Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Rapport Hijackthis

Broly159

Par Broly159
dans Analyses et éradication malwares

 Partager

Messages recommandés

Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

Dis moi : est ce que tu as tenté de faire les modifications demandés dans les options de ta connexion ?( mettre les adresses des Serveurs DNS sur automatique).

Je te prépare un fix pour éliminer les fichiers qui restent.

 

Poste moi un rapport comme ceci stp >

 

- Télécharge RegSearch.exe (Registry Search de Bobbi Flekman)

(Clique sur " RegSearch Download Link" )

  • dézippe dans un répertoire dédié tel que C:\Program Files
  • double clique sur RegSearch.exe
  • copie colle les entrées en bleu dans les lignes de la zone de recherche:
    (n'entre qu'un seul élément par ligne!)
    NdisFileServices32
  • rien dans la ligne "Enter string to exclude from results" et clique sur "OK".
  • après recherche, le bloc-notes ouvre une fenêtre "RegSearch.txt" avec toutes les instances trouvées
  • le fichier est en outre sauvegardé dans le même répertoire que celui de RegSearch
  • copie-colle le contenu de la fenêtre dans un post, ici
  • ferme le bloc-notes et ferme RegSearch par Cancel
  • Si la manipulation ne marche pas, entre les éléments un par un.

Modifié par charles ingals

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut

 

Essaie avec ce tool >

 

Télecharger et lancer ServiceFilter:

  • Télécharger ServiceFilter.
  • Dézipper ServiceFilter.zip dans un répertoire dédié comme C:\ServiceFilter.
  • par l'explorateur retrouver ce dossier, l'ouvrir et double-cliquer sur ServiceFilter.vbs.
  • Votre anti-virus risque de se manifester, autoriser le script à se dérouler.
  • Répondre "oui" à toutes les questions posées.
  • Un fichier texte sera ouvert (POST_THIS.TXT) listant tous les services autres que Windows.
  • Selectionner tout le texte (Ctrl + A ).
  • Copier (CTRL + C) et coller le tout (CTRL + V) dans la prochaine réponse.
  • Une copie de POST_THIS.TXT est sauvegardée dans le répertoire de ServiceFilter.vbs, en cas d'erreur.

Broly159 Member

Broly159

Posté(e)
  • Auteur
Posté(e)

The script did not recognize the services listed below.

This does not mean that they are a problem.

 

To copy the entire contents of this document for posting:

At the top of this window click "Edit" then "Select All"

Next click "Edit" again then "Copy"

Now right click in the forum post box then click "Paste"

 

########################################

 

ServiceFilter 1.1

by rand1038

 

Microsoft Windows XP Professionnel

Version: 5.1.2600

févr. 23, 2007 13:33:57

 

 

---> Begin Service Listing <---

 

Unknown Service # 1

Service Name: AVG Anti-Spyware Guard

Display Name: AVG Anti-Spyware Guard

Start Mode: Auto

Start Name: LocalSystem

Description: ...

Service Type: Own Process

Path: c:\program files\grisoft\avg anti-spyware 7.5\guard.exe

State: Running

Process ID: 1216

Started: Vrai

Exit Code: 0

Accept Pause: Faux

Accept Stop: Vrai

 

Unknown Service # 2

Service Name: iPod Service

Display Name: iPod Service

Start Mode: Manual

Start Name: LocalSystem

Description: iPod hardware management ...

Service Type: Own Process

Path: "c:\program files\ipod\bin\ipodservice.exe"

State: Running

Process ID: 2284

Started: Vrai

Exit Code: 0

Accept Pause: Faux

Accept Stop: Vrai

 

Unknown Service #3

Service Name: SwPrv

Display Name: MS Software Shadow Copy Provider

Start Mode: Manual

Start Name: LocalSystem

Description: Gère les copies logicielles de clichés instantanés de volumes créés par le service de cliché ...

