un message,dans la nuit sûrement (en rentrant du travail),pour te dire si d'autre message sont arrivés. Bon après-midi... -
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
Et le second: OTL Extras logfile created on: 24/02/2011 01:51:00 - Run 1 OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\iowa\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 446,00 Mb Total Physical Memory | 172,00 Mb Available Physical Memory | 39,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): C:\pagefile.sys 0 0F:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 38,28 Gb Total Space | 1,09 Gb Free Space | 2,84% Space Free | Partition Type: NTFS Drive F: | 54,88 Gb Total Space | 36,45 Gb Free Space | 66,42% Space Free | Partition Type: NTFS Computer Name: YOUR-A734457C79 | User Name: iowa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AAW2007] -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe /scanfolder "%1" (Lavasoft AB) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 "16637:TCP" = 16637:TCP:*:Enabled:NortonAV "14750:TCP" = 14750:TCP:*:Enabled:NortonAV "14387:TCP" = 14387:TCP:*:Enabled:NortonAV "17304:TCP" = 17304:TCP:*:Enabled:NortonAV "18742:TCP" = 18742:TCP:*:Enabled:NortonAV "18974:TCP" = 18974:TCP:*:Enabled:NortonAV "17816:TCP" = 17816:TCP:*:Enabled:NortonAV "12960:TCP" = 12960:TCP:*:Enabled:NortonAV "18015:TCP" = 18015:TCP:*:Enabled:NortonAV "13543:TCP" = 13543:TCP:*:Enabled:NortonAV "12934:TCP" = 12934:TCP:*:Enabled:NortonAV "15334:TCP" = 15334:TCP:*:Enabled:NortonAV "14458:TCP" = 14458:TCP:*:Enabled:NortonAV "13981:TCP" = 13981:TCP:*:Enabled:NortonAV "13110:TCP" = 13110:TCP:*:Enabled:NortonAV "17838:TCP" = 17838:TCP:*:Enabled:NortonAV "18070:TCP" = 18070:TCP:*:Enabled:NortonAV "17264:TCP" = 17264:TCP:*:Enabled:NortonAV "13176:TCP" = 13176:TCP:*:Enabled:NortonAV "18866:TCP" = 18866:TCP:*:Enabled:NortonAV "18063:TCP" = 18063:TCP:*:Enabled:NortonAV "18952:TCP" = 18952:TCP:*:Enabled:NortonAV "18480:TCP" = 18480:TCP:*:Enabled:NortonAV "15441:TCP" = 15441:TCP:*:Enabled:NortonAV "13552:TCP" = 13552:TCP:*:Enabled:NortonAV "14838:TCP" = 14838:TCP:*:Enabled:NortonAV "12380:TCP" = 12380:TCP:*:Enabled:NortonAV "18021:TCP" = 18021:TCP:*:Enabled:NortonAV "15354:TCP" = 15354:TCP:*:Enabled:NortonAV "13986:TCP" = 13986:TCP:*:Enabled:NortonAV "18005:TCP" = 18005:TCP:*:Enabled:NortonAV "14112:TCP" = 14112:TCP:*:Enabled:NortonAV "16517:TCP" = 16517:TCP:*:Enabled:NortonAV "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "E:\AdobeR.exe" = E:\AdobeR.exe:*:Disabled:AdobeR "C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe" = C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0 -- (Aapie.Net) "C:\Documents and Settings\iowa\Local Settings\Temporary Internet Files\Content.IE5\LSG39DG9\installer-9093-17-Nero-7-7-5-9-0-French[1].exe" = C:\Documents and Settings\iowa\Local Settings\Temporary Internet Files\Content.IE5\LSG39DG9\installer-9093-17-Nero-7-7-5-9-0-French[1].exe:*:Enabled:installer-9093-17-Nero-7-7-5-9-0-French[1] "C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe "C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe "C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe "C:\Program Files\BitTorrent_DNA\dna.exe" = C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:DNA "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent "C:\Program Files\Giganology\Gigaget\Gigaget.exe" = C:\Program Files\Giganology\Gigaget\Gigaget.exe:*:Enabled:Gigaget -- (Giganology Inc.) "C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager "C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi "C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin "C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd) "C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.) "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb "C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player "{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}" = Atheros Wireless LAN MiniPCI card Driver "{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panneau de contrôle ATI "{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar) "{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar) "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 24 "{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2 "{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{38DEDC0E-1584-4073-8278-61CCF78EFA1F}" = Avi Info Tooltip "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3EB6332B-AF02-457C-A31C-835458C5B48B}" = Manuels TOSHIBA "{40F7DDA6-F115-1517-2E8B-C509137F6D3D}" = Marc Ecko's Getting Up - Contents Under Pressure "{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update "{58E653BE-BD68-4D68-BB2E-3AE1B925AAD0}" = Labtec WebCam "{5AFA4872-16B2-419E-ADCA-8E96E739115D}" = Music Manager "{5D112C61-C8D0-4718-8DD7-B9115EB9AF90}" = LogMeIn "{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch "{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA "{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility "{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{6D7F8D4B-D1A4-402A-973E-31E90940E585}" = OneCare Advisor (Windows Live Toolbar) "{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar) "{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}" = Atheros Client Utility "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar "{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = Son virtuel TOSHIBA "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA "{91A1040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003 "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO HD Edition "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar) "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = Commandes TOSHIBA "{AC76BA86-7AD7-1036-7B44-A71000000002}" = Adobe Reader 7.1.0 - Français "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{E916E61F-DE9D-4EAF-91E1-CEB50016326A}" = Navigation par onglets (Windows Live Toolbar) "{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "7-Zip" = 7-Zip 4.57 "8461-7759-5462-8226" = Vuze "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "All ATI Software" = ATI - Utilitaire de désinstallation du logiciel "ATI Display Driver" = ATI Display Driver "AVG9Uninstall" = AVG Free 9.0 "AX-Cursors 4.5" = Axialis AX-Cursors 4.5 "CCleaner" = CCleaner "eMule" = eMule "Freecorder Toolbar" = Freecorder Toolbar "Freecorder Toolbar3.03" = Freecorder Toolbar 3.03 Application "Freecorder4.0" = Freecorder 4.0 Application "gigaget_is1" = Gigaget "Google Updater" = Outil de mise à jour Google "HijackThis" = HijackThis 2.0.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 "LabtecDrv" = Programme de gestion Camera de Logitech® "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSNINST" = MSN "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OpenAL" = OpenAL "Outil de diagnostic PC" = Outil de diagnostic PC TOSHIBA "PokerStars.fr" = PokerStars.fr "Power Saver" = Gestion d'énergie TOSHIBA "Spotify" = Spotify "Syncrosoft's License Control" = Le Centre de Contrôle de Licences de Syncrosoft "SynTPDeinstKey" = Synaptics Pointing Device Driver "TOSHIBA Software Modem" = TOSHIBA Software Modem "VLC media player" = VLC media player 0.9.9 "Vuze_Remote Toolbar" = Vuze_Remote Toolbar "WIC" = Windows Imaging Component "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Installation Windows Live "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XP Codec Pack" = XP Codec Pack "YInstHelper" = Yahoo! Install Manager ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Notification de cadeaux MSN" = Notification de cadeaux MSN "Winamp Detect" = Détection de l'application Winamp ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > Wow,ça fait peur tout ça !! xD Bonne "lecture" et merci encore !! -
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
Salut Lance_yien, Wep j'ai bien utilisé Internet Explorer,j'ai essayé de nouveau mais toujours pareil...le bouton accept ne se met pas en surbrillance et je suis censé installé Java,ce qui est déjà fait normalement...enfin,passons,donc voici le premier rapport: OTL logfile created on: 24/02/2011 01:51:00 - Run 1 OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\iowa\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 446,00 Mb Total Physical Memory | 172,00 Mb Available Physical Memory | 39,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): C:\pagefile.sys 0 0F:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 38,28 Gb Total Space | 1,09 Gb Free Space | 2,84% Space Free | Partition Type: NTFS Drive F: | 54,88 Gb Total Space | 36,45 Gb Free Space | 66,42% Space Free | Partition Type: NTFS Computer Name: YOUR-A734457C79 | User Name: iowa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/02/24 01:26:05 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iowa\Bureau\OTL.exe PRC - [2010/12/15 14:10:43 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe PRC - [2010/11/24 14:01:33 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe PRC - [2010/11/24 13:52:44 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe PRC - [2010/09/28 08:30:12 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe PRC - [2010/07/16 12:17:22 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe PRC - [2010/07/16 12:16:50 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe PRC - [2010/07/16 12:16:03 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2009/11/15 21:59:11 | 000,158,752 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Freecorder\FLVSrvc.exe PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/01/30 18:36:14 | 000,044,176 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe PRC - [2008/07/07 07:15:18 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/10/11 07:46:14 | 000,121,344 | ---- | M] (ArcSoft) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2007/10/11 07:45:56 | 000,051,712 | ---- | M] (ArcSoft) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2007/10/11 07:45:52 | 000,031,232 | ---- | M] (ArcSoft) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2007/06/15 11:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe PRC - [2005/08/10 10:15:50 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe PRC - [2005/07/07 23:13:14 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe PRC - [2005/04/11 16:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2005/01/18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe ========== Modules (SafeList) ========== MOD - [2011/02/24 01:26:05 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iowa\Bureau\OTL.exe MOD - [2011/02/23 15:11:33 | 000,012,800 | ---- | M] (Applian Technologies, Inc.) -- C:\Documents and Settings\iowa\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009/07/12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll MOD - [2008/04/13 18:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2007/02/05 14:39:22 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll MOD - [2006/11/03 19:20:00 | 000,083,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpShHook.dll MOD - [2003/10/03 12:21:22 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2010/12/15 14:11:06 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint) SRV - [2010/12/15 14:10:56 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn) SRV - [2010/12/15 14:10:43 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2010/07/16 12:16:50 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/07/07 07:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2007/10/11 07:45:56 | 000,051,712 | ---- | M] (ArcSoft) [Auto | Running] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2007/06/15 11:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen) SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2005/08/10 10:15:50 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV) SRV - [2005/07/07 23:13:14 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS) SRV - [2005/01/18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2010/12/15 14:10:46 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2010/07/16 12:17:38 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010/07/16 12:16:18 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010/06/03 08:23:35 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010/05/31 11:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo) DRV - [2010/05/31 11:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2008/04/13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2007/11/12 05:17:55 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007/11/02 11:47:38 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdm.sys -- (s916mdm) DRV - [2007/11/02 11:47:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mgmt.sys -- (s916mgmt) Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM) DRV - [2007/11/02 11:47:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916obex.sys -- (s916obex) DRV - [2007/11/02 11:47:38 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916bus.sys -- (s916bus) Sony Ericsson Device 916 driver (WDM) DRV - [2007/11/02 11:47:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s916mdfl.sys -- (s916mdfl) DRV - [2006/11/24 18:54:56 | 000,162,432 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ithsgt.sys -- (ithsgt) DRV - [2006/11/24 18:54:56 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lilsgt.sys -- (lilsgt) DRV - [2006/02/20 18:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv) DRV - [2005/11/30 11:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2005/11/19 02:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50) DRV - [2005/11/15 17:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005/11/11 00:44:12 | 004,064,256 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005/10/20 14:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD) DRV - [2005/09/12 19:08:30 | 000,468,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211) DRV - [2005/08/04 06:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/08/01 05:10:00 | 000,092,700 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005/08/01 05:10:00 | 000,087,004 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005/08/01 05:10:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005/08/01 05:10:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005/08/01 05:10:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005/08/01 05:10:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005/08/01 05:10:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005/07/28 03:30:00 | 000,088,704 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2005/07/07 09:03:34 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005/07/07 09:02:56 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005/07/07 05:10:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2005/03/04 19:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2004/11/29 19:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2004/11/25 17:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2004/10/14 23:14:04 | 000,185,728 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) DRV - [2004/05/13 14:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004/05/13 12:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004/01/21 02:14:46 | 000,005,915 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter) DRV - [2004/01/21 02:14:42 | 000,271,360 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0) DRV - [2003/12/01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003/09/19 01:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003/09/10 23:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003/09/06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003/06/02 15:28:02 | 000,040,060 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ulink.sys -- (Usblink) DRV - [2003/01/29 22:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) DRV - [2002/09/16 17:07:24 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv) DRV - [2002/07/17 09:05:10 | 000,016,512 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = MSN.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Google Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 79 C5 AC 67 D3 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.selectedEngine: "Bing" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.ecofree.org/" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872 FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4 FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIAWB1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 13:56:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/29 01:00:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/03 18:08:49 | 000,000,000 | ---D | M] [2008/12/20 21:05:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iowa\Application Data\Mozilla\Extensions [2011/02/23 00:41:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions [2010/08/22 13:18:50 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} [2010/05/30 22:38:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/12/05 10:42:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/08/22 13:19:02 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2010/09/10 18:02:41 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9} [2011/02/23 03:21:23 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\searchplugins\bing.xml [2011/02/22 01:50:47 | 000,001,425 | ---- | M] () -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\searchplugins\ecofreeorg---france.xml [2007/07/24 13:56:37 | 000,001,830 | ---- | M] () -- C:\Documents and Settings\iowa\Application Data\Mozilla\Firefox\Profiles\l0xrfuwj.default\searchplugins\LiveSearch.xml [2011/02/23 03:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2007/05/14 10:31:14 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/01/03 18:08:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/02/23 03:05:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010/11/24 13:56:47 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX [2011/02/23 03:05:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/02/23 03:05:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/07/12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll [2010/10/21 13:09:54 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/10/21 13:09:54 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/10/21 13:09:54 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2006/09/10 12:35:08 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml [2010/10/21 13:09:55 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/10/21 13:09:55 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2004/08/05 12:00:00 | 000,000,765 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found O2 - BHO: (GigagetIEHelper Class) - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll (Giganology Inc.) O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) O2 - BHO: (Winamp Toolbar BHO) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.) O4 - HKLM..\Run: [iSUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe (Panasonic Corporation) O4 - Startup: C:\Documents and Settings\iowa\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getAllurl.htm () O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm () O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui (Microsoft Corporation) O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui (Microsoft Corporation) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: secuser.com ([www] http in Trusted sites) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer) O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab (CBreakshotControl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\iowa\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\iowa\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/12/09 07:03:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{043a218d-f1d2-11db-a3fc-0011f5df645d}\Shell\Auto\command - "" = RavMonE.exe e O33 - MountPoints2\{043a218d-f1d2-11db-a3fc-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e O33 - MountPoints2\{14f3f19a-294d-11df-a95c-0011f5df645d}\Shell\AutoRun\command - "" = SamsungSoftware\APPInst.exe O33 - MountPoints2\{231bbb28-ff9c-11db-a427-0011f5df645d}\Shell\Auto\command - "" = AdobeR.exe e O33 - MountPoints2\{231bbb28-ff9c-11db-a427-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{36fac9b2-f056-11dc-a5f7-0011f5df645d}\Shell\Auto\command - "" = AdobeR.exe e O33 - MountPoints2\{36fac9b2-f056-11dc-a5f7-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{3efff826-2633-11de-a7d2-0011f5df645d}\Shell\Auto\command - "" = E:\AdobeR.exe e O33 - MountPoints2\{3efff826-2633-11de-a7d2-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\Shell - "" = AutoRun O33 - MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\Shell\1\Command - "" = RECYCLER\RECYCLER\autorun.exe O33 - MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\Shell\2\Command - "" = RECYCLER\RECYCLER\autorun.exe O33 - MountPoints2\{65dc4288-fba4-11dd-a797-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\RECYCLER\autorun.exe O33 - MountPoints2\{65f340a6-6e78-11dc-a51c-0011f5df645d}\Shell\Auto\command - "" = AdobeR.exe e O33 - MountPoints2\{65f340a6-6e78-11dc-a51c-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{82ec2860-fc02-11da-a087-0011f5df645d}\Shell\Auto\command - "" = AdobeR.exe e O33 - MountPoints2\{82ec2860-fc02-11da-a087-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{83ce6e50-da6c-11dd-a771-0011f5df645d}\Shell\AutoRun\command - "" = cold\hott\raidhost.exe O33 - MountPoints2\{83ce6e50-da6c-11dd-a771-0011f5df645d}\Shell\Explore\Command - "" = cold\hott\raidhost.exe O33 - MountPoints2\{83ce6e50-da6c-11dd-a771-0011f5df645d}\Shell\open\command - "" = cold\hott\raidhost.exe O33 - MountPoints2\{8df0509e-a182-11db-a2e9-0011f5df645d}\Shell\Auto\command - "" = E:\AdobeR.exe e O33 - MountPoints2\{8df0509e-a182-11db-a2e9-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{91021662-abe3-11dc-a593-0011f5df645d}\Shell\Auto\command - "" = G:\AdobeR.exe e O33 - MountPoints2\{91021662-abe3-11dc-a593-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{a262d41e-0ea5-11e0-aa8e-0011f5df645d}\Shell\AutoRun\command - "" = E:\Toshiba\Launcher\start.exe O33 - MountPoints2\{d5d2d4a7-d6bf-11da-986b-0011f5df645d}\Shell\Auto\command - "" = E:\AdobeR.exe e O33 - MountPoints2\{d5d2d4a7-d6bf-11da-986b-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{eb802be6-0d32-11dc-a458-0011f5df645d}\Shell\Auto\command - "" = AdobeR.exe e O33 - MountPoints2\{eb802be6-0d32-11dc-a458-0011f5df645d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e O33 - MountPoints2\{f00c7b60-da11-11da-9ff5-0011f5df645d}\Shell\AutoRun\command - "" = .pspware\PSPWareLauncher.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.at3 - C:\WINDOWS\System32\atrac3.acm () Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax () Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17183528496136192) ========== Files/Folders - Created Within 30 Days ========== [2011/02/24 01:25:59 | 000,577,024 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\iowa\Bureau\OTL.exe [2011/02/23 03:57:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iowa\Menu Démarrer\Programmes\Accessoires [2011/02/23 03:41:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2011/02/23 03:05:46 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011/02/23 03:05:44 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/02/23 03:05:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/02/23 03:05:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011/02/23 02:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iowa\Application Data\PriceGong [2011/02/23 01:58:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iowa\Local Settings\Application Data\ConduitEngine [2011/02/23 01:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2011/02/22 15:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iowa\Application Data\Malwarebytes [2011/02/22 14:59:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/02/22 14:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware [2011/02/22 14:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/02/22 14:59:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/02/22 14:59:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/02/22 14:52:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\iowa\Recent [2011/02/22 14:03:21 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\iowa\Bureau\mbam-setup.exe [2011/02/07 22:14:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner [2011/02/07 21:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance [2011/02/07 21:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iowa\Local Settings\Application Data\Microsoft Corporation [2011/02/07 20:05:40 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe [2008/03/26 22:00:31 | 009,085,384 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp552_full_emusic-7plus_fr-fr.exe [2005/12/09 10:02:57 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll [2004/11/24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 F:\*.tmp files -> F:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/02/24 01:26:05 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iowa\Bureau\OTL.exe [2011/02/23 21:25:23 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/02/23 15:24:40 | 071,633,245 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2011/02/23 15:10:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/02/23 15:10:28 | 467,914,752 | -HS- | M] () -- C:\hiberfil.sys [2011/02/23 06:06:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/02/23 03:58:00 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\iowa\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2011/02/23 03:34:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/02/23 