Service Type: Own Process

Path: c:\windows\system32\dllhost.exe /processid:{89ba4759-7c7f-4de0-9ba2-6f6e9107f569}

State: Stopped

Process ID: 0

Started: Faux

Exit Code: 1077

Accept Pause: Faux

Accept Stop: Faux

 

Unknown Service # 4

Service Name: usnjsvc

Display Name: Service Messenger Sharing Folders USN Journal Reader

Start Mode: Manual

Start Name: LocalSystem

Description: Service installé par Messenger pour permettre les opérations de ...

Service Type: Own Process

Path: "c:\program files\msn messenger\usnsvc.exe"

State: Running

Process ID: 3108

Started: Vrai

Exit Code: 0

Accept Pause: Faux

Accept Stop: Vrai

 

---> End Service Listing <---

 

There are 83 Win32 services on this machine.

4 were unrecognized.

 

Script Execution Time: 1,1875 seconds.

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut

 

Ok rien de visible sur le rapport.

 

Démarre WinPFind3U en double cliquant sur WinPFind3U.exe et copie/colle le texte ci dessous (ne copie pas le mot code)

dans le Panneau Paste fix here , puis clique sur le bouton Run Fix.

[Kill Explorer]
[Unregister Dlls]
[ Extra Files ]
C:\WINDOWS\System32\wmdrtc32.dl_
C:\WINDOWS\System32\win55323.dll 
C:\WINDOWS\System32\win39198.dll 
C:\WINDOWS\System32\win27015.dll 
C:\WINDOWS\System32\win41354.dll 
C:\WINDOWS\System32\win29213.dll 
C:\WINDOWS\System32\win19093.dll 
C:\WINDOWS\System32\win30541.dll
C:\WINDOWS\System32\win17838.dll 
C:\WINDOWS\System32\win12092.dll
C:\WINDOWS\System32\win36392.dll 
C:\WINDOWS\System32\win24845.dll 
C:\WINDOWS\System32\wmdconf32.dll 
C:\WINDOWS\System32\win6006.dll 
C:\WINDOWS\System32\wmdrtc32.dll
C:\WINDOWS\System32\win45595.dll
C:\WINDOWS\System32\win28397.dll 
C:\WINDOWS\System32\win9981.dll
C:\WINDOWS\System32\win60569.dll
C:\WINDOWS\System32\win52765.dll 
C:\WINDOWS\System32\win39035.dll 
C:\WINDOWS\System32\win24744.dll 
C:\WINDOWS\system32\win11126.dll
C:\WINDOWS\system32\win1119.dll 
C:\WINDOWS\system32\win11893.dll 
C:\WINDOWS\system32\win12092.dll 
C:\WINDOWS\system32\win14140.dll 
C:\WINDOWS\system32\win15418.dll 
C:\WINDOWS\system32\win15685.dll
C:\WINDOWS\system32\win15791.dll 
C:\WINDOWS\system32\win16260.dll 
C:\WINDOWS\system32\win16880.dll 
C:\WINDOWS\system32\win17838.dll 
C:\WINDOWS\system32\win19093.dll 
C:\WINDOWS\system32\win19626.dll
C:\WINDOWS\system32\win19943.dll 
C:\WINDOWS\system32\win2001.dll 
C:\WINDOWS\system32\win23465.dll 
C:\WINDOWS\system32\win24744.dll 
C:\WINDOWS\system32\win24845.dll 
C:\WINDOWS\system32\win26622.dll 
C:\WINDOWS\system32\win27015.dll 
C:\WINDOWS\system32\win27039.dll 
C:\WINDOWS\system32\win2720.dll 
C:\WINDOWS\system32\win28397.dll
C:\WINDOWS\system32\win29213.dll 
C:\WINDOWS\system32\win29724.dll 
C:\WINDOWS\system32\win2979.dll 
C:\WINDOWS\system32\win30541.dll 
C:\WINDOWS\system32\win30690.dll 
C:\WINDOWS\system32\win30804.dll 
C:\WINDOWS\system32\win31977.dll 
C:\WINDOWS\system32\win33148.dll
C:\WINDOWS\system32\win33383.dll 
C:\WINDOWS\system32\win34036.dll 
C:\WINDOWS\system32\win34743.dll 
C:\WINDOWS\system32\win36392.dll
C:\WINDOWS\system32\win36659.dll 
C:\WINDOWS\system32\win37119.dll 
C:\WINDOWS\system32\win39035.dll 
C:\WINDOWS\system32\win39198.dll 
C:\WINDOWS\system32\win39418.dll 
C:\WINDOWS\system32\win3975.dll 
C:\WINDOWS\system32\win40805.dll 
C:\WINDOWS\system32\win41354.dll
C:\WINDOWS\system32\win42214.dll
C:\WINDOWS\system32\win43267.dll 
C:\WINDOWS\system32\win45078.dll 
C:\WINDOWS\system32\win45169.dll 
C:\WINDOWS\system32\win45595.dll 
C:\WINDOWS\system32\win49187.dll
C:\WINDOWS\system32\win49832.dll 
C:\WINDOWS\system32\win49855.dll 
C:\WINDOWS\system32\win50357.dll 
C:\WINDOWS\system32\win5186.dll 
C:\WINDOWS\system32\win52590.dll 
C:\WINDOWS\system32\win52765.dll 
C:\WINDOWS\system32\win53492.dll 
C:\WINDOWS\system32\win54605.dll 
C:\WINDOWS\system32\win55323.dll
C:\WINDOWS\system32\win6006.dll 
C:\WINDOWS\system32\win60569.dll 
C:\WINDOWS\system32\win60587.dll
C:\WINDOWS\system32\win62402.dll 
C:\WINDOWS\system32\win62567.dll
C:\WINDOWS\system32\win62666.dll
C:\WINDOWS\system32\win6583.dll 
C:\WINDOWS\system32\win7494.dll 
C:\WINDOWS\system32\win87em.dll 
C:\WINDOWS\system32\win8858.dll 
C:\WINDOWS\system32\win9981.dll 
[Reboot]

Le Fix va se faire rapidement, puis il te sera demandé de redémarrer ton pc : accepte en cliquant sur Yes

 

Redémarre ton pc et poste stp les rapports suivants >

 

-Poste aussi le rapport qui se trouve dans le dossier WinPFind3u( c'est un rapport qui a pour nom la date du jour\mois\année\heure).

 

-Un nouveau rapport DiagHelp

Broly159 Member

Broly159

Posté(e)
  • Auteur
Posté(e)

Je ne sais pas pourquoi mais apres le redemarage du pc apres le scan de WinPFind3u aucun log a était ouvert ! alors j'ai pris celui qui etait dans le dossier , mais je vais reesayer quand meme !

 

 

 

Explorer killed successfully

[ Extra Files ]

C:\WINDOWS\System32\wmdrtc32.dl_ moved successfully.

File/Folder C:\WINDOWS\System32\win55323.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win39198.dll

C:\WINDOWS\System32\win39198.dll NOT unregistered.

C:\WINDOWS\System32\win39198.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win27015.dll

C:\WINDOWS\System32\win27015.dll NOT unregistered.

C:\WINDOWS\System32\win27015.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win41354.dll

C:\WINDOWS\System32\win41354.dll NOT unregistered.

C:\WINDOWS\System32\win41354.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win29213.dll

C:\WINDOWS\System32\win29213.dll NOT unregistered.

C:\WINDOWS\System32\win29213.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win19093.dll

C:\WINDOWS\System32\win19093.dll NOT unregistered.

C:\WINDOWS\System32\win19093.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win30541.dll

C:\WINDOWS\System32\win30541.dll NOT unregistered.

C:\WINDOWS\System32\win30541.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win17838.dll

C:\WINDOWS\System32\win17838.dll NOT unregistered.

C:\WINDOWS\System32\win17838.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win12092.dll

C:\WINDOWS\System32\win12092.dll NOT unregistered.

C:\WINDOWS\System32\win12092.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win36392.dll

C:\WINDOWS\System32\win36392.dll NOT unregistered.

C:\WINDOWS\System32\win36392.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win24845.dll

C:\WINDOWS\System32\win24845.dll NOT unregistered.

C:\WINDOWS\System32\win24845.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\wmdconf32.dll

C:\WINDOWS\System32\wmdconf32.dll NOT unregistered.