03:21:24 | 000,001,081 | ---- | M] () -- C:\Documents and Settings\iowa\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk [2011/02/23 03:05:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011/02/23 03:05:08 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/02/23 03:05:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/02/23 03:05:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011/02/23 03:05:08 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011/02/22 14:59:44 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/02/22 14:09:02 | 000,879,047 | ---- | M] () -- C:\Documents and Settings\iowa\Bureau\SecurityCheck.exe [2011/02/22 14:08:43 | 000,721,253 | ---- | M] () -- C:\Documents and Settings\iowa\Bureau\rkill.exe [2011/02/22 14:05:34 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\iowa\Bureau\mbam-setup.exe [2011/02/19 19:35:40 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/02/10 13:01:53 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/02/10 02:20:29 | 000,191,253 | ---- | M] () -- C:\Documents and Settings\iowa\Bureau\les-simpsons.jpg [2011/02/07 22:14:40 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk [2011/02/07 20:01:30 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe [2011/01/25 16:43:38 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\iowa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 F:\*.tmp files -> F:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/02/23 03:58:00 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\iowa\Menu Démarrer\Programmes\Internet Explorer.lnk [2011/02/23 03:44:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/02/23 03:21:24 | 000,001,081 | ---- | C] () -- C:\Documents and Settings\iowa\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk [2011/02/22 14:59:44 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2011/02/22 14:08:49 | 000,879,047 | ---- | C] () -- C:\Documents and Settings\iowa\Bureau\SecurityCheck.exe [2011/02/22 14:08:30 | 000,721,253 | ---- | C] () -- C:\Documents and Settings\iowa\Bureau\rkill.exe [2011/02/10 02:20:21 | 000,191,253 | ---- | C] () -- C:\Documents and Settings\iowa\Bureau\les-simpsons.jpg [2011/02/07 22:14:39 | 000,000,686 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk [2011/01/25 16:43:38 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\iowa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/11/02 19:05:33 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/07/01 00:57:34 | 000,039,712 | ---- | C] () -- C:\WINDOWS\System32\ASL.dll [2010/05/17 00:31:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhEdit.INI [2010/05/16 20:51:43 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2010/02/10 12:24:34 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2010/01/21 20:41:41 | 000,003,247 | ---- | C] () -- C:\Documents and Settings\iowa\Local Settings\Application Data\hbbded.dat [2009/11/28 01:12:54 | 000,038,434 | ---- | C] () -- C:\Documents and Settings\iowa\Local Settings\Application Data\kpaqca.exe [2008/12/02 23:41:44 | 014,618,605 | ---- | C] () -- C:\Program Files\vlc-0.9.6-win32.exe [2008/10/10 16:39:26 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI [2008/06/17 11:26:50 | 000,105,234 | ---- | C] () -- C:\Program Files\gwsetup.zip [2008/06/10 17:46:04 | 002,202,112 | ---- | C] () -- C:\Program Files\setup.exe [2008/06/10 17:46:04 | 000,000,305 | ---- | C] () -- C:\Program Files\AIDE.txt [2008/04/24 11:31:11 | 002,729,472 | ---- | C] () -- C:\WINDOWS\System32\fun_avcodec.dll [2008/04/24 11:31:11 | 000,827,392 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4System.dll [2008/04/24 11:31:11 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4Tools.dll [2008/04/24 11:31:11 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4DSF.dll [2008/04/24 11:31:10 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\AMR.dll [2008/04/24 11:31:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\EvrcDecDll.dll [2008/04/24 11:31:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\AMRDSF.dll [2008/04/09 13:23:18 | 000,408,576 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll [2008/04/09 13:23:13 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2007/11/18 22:51:14 | 003,534,848 | ---- | C] () -- C:\WINDOWS\System32\engine.dll [2007/11/12 05:17:54 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2007/10/24 21:55:13 | 000,000,102 | ---- | C] () -- C:\WINDOWS\Mr-Gooochie.Ini [2007/10/24 14:29:11 | 000,626,688 | ---- | C] () -- C:\WINDOWS\System32\CBMSchpr.dll [2007/09/16 16:50:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2007/09/11 18:20:05 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2007/08/04 21:35:26 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007/04/07 18:28:56 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll [2007/04/06 16:43:24 | 000,012,208 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2007/04/06 16:43:24 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\7B84DB5851.sys [2007/04/06 16:40:51 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2007/04/06 16:40:51 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\UNRAR.DLL [2007/04/06 16:40:51 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2007/04/06 16:40:51 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\VORBIS.DLL [2007/04/06 16:40:51 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\OGG.DLL [2007/04/03 10:09:47 | 000,000,052 | ---- | C] () -- C:\WINDOWS\dial-messenger.ini [2007/02/05 14:47:48 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2007/02/05 14:47:48 | 000,016,704 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2007/02/05 14:47:40 | 000,016,042 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2006/12/27 15:20:00 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS66.DLL [2006/11/24 18:54:56 | 000,162,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\ithsgt.sys [2006/11/24 18:54:56 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\lilsgt.sys [2006/11/10 16:31:36 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI [2006/09/07 19:48:38 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\iowa\Application Data\wklnhst.dat [2006/08/31 18:39:50 | 000,017,191 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2006/08/31 18:39:29 | 000,000,256 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2006/08/02 00:23:08 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2006/06/15 12:26:52 | 000,040,060 | ---- | C] () -- C:\WINDOWS\System32\drivers\ulink.sys [2006/05/22 13:21:39 | 000,000,018 | ---- | C] () -- C:\WINDOWS\cnc.ini [2006/05/22 12:09:27 | 000,000,164 | ---- | C] () -- C:\WINDOWS\gfscore.ini [2006/05/22 12:07:53 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini [2006/05/22 12:00:37 | 000,000,087 | ---- | C] () -- C:\WINDOWS\chiffres.ini [2006/05/22 10:10:20 | 000,000,179 | ---- | C] () -- C:\WINDOWS\cncscore.ini [2006/05/22 10:01:31 | 000,000,560 | ---- | C] () -- C:\Program Files\Global.sw [2006/05/04 20:28:39 | 000,000,016 | -H-- | C] () -- C:\Program Files\mxfilerelatedcache.mxc2 [2006/04/25 22:18:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI [2006/04/25 22:18:24 | 000,000,355 | ---- | C] () -- C:\WINDOWS\BeatBox.INI [2006/04/25 20:33:31 | 000,000,263 | ---- | C] () -- C:\WINDOWS\musicmaker.INI [2006/04/25 20:27:15 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll [2006/04/25 20:21:56 | 000,002,813 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2006/04/25 19:26:20 | 000,202,240 | ---- | C] () -- C:\Documents and Settings\iowa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/04/25 15:38:53 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\iowa\Local Settings\Application Data\fusioncache.dat [2005/12/09 11:59:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/12/09 11:18:05 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/12/09 10:25:35 | 000,000,270 | ---- | C] () -- C:\WINDOWS\wininit.ini [2005/12/09 10:15:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005/12/09 10:15:14 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005/12/09 10:15:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005/12/09 10:15:14 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005/12/09 10:15:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005/12/09 10:15:14 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005/12/09 10:13:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2005/12/09 10:08:08 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys [2005/12/09 10:08:08 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2005/12/09 10:02:57 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2005/12/09 10:01:13 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2005/12/09 10:01:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2005/12/09 10:01:13 | 000,010,177 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2005/12/09 10:01:13 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2005/12/09 09:56:39 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2005/12/09 07:55:52 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/12/09 07:06:09 | 000,000,931 | ---- | C] () -- C:\WINDOWS\orun32.ini [2005/12/09 06:49:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2005/12/09 06:49:12 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/11/11 22:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/03/14 13:38:28 | 000,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2004/10/12 07:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2004/10/12 07:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2004/10/12 07:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2004/10/09 07:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2004/10/05 09:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2004/10/03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2003/11/08 20:16:56 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SAA.dll [2003/09/25 18:48:36 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SAAPlug.dll [2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001/12/02 16:00:55 | 000,285,696 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll [1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll [1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/11/12 03:39:42 | 000,001,024 | ---- | M] () -- C:\.rnd [2006/12/04 19:11:40 | 000,000,040 | ---- | M] () -- C:\Auth.prof [2005/12/09 07:03:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010/07/01 00:16:26 | 000,608,256 | ---- | M] () -- C:\blackra1n.exe [2010/07/01 00:47:21 | 000,000,064 | ---- | M] () -- C:\blackra1n.log [2009/07/27 20:09:41 | 000,000,216 | RHS- | M] () -- C:\boot.ini [2004/08/05 12:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2005/12/09 07:03:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010/06/30 04:29:15 | 000,000,000 | ---- | M] () -- C:\conmgr.log [2011/02/23 15:10:28 | 467,914,752 | -HS- | M] () -- C:\hiberfil.sys [2005/12/09 07:03:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2008/12/30 03:07:38 | 000,000,000 | ---- | M] () -- C:\log_lobby.txt [2008/12/30 03:07:38 | 000,000,000 | ---- | M] () -- C:\log_lobby_dumper.txt [2005/12/09 07:03:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006/05/04 20:28:46 | 000,000,016 | -H-- | M] () -- C:\mxfilerelatedcache.mxc2 [2004/08/05 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/10/15 14:20:25 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/02/23 15:10:26 | 701,767,680 | -HS- | M] () -- C:\pagefile.sys [2007/09/11 16:46:57 | 000,005,173 | ---- | M] () -- C:\resultat.txt [2011/02/22 14:56:33 | 000,000,405 | ---- | M] () -- C:\rkill.log [2009/02/04 21:27:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2007/05/01 21:34:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2007/05/02 05:20:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2007/05/02 10:52:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2007/08/19 23:30:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm [2007/08/20 18:30:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm [2007/08/20 23:47:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm [2007/08/21 18:18:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm [2007/08/21 21:34:38 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm [2007/08/22 12:07:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm [2007/08/22 18:09:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm [2007/08/22 22:16:52 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm [2007/08/23 11:23:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm [2007/08/24 14:47:02 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm [2007/09/02 01:29:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm [2007/09/05 03:57:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm [2008/02/14 17:15:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm [2008/02/29 15:26:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm [2008/08/09 12:48:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm [2009/02/04 21:24:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm [2009/02/04 21:27:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2007/05/01 21:34:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2007/05/02 05:20:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2007/05/02 10:52:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2007/08/19 23:30:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2007/08/20 18:30:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2007/08/20 23:47:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm [2007/08/21 18:18:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2007/08/21 21:34:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm [2007/08/22 12:07:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2007/08/22 18:09:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2007/08/22 22:16:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2007/08/23 11:23:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2007/08/24 14:47:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2007/09/02 01:29:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2007/09/05 03:57:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2008/02/14 17:15:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2008/02/29 15:26:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2008/08/09 12:48:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2009/02/04 21:24:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm [2005/12/16 14:30:57 | 000,000,176 | -H-- | M] () -- C:\SWSTAMP.TXT [2009/01/15 05:46:22 | 000,139,284 | ---- | M] () -- C:\wmdm.