C:\WINDOWS\System32\wmdconf32.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win6006.dll

C:\WINDOWS\System32\win6006.dll NOT unregistered.

C:\WINDOWS\System32\win6006.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\wmdrtc32.dll

C:\WINDOWS\System32\wmdrtc32.dll NOT unregistered.

C:\WINDOWS\System32\wmdrtc32.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win45595.dll

C:\WINDOWS\System32\win45595.dll NOT unregistered.

C:\WINDOWS\System32\win45595.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win28397.dll

C:\WINDOWS\System32\win28397.dll NOT unregistered.

C:\WINDOWS\System32\win28397.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win9981.dll

C:\WINDOWS\System32\win9981.dll NOT unregistered.

C:\WINDOWS\System32\win9981.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win60569.dll

C:\WINDOWS\System32\win60569.dll NOT unregistered.

C:\WINDOWS\System32\win60569.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win52765.dll

C:\WINDOWS\System32\win52765.dll NOT unregistered.

C:\WINDOWS\System32\win52765.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win39035.dll

C:\WINDOWS\System32\win39035.dll NOT unregistered.

C:\WINDOWS\System32\win39035.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\System32\win24744.dll

C:\WINDOWS\System32\win24744.dll NOT unregistered.

C:\WINDOWS\System32\win24744.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win11126.dll

C:\WINDOWS\system32\win11126.dll NOT unregistered.

C:\WINDOWS\system32\win11126.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win1119.dll

C:\WINDOWS\system32\win1119.dll NOT unregistered.

C:\WINDOWS\system32\win1119.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win11893.dll

C:\WINDOWS\system32\win11893.dll NOT unregistered.

C:\WINDOWS\system32\win11893.dll moved successfully.

File/Folder C:\WINDOWS\system32\win12092.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win14140.dll

C:\WINDOWS\system32\win14140.dll NOT unregistered.

C:\WINDOWS\system32\win14140.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win15418.dll

C:\WINDOWS\system32\win15418.dll NOT unregistered.

C:\WINDOWS\system32\win15418.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win15685.dll

C:\WINDOWS\system32\win15685.dll NOT unregistered.

C:\WINDOWS\system32\win15685.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win15791.dll

C:\WINDOWS\system32\win15791.dll NOT unregistered.

C:\WINDOWS\system32\win15791.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win16260.dll

C:\WINDOWS\system32\win16260.dll NOT unregistered.

C:\WINDOWS\system32\win16260.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win16880.dll

C:\WINDOWS\system32\win16880.dll NOT unregistered.

C:\WINDOWS\system32\win16880.dll moved successfully.

File/Folder C:\WINDOWS\system32\win17838.dll not found.

File/Folder C:\WINDOWS\system32\win19093.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win19626.dll

C:\WINDOWS\system32\win19626.dll NOT unregistered.

C:\WINDOWS\system32\win19626.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win19943.dll

C:\WINDOWS\system32\win19943.dll NOT unregistered.

C:\WINDOWS\system32\win19943.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win2001.dll

C:\WINDOWS\system32\win2001.dll NOT unregistered.

C:\WINDOWS\system32\win2001.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win23465.dll

C:\WINDOWS\system32\win23465.dll NOT unregistered.

C:\WINDOWS\system32\win23465.dll moved successfully.

File/Folder C:\WINDOWS\system32\win24744.dll not found.

File/Folder C:\WINDOWS\system32\win24845.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win26622.dll

C:\WINDOWS\system32\win26622.dll NOT unregistered.

C:\WINDOWS\system32\win26622.dll moved successfully.

File/Folder C:\WINDOWS\system32\win27015.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win27039.dll

C:\WINDOWS\system32\win27039.dll NOT unregistered.

C:\WINDOWS\system32\win27039.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win2720.dll

C:\WINDOWS\system32\win2720.dll NOT unregistered.

C:\WINDOWS\system32\win2720.dll moved successfully.

File/Folder C:\WINDOWS\system32\win28397.dll not found.

File/Folder C:\WINDOWS\system32\win29213.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win29724.dll

C:\WINDOWS\system32\win29724.dll NOT unregistered.

C:\WINDOWS\system32\win29724.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win2979.dll

C:\WINDOWS\system32\win2979.dll NOT unregistered.

C:\WINDOWS\system32\win2979.dll moved successfully.

File/Folder C:\WINDOWS\system32\win30541.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win30690.dll

C:\WINDOWS\system32\win30690.dll NOT unregistered.

C:\WINDOWS\system32\win30690.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win30804.dll

C:\WINDOWS\system32\win30804.dll NOT unregistered.

C:\WINDOWS\system32\win30804.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win31977.dll

C:\WINDOWS\system32\win31977.dll NOT unregistered.

C:\WINDOWS\system32\win31977.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win33148.dll

C:\WINDOWS\system32\win33148.dll NOT unregistered.

C:\WINDOWS\system32\win33148.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win33383.dll

C:\WINDOWS\system32\win33383.dll NOT unregistered.

C:\WINDOWS\system32\win33383.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win34036.dll

C:\WINDOWS\system32\win34036.dll NOT unregistered.

C:\WINDOWS\system32\win34036.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win34743.dll

C:\WINDOWS\system32\win34743.dll NOT unregistered.

C:\WINDOWS\system32\win34743.dll moved successfully.

File/Folder C:\WINDOWS\system32\win36392.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win36659.dll

C:\WINDOWS\system32\win36659.dll NOT unregistered.

C:\WINDOWS\system32\win36659.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win37119.dll

C:\WINDOWS\system32\win37119.dll NOT unregistered.

C:\WINDOWS\system32\win37119.dll moved successfully.

File/Folder C:\WINDOWS\system32\win39035.dll not found.

File/Folder C:\WINDOWS\system32\win39198.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win39418.dll

C:\WINDOWS\system32\win39418.dll NOT unregistered.

C:\WINDOWS\system32\win39418.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win3975.dll

C:\WINDOWS\system32\win3975.dll NOT unregistered.

C:\WINDOWS\system32\win3975.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win40805.dll

C:\WINDOWS\system32\win40805.dll NOT unregistered.

C:\WINDOWS\system32\win40805.dll moved successfully.

File/Folder C:\WINDOWS\system32\win41354.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win42214.dll

C:\WINDOWS\system32\win42214.dll NOT unregistered.

C:\WINDOWS\system32\win42214.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win43267.dll

C:\WINDOWS\system32\win43267.dll NOT unregistered.

C:\WINDOWS\system32\win43267.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win45078.dll

C:\WINDOWS\system32\win45078.dll NOT unregistered.

C:\WINDOWS\system32\win45078.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win45169.dll

C:\WINDOWS\system32\win45169.dll NOT unregistered.

C:\WINDOWS\system32\win45169.dll moved successfully.

File/Folder C:\WINDOWS\system32\win45595.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win49187.dll

C:\WINDOWS\system32\win49187.dll NOT unregistered.

C:\WINDOWS\system32\win49187.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win49832.dll

C:\WINDOWS\system32\win49832.dll NOT unregistered.

C:\WINDOWS\system32\win49832.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win49855.dll

C:\WINDOWS\system32\win49855.dll NOT unregistered.

C:\WINDOWS\system32\win49855.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win50357.dll

C:\WINDOWS\system32\win50357.dll NOT unregistered.

C:\WINDOWS\system32\win50357.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win5186.dll

C:\WINDOWS\system32\win5186.dll NOT unregistered.

C:\WINDOWS\system32\win5186.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win52590.dll

C:\WINDOWS\system32\win52590.dll NOT unregistered.

C:\WINDOWS\system32\win52590.dll moved successfully.

File/Folder C:\WINDOWS\system32\win52765.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win53492.dll

C:\WINDOWS\system32\win53492.dll NOT unregistered.

C:\WINDOWS\system32\win53492.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win54605.dll

C:\WINDOWS\system32\win54605.dll NOT unregistered.

C:\WINDOWS\system32\win54605.dll moved successfully.

File/Folder C:\WINDOWS\system32\win55323.dll not found.