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2005/12/09 07:54:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2005/12/09 07:54:27 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2005/12/09 07:54:26 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-02-23 05:06:38 ========== Alternate Data Streams ========== @Alternate Data Stream - 68 bytes -> C:\WINDOWS\winhelp.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuaueng1.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauclt1.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VSFilter.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TSBWLS.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TPwrReg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TPSMainCtl.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TPSMain.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TPSBattM.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TPeculiarity.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TOSCDSPD.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TCtrlIO.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TCtrlCommon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TCMSVR.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tapiperf.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SynTPFcs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SynTPAPI.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SynCOM.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sstunst2.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sstunins.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\RTSndMgr.Cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvpperf.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\redir.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\RealMediaSplitter.ax:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasmontr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasctrs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qttask.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\QCUI2.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pschdprf.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pifmgr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\perfts.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oggsplitter.ax:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntsdexts.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ncxpnt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ncpa.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mscomctl.ocx:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mscdexnt.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpg4c32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Mfc42loc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcicda.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcd32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MatroskaSplitter.ax:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Ltkrn12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Ltimg12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Ltfil12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Ltefx12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Ltdis12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LQCUI2.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logoxp.jpg:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LMRTREND.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\libmplayer.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\libavcodec.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lftif12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lffax12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Lfcmp12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfbmp12n.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LCamCpl.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdfr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kb16.com:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\IVIresizeA6.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iuengine.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipxpromn.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipxmontr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcplc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HWSETUP.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetmon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\himem.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\geo.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ffdshow.ax:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\WOWHD_kern_i386.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ulink.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\Tvs.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\SynTP.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfsync02.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfhlp02.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfhlp01.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfdrv01.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\Rtlnicxp.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\RTL8139.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\prosync1.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\prohlp02.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\prodrv06.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\pciide.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\Netdevio.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\NBSMI.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\lv302af.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\lilsgt.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ithsgt.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\ftdisk.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Drivers\DRVMCDB.SYS:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\DLACDBHM.SYS:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ativvpxx.vp:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ativckxx.vp:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ativcaxx.vp:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ativcaxx.cpa:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati2mtag.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ar5211.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AGRSM.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AegisP.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DLLRES32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DLLIO32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DLLDRV32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DLLDEV32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrg.msc:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dbgeng.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dxof.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3drm.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dim.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CpuPerf.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CoreVorbis.ax:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\control.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\command.com:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CNMVS66.DLL:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CNMLM66.DLL:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CmdLineExt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CamCpl.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28591.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\AviSplitter.ax:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Audiodev.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativvaxx.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atitvo32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atipdlxx.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atioglxx.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atikvmag.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atiicdxx.dat:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati3duag.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2dvag.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2cqag.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\athcfg11ResLoc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\athcfg11res.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ALSndMgr.Cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\AddRemove.ico:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acs.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acelpdec.ax:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ac3filter.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\SoundMan.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\RTHDCPL.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\p_981116.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\IsUninst.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\alcwzrd.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\Alcmtr.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\_default.pif:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Program Files\mxfilerelatedcache.mxc2:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\iowa\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\iowa\Application Data\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Documents\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Application Data\desktop.ini:KAVICHS @Alternate Data Stream - 36 bytes -> F:\ElbyCDIO.dll:KAVICHS @Alternate Data Stream - 36 bytes -> F:\Copie de desktop.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\www.soyabean.com.scr:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\wmprfFRA.prx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt256.bmp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt.bmp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\wininit.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\vmmreg32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\vbaddin.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\vb.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\unin040c.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_16.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\TWallEx43_169.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\TVersion.xml:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\TOSHIBA Satellite.bmp.169:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\TLocationShortCut.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\TASKMAN.EXE:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\XMNT2002.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xenroll.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshnetbs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshisn.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshatm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\write.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdtrace.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfaxui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfax.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowdeb.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8dmoe.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpns.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcore.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcd.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmp.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiprop.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmimgmt.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmidx.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmerrFRA.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmaudsdk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\WISPTIS.EXE:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winstrm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winspool.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winsock.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winoldap.mod:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win87em.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavusd.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wgapiloc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wgapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webhits.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webfldrs.msi:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdl.trm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wcapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.sve:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.nld:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.ita:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.fra:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.esn:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.enu:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.deu:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.sve:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.nld:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.ita:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.fra:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.esn:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.enu:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.deu:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w95inf32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w95inf16.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32topl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32tm.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vxdmdcdlg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssadmin.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vjoy.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vidx16.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ver.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VEN2232.OLB:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vcdex.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbsfr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAME.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAFR32.OLB:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vatee.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\v7vga.rom:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvpa.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvoica.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv80a.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv42a.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsvpia.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrshuta.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsdpia.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrrtosa.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrprbda.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrmlnka.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlogon.cmd:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlbva.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrfaxa.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdtea.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdpa.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcoina.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcntra.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ureg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unlodctr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unam4ie.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ufat.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typelib.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TTIC32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TTI32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsshutdn.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskill.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsdiscon.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscupgrd.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscon.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsappcmp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert6.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TPwrSave.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TPSDel.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TPSAddin.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tosmreg.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tosmreg.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Toshiba.cab:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ToshBIOS.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\toolhelp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tm20dec.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tftp.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\telephon.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcmsetup.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskman.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systray.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprtj.sep:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprint.sep:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syskey.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SYSINFO.OCX:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysedit.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SynTPCo2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SynCtrl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncapp.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\swprv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\svcpack.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subst.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subrange.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\streamci.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\storage.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwoa.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwid.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spxcoins.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio800.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio600.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprestrt.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnike.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbrccsp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbcsp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skdll.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sisbkup.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sipr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shiftjis.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shellstyle.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\share.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shadow.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfmapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setver.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setupdll.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.bmp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SET78.flv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SET66.flv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serwvdrv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\services.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serialui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\senscfg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdpblb.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrnfr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scredir.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SCP32.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scofr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccbase.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardssp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rwinsta.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rv40.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rv30.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rv20.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rv10.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runas.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RtlCPAPI.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpmsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpcnts.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmui.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmsink.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsm.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsaci.rat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rpcns4.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routetab.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routemon.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\route.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ROBOEX32.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rnr20.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RmWLAN.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RLTTADec.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RLOFRDec.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\results.txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reset.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\replace.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rend.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwiz.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regini.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regedt32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\recover.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\record.flv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpcfgex.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RDOCURS.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasser.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasrad.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmxs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasdial.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrnm.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasautou.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qwinsta.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\QuickTime.qtp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\quartz.vxd:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\QTPlugin.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qosname.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qcut.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qappsrv.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pxwma.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pxinsi64.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pxcpyi64.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pubprn.vbs:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psnppagn.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pscript.sep:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdcnt.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prodspec.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\print.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prflbmsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmspl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plustab.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\PlugPlayPCIDevice.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping6.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi00C.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi009.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd00C.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd009.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pentnt.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pcl.sep:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pathping.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\paqsp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\panmap.