File/Folder C:\WINDOWS\system32\win6006.dll not found.

File/Folder C:\WINDOWS\system32\win60569.dll not found.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win60587.dll

C:\WINDOWS\system32\win60587.dll NOT unregistered.

C:\WINDOWS\system32\win60587.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win62402.dll

C:\WINDOWS\system32\win62402.dll NOT unregistered.

C:\WINDOWS\system32\win62402.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win62567.dll

C:\WINDOWS\system32\win62567.dll NOT unregistered.

C:\WINDOWS\system32\win62567.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win62666.dll

C:\WINDOWS\system32\win62666.dll NOT unregistered.

C:\WINDOWS\system32\win62666.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win6583.dll

C:\WINDOWS\system32\win6583.dll NOT unregistered.

C:\WINDOWS\system32\win6583.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win7494.dll

C:\WINDOWS\system32\win7494.dll NOT unregistered.

C:\WINDOWS\system32\win7494.dll moved successfully.

LoadLibrary failed for C:\WINDOWS\system32\win87em.dll

C:\WINDOWS\system32\win87em.dll NOT unregistered.

C:\WINDOWS\system32\win87em.dll moved successfully.

DllUnregisterServer procedure not found in C:\WINDOWS\system32\win8858.dll

C:\WINDOWS\system32\win8858.dll NOT unregistered.

C:\WINDOWS\system32\win8858.dll moved successfully.

File/Folder C:\WINDOWS\system32\win9981.dll not found.

< End of log >

Created on 02/25/2007 03:09:54

 

 

 

 

 

 

 

 

 

 

DiagHelp :

 

 

 

 

 

 

C:\WINDOWS\System32\wmdrtc32.dl_ -->25/02/2007 03:14:59

C:\WINDOWS\System32\nvapps.xml -->25/02/2007 03:11:32

C:\WINDOWS\System32\wmdrtc32.dll -->25/02/2007 03:11:21

C:\WINDOWS\System32\win27484.dll -->25/02/2007 00:02:31

C:\WINDOWS\System32\win45630.dll -->25/02/2007 00:01:44

C:\WINDOWS\System32\win61734.dll -->24/02/2007 20:06:04

C:\WINDOWS\System32\win48624.dll -->24/02/2007 20:05:51

C:\WINDOWS\System32\win63707.dll -->24/02/2007 20:05:01

C:\WINDOWS\System32\win16119.dll -->24/02/2007 16:09:23

C:\WINDOWS\System32\win58202.dll -->24/02/2007 16:08:59

C:\WINDOWS\System32\win11093.dll -->24/02/2007 16:08:12

C:\WINDOWS\System32\win65018.dll -->24/02/2007 04:01:41

C:\WINDOWS\System32\win51878.dll -->24/02/2007 04:01:28

C:\WINDOWS\System32\win5643.dll -->24/02/2007 04:00:42

C:\WINDOWS\System32\win23888.dll -->24/02/2007 00:05:04

C:\WINDOWS\System32\win8872.dll -->24/02/2007 00:04:49

C:\WINDOWS\System32\win29283.dll -->24/02/2007 00:04:04

C:\WINDOWS\System32\win195.dll -->23/02/2007 21:09:54

C:\WINDOWS\System32\win51778.dll -->23/02/2007 21:09:41

C:\WINDOWS\System32\win6559.dll -->23/02/2007 21:08:55

C:\WINDOWS\System32\win628.dll -->23/02/2007 17:03:04

C:\WINDOWS\System32\win39148.dll -->23/02/2007 17:02:37

C:\WINDOWS\System32\win52965.dll -->23/02/2007 17:01:45

C:\WINDOWS\System32\win11729.dll -->23/02/2007 13:36:49

C:\WINDOWS\System32\win58311.dll -->23/02/2007 13:36:30

 

C:\WINDOWS\ntbtlog.txt -->25/02/2007 03:14:42

C:\WINDOWS\WindowsUpdate.log -->25/02/2007 03:11:27

C:\WINDOWS.log -->25/02/2007 03:11:27

C:\WINDOWS\wiaservc.log -->25/02/2007 03:11:25

C:\WINDOWS\wiadebug.log -->25/02/2007 03:11:25

C:\WINDOWS\bootstat.dat -->25/02/2007 03:11:19

C:\WINDOWS\SchedLgU.Txt -->25/02/2007 03:10:12

C:\WINDOWS\system.ini -->25/02/2007 00:02:38

C:\WINDOWS\setupapi.log -->24/02/2007 05:45:00

C:\WINDOWS\winhlp32.exe -->21/02/2007 02:20:07

C:\WINDOWS\unin040c.exe -->21/02/2007 02:20:05

C:\WINDOWS\twunk_32.exe -->21/02/2007 02:20:05

C:\WINDOWS\TASKMAN.EXE -->21/02/2007 02:20:04

C:\WINDOWS\setdebug.exe -->21/02/2007 02:20:03

C:\WINDOWS\regedit.exe -->21/02/2007 02:20:02

 

C:\WINDOWS\BCUnInstall.exe |06/02/2007 22:40:33

C:\WINDOWS\Ctdrvins.exe |31/10/2006 19:22:47

C:\WINDOWS\gmer.exe |01/02/2007 13:42:27

C:\WINDOWS\IsUn040c.exe |01/11/2006 20:02:45

C:\WINDOWS\IsUninst.exe |01/11/2006 20:11:07

C:\WINDOWS\P1130Cfg.exe |31/10/2006 19:22:49

C:\WINDOWS\twunk_16.exe |28/06/2002 20:54:16

C:\WINDOWS\twunk_32.exe |28/06/2002 20:54:16

C:\WINDOWS\unin040c.exe |04/11/2006 16:51:07

C:\WINDOWS\gmer.dll |01/02/2007 13:42:27

C:\WINDOWS\twain.dll |28/06/2002 20:54:15

C:\WINDOWS\twain_32.dll |28/06/2002 20:54:15

C:\WINDOWS\system32136542ld.exe |05/01/2007 01:00:13

C:\WINDOWS\system32263102ld.exe |11/01/2007 20:00:26

C:\WINDOWS\system32\append.exe |28/06/2002 20:33:55

C:\WINDOWS\system32\aswBoot.exe |06/02/2007 23:56:39

C:\WINDOWS\system32\CleanUp.exe |23/10/2006 20:33:33

C:\WINDOWS\system32\debug.exe |28/06/2002 20:36:52

C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |11/07/2006 23:33:49

C:\WINDOWS\system32\DivXsm.exe |12/07/2006 00:40:17

C:\WINDOWS\system32\dosx.exe |28/06/2002 20:37:09

C:\WINDOWS\system32\DSndUp.exe |23/10/2006 20:33:33

C:\WINDOWS\system32\dumphive.exe |22/12/2006 14:24:40

C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34

C:\WINDOWS\system32\edlin.exe |28/06/2002 20:37:40

C:\WINDOWS\system32\exe2bin.exe |28/06/2002 20:37:48

C:\WINDOWS\system32\fastopen.exe |28/06/2002 20:37:57

C:\WINDOWS\system32\INSTMON.EXE |08/07/2002 15:49:20

C:\WINDOWS\system32\java.exe |04/02/2007 00:48:41

C:\WINDOWS\system32\javaw.exe |04/02/2007 00:48:41

C:\WINDOWS\system32\javaws.exe |04/02/2007 00:48:41

C:\WINDOWS\system32\keystone.exe |11/08/2006 20:43:00

C:\WINDOWS\system32\LEXBCES.EXE |08/07/2002 15:49:26

C:\WINDOWS\system32\lexping.exe |08/07/2002 15:49:26

C:\WINDOWS\system32\LEXPPS.EXE |08/07/2002 15:49:27

C:\WINDOWS\system32\lxakcfg.exe |08/07/2002 15:49:27

C:\WINDOWS\system32\lxakih.exe |08/07/2002 15:49:31

C:\WINDOWS\system32\lxaklsnt.exe |08/07/2002 15:49:31