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OUTLPERF.INI:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OUTLPERF.H:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OptimFROG.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2nls.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2disp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Oemdspif.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc16gt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsd.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsoprq.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsevt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio804.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio412.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio411.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio404.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntimage.gif:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos804.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos412.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos411.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos404.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\npwmsdrm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Npindeo.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.tha:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.nld:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.ita:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.fra:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.esn:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.enu:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.eng:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.deu:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.cht:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.chs:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmevtmsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlsfunc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\neth.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.hlp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nbtstat.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrhook.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4r.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4a.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2r.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvideo.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcrt20.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp50.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswchx.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswch.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTKPRP.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTDFMT.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssip32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrecr40.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRDO20.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrclr40.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msratelc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2cenu.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2c.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSPRPFR.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msports.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msobjs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msencode.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.h:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscat32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaudite.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msacm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaatext.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mrinfo.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprmsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprddm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpnotify.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mountvol.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\modex.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mode.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmutilse.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmtask.tsk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdriver.inf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_qic.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_mtf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_hp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\migpwd.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mib.bin:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mgxoschk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mgxcdr.txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mgxasio.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFCFirstRemove.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42FRA.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc40loc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mem.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdwmdmsp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdhcp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciqtz.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole16.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciavi.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mchgrcoi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcdsrv32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapistub.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mag_hook.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lzexpand.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LVUI2RC.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LVUI2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Lvkrn12n.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LVComS.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LVComC.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lvcoinst.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lvcoinst.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lvcodec2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lusrmgr.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LuResult.txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ltscr12n.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ltocx12n.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprmonui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpq.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LoopyMusic.wav:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logoff.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loghours.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lodctr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loadfix.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lnkstub.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lanman.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\langwrbk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\label.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_except.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\korean.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\key01.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduzb.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusx.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdur.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuq.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtat.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsw.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdro.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpo.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdno.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdne.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmac.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdla.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkyr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkaz.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit142.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdir.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdic.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhept.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela3.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe319.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe220.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgkl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgae.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfo.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdest.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdes.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbddv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdda.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcan.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdca.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbu.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdblr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbene.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbe.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdazel.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdaze.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\KBDAL.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_2.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_1.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jobexec.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsh400.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsd400.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgmd400.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgaw400.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jet500.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Iyvu9_32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeW7.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizePX.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeP6.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeM6.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irclass.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxsap.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrtmgr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrip.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsec6.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtprio.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iologmsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\instcat.sql:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\InstallInf.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\INKED.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\infosoft.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\INETWH32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\indounin.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ideograf.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassvcs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassdo.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassam.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrecst.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iaspolcy.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasnap.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iashlpr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasads.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasacct.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hxltcolor.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HtmlWH.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hostname.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\homepage.inf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hlp95en.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HdAudRes.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HdAShCut.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HdAProp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.pro:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graftabl.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\GplMpgDec.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gplmpg.reg:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkcsp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\glmf32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\getuname.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gcdef.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gb2312.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\g711codc.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftsrch.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsutil.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsusd.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsmgmt.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fixmapi.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\finger.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\find.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ffdshow.en:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ffdshow.ax.manifest:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ff_x264.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ff_wmv9.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ff_theora.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ff_mpeg2enc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fastopen.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expand.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\exe2bin.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcls.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eula.txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentutl.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.hxx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esent97.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EqnClass.Dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\emptyregdb.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edlin.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.hlp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dxtmsft3.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdplay.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dtsac3source.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.vxd:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsauth.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ds16gt.dLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwatson.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drv2.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drv1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drmstor.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ws2ifsl.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vdmindvd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tsbvcap.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tosdvd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\StMp3Rec.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\smclib.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\RTHDAEQ1.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\RTHDAEQ0.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rootmdm.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\riodrv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rio8drv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rawwan.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\PQNTDRV.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkspx.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnknb.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nikedrv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mcd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\M5633.bin:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\LVUSBSta.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\LV302AV.SYS:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\Hdaudio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gmreadme.txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fsvga.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\enum1394.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\DRVNDDM.SYS:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\DLARTL_N.SYS:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cpqdap01.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cinemst2.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cbidf2k.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmuni.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmepvc.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ati2erec.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpserial.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnwsock.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnmodem.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dplay.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\doskey.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\docprop.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmview.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdskres.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmconfig.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLTPO32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLRD32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLPTL32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLPRJ32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLPRF32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLPNT32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLMSC32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLIX.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLISO32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLIMG32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhst3g.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLDIR32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLCPY32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLCDF32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLCDA32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuaueng1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpcore.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpcd.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmp.ocx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mouhid.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\migrate.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iuengine.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\drmstor.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\drmclien.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLAV32.lib:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLLAV32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DLAAPI_W.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskperf.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskmgmt.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcopy.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcomp.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dimap.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diactfrm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgsetup.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskperf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskmon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskadp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DelRunOnceReg.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\debug.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddeml.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dramp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctl3d32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\csseqchk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cseltbl.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\csellang.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\csellang.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cselect.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\crtdll.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CoreFLACDecoder.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cook.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\convert.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ControlWZCS.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\console.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\system.sav:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\software.sav:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\default.sav:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compobj.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compmgmt.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compact.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comp.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnvfat.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnetcfg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CNCS32.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cncs232.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmpbk32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmos.ram:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CloseACU.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.rll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconf.chm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clb.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ckcnv.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cidaemon.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadv.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadmin.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkntfs.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkdsk.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chcp.com:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ChCfg.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Chaînes.scf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\certmgr.msc:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cdxareader.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cdmodem.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ccfgnt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cards.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\capicom.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_950.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_949.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_936.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_932.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_875.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_874.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_869.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_866.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_865.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_863.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_861.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_860.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_857.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_855.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_852.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_850.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_775.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_737.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_500.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_437.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28605.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28603.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28599.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28598.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28597.NLS:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28595.NLS:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28594.NLS:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28593.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28592.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_21866.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20905.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20866.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20261.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20127.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1258.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1257.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1256.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1255.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1254.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1026.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10082.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10081.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10079.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10029.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10017.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10010.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10007.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10006.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10000.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_037.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\BuzzingBee.wav:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bopomofo.uce:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootvrfy.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootok.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios4.rom:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios1.rom:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avwav.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avtapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avmeter.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avifile.