C:\WINDOWS\system32\LXSMUNIN.EXE |08/07/2002 15:49:33

C:\WINDOWS\system32\LXSUPMON.EXE |08/07/2002 15:49:33

C:\WINDOWS\system32\mem.exe |28/06/2002 20:41:54

C:\WINDOWS\system32\mscdexnt.exe |28/06/2002 20:43:12

C:\WINDOWS\system32\nlsfunc.exe |28/06/2002 20:45:40

C:\WINDOWS\system32\nvappbar.exe |11/08/2006 20:43:00

C:\WINDOWS\system32\nvcolor.exe |11/08/2006 20:44:28

C:\WINDOWS\system32\nvcplui.exe |11/08/2006 20:43:00

C:\WINDOWS\system32\nvdspsch.exe |11/08/2006 20:43:00

C:\WINDOWS\system32\nvsvc32.exe |11/08/2006 20:42:50

C:\WINDOWS\system32\nvudisp.exe |23/10/2006 20:48:38

C:\WINDOWS\system32\NVUNINST.EXE |23/10/2006 20:48:26

C:\WINDOWS\system32\nw16.exe |28/06/2002 20:46:18

C:\WINDOWS\system32\nwiz.exe |11/08/2006 20:43:00

C:\WINDOWS\system32\P1130Srv.exe |31/10/2006 19:22:49

C:\WINDOWS\system32\Process.exe |29/11/2006 18:52:55

C:\WINDOWS\system32\pscND113.exe |01/11/2006 20:11:28

C:\WINDOWS\system32\pxcpya64.exe |27/10/2006 23:17:18

C:\WINDOWS\system32\pxcpyi64.exe |27/10/2006 23:17:18

C:\WINDOWS\system32\pxhpinst.exe |27/10/2006 23:17:18

C:\WINDOWS\system32\pxinsa64.exe |27/10/2006 23:17:18

C:\WINDOWS\system32\pxinsi64.exe |27/10/2006 23:17:18

C:\WINDOWS\system32\redir.exe |28/06/2002 20:48:36

C:\WINDOWS\system32\setver.exe |28/06/2002 20:50:00

C:\WINDOWS\system32\share.exe |28/06/2002 20:50:03

C:\WINDOWS\system32\SrchSTS.exe |29/11/2006 18:52:55

C:\WINDOWS\system32\swreg.exe |29/11/2006 18:52:55

C:\WINDOWS\system32\swsc.exe |29/11/2006 18:52:55

C:\WINDOWS\system32\swxcacls.exe |22/12/2006 14:24:40

C:\WINDOWS\system32\Synsopos.exe |18/02/2007 19:19:50

C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48

C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48

C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48

C:\WINDOWS\system32\vwipxspx.exe |28/06/2002 20:55:45

C:\WINDOWS\system32\amstream.dll |03/01/2007 00:23:24

C:\WINDOWS\system32\atmfd.dll |28/06/2002 20:34:04

C:\WINDOWS\system32\atmlib.dll |28/06/2002 20:34:04

C:\WINDOWS\system32\Audio3d.dll |23/10/2006 20:33:33

C:\WINDOWS\system32\cc3260mt.dll |18/02/2007 17:33:44

C:\WINDOWS\system32\CmdLineExt.dll |03/01/2007 11:21:15

C:\WINDOWS\system32\compatUI.dll |28/06/2002 20:34:34

C:\WINDOWS\system32\CtCamMgr.dll |31/10/2006 19:22:47

C:\WINDOWS\system32\decdnet.dll |18/02/2007 19:23:01

C:\WINDOWS\system32\dgrpsetu.dll |23/10/2006 21:13:03

C:\WINDOWS\system32\dgsetup.dll |23/10/2006 21:13:03

C:\WINDOWS\system32\DivX.dll |02/10/2006 20:04:39

C:\WINDOWS\system32\DivXWMPExtType.dll |11/07/2006 23:33:49

C:\WINDOWS\system32\divx_xx07.dll |02/10/2006 20:04:40

C:\WINDOWS\system32\divx_xx0c.dll |02/10/2006 20:04:40

C:\WINDOWS\system32\divx_xx