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avicap.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autodisc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atrc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atrace.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atmpvcno.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atkctrs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ativcoxx.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atioglx1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atiiiexx.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atifglpf.xml:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ATIDEMGR.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ATIDDC.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Ati2mdxx.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\athcfg11.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\arp.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\append.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\apcups.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ansi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\AegisI5.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\AegisE5.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adptif.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\activeds.tlb:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acledit.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\access.ctl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ac3filter.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\aaaamon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520850.cpx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520437.cpx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\$ncsp$.inf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\WFWNET.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VGA.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VER.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TIMER.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TAPI.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SYSTEM.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\stdole.tlb:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SOUND.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SHELL.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\setup.inf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLESVR.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLECLI.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MSVIDEO.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MOUSE.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMTASK.TSK:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMSYSTEM.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIWAVE.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCISEQ.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIAVI.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\LZEXPAND.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\KEYBOARD.DRV:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\COMMDLG.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVIFILE.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVICAP.DLL:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\ST4UNST.EXE:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\smscfg.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\RtlUpd.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\RtlExUpd.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\RTLCPL.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\Rtcw.INI:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\Robota.INI:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\REGLOCS.OLD:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\orun32.isu:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\orun32.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBCINST.INI:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBC.INI:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\Mur de Santa Fe.bmp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\msdfmap.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\mickey32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\MicCal.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\mgxoschk.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\MakeMrk.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\Jour de pêche.bmp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\IsUn040c.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\Granit vert.bmp:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\gfscore.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\gfact.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\explorer.scf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\ereg.dlx:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\DLA.EXE:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\Ctregrun.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\cncscore.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\cnc.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\clock.avi:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\chiffres.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\cfdemo.scr:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\cfdemo.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\BeatBox.INI:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\agrsmdel.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\_delis32.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\SWSTAMP.TXT:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Program Files\Global.sw:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE:KAVICHS @Alternate Data Stream - 36 bytes -> C:\mxfilerelatedcache.mxc2:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\iowa\LuResult.txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\iowa\Local Settings\Application Data\fusioncache.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\NTUSER.DAT:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\NTUSER.DAT.LOG:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Auth.prof:KAVICHS @Alternate Data Stream - 228 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS @Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS @Alternate Data Stream - 228 bytes -> C:\WINDOWS\setupapi.log.0.old:KAVICHS @Alternate Data Stream - 228 bytes -> C:\WINDOWS\musicmaker.INI:KAVICHS @Alternate Data Stream - 228 bytes -> C:\Documents and Settings\iowa\ntuser.ini:KAVICHS @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:59756FA4 @Alternate Data Stream - 100 bytes -> F:\Roger[1].doc:KAVICHS @Alternate Data Stream - 100 bytes -> F:\desktop.ini:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wshfr.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\umloader.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\TPwrCfg.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\TPSTrace.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\STRING32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\OEMINFO.INI:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Ltwvc12n.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jsfr.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\IVIresize.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ITIG726.acm:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Iacenc.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drmclien.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\RtkHDAud.Sys:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\pfc.sys:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\iviaspi.sys:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\system32\DRIVERS\ACPIEC.sys:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DLLVGA.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ati2evxx.exe:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ati2evxx.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ati2edxx.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\agrsmmsg.exe:KAVICHS < End of report > -
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
Erf,problème... Lorsque je suis sur Kaspersky Online Scanner,le site semble vérifier quelquechose sur mon pc (le "bouton" accepter n'est pas actif),et au bout de quelques secondes ce message s'affiche:Kaspersky Online Scanner 7.0 download and operation require Java framework version 1.5 or later.Pourtant il me semble bien avoir tout désactivé,j'ai mis IE à jour,et réinstaller au moins 5 ou 6 fois la dernière version de Java grâce au lien donné par Kaspersky Online Scanner...en vain...le même message revient tout le temps et je ne peux pas continuer la procédure.Là je commence a fatiguer,donc je laisse tomber pour ce soir. -
[Résolu] Mes contacts mail reçoivent des liens que je n'envoie pas
NeoKyrA a répondu à un(e) sujet de NeoKyrA dans Analyses et éradication malwares
Salut Lance_yien,tout d'abord merci d'avoir répondu si vite et de te pencher sur mon sujet.Comme demandé,voici les résultats obtenus: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5838 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/02/2011 15:27:22 mbam-log-2011-02-22 (15-27-21).txt Type d'examen: Examen rapide Elément(s) analysé(s): 167034 Temps écoulé: 19 minute(s), 51 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 10 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\documents and settings\iowa\application data\registrysmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\iowa\application data\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\WINDOWS\system32\meqky_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. c:\WINDOWS\system32\meqky_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. c:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully. c:\documents and settings\iowa\local settings\application data\hbbded_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. c:\documents and settings\iowa\local settings\application data\hbbded_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. c:\WINDOWS\Tasks\registrysmart scheduled scan.job (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\iowa\application data\registrysmart\Errors.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\iowa\application data\registrysmart\Results.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\iowa\application data\registrysmart\Log\2007 jul 05 - 03_44_52 am_937.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. c:\documents and settings\iowa\application data\registrysmart\Log\2007 jul 05 - 03_45_10 am_000.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Checkup: Results of screen317's Security Check version 0.99.8 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: AVG Free 9.0 OneCare Advisor (Windows Live Toolbar) ``````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java 6 Update 23 Adobe Flash Player 10.2.152.26 Adobe Reader 7.1.0 - Français Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe Ad-Aware AAWTray.exe is disabled! AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe ``````````End of Log```````````` J'espère avoir correctement répondu à tes attentes.Merci encore. -
Bonjours a tous, Oui,je crois effectivement que j'ai un soucis avec ma boite mail (entre autre je pense...).Depuis quelques temps tous mes contacts reçoivent des mails provenant de mon adresse mais que je n'ai pas envoyé.Voici un des mails: Most Endorsed FREE Website Hosting Provider | Account Suspended Can I work and at the same time enjyo my time wiht my kiid? ou encore: Most Endorsed FREE Website Hosting Provider | Account Suspended Guaratneed! Et moi de mon coté je reçois autant (je crois,je ne les ai pas compté...) de message type Delivery Status Notification (Failure): This is an automatically generated Delivery Status Notification. Delivery to the following recipients failed. rossfireman@aol.com Seulement je ne connait pas rossfireman@aol.com et c'est le cas pour tous les mails,l'adresse est différente a chaque fois. Ca commence à légèrement agacer mes amis.Je sais pas si ça peut être utile mais si ça peut faire gagner du temps,voici le rapport de hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:00:00, on 21/02/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Freecorder\FLVSrvc.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe F:\Téléchargements\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?163d4499f45c42a6a48e09a33d4aee2b O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?163d4499f45c42a6a48e09a33d4aee2b O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: Secuser.com - Sécurité informatique et protection de la vie privée O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- End of file - 12929 bytes En espérant que quelqu'un puisse m'aider je vous souhaite un bon courage,et merci déjà a ceux qui se pencheront sur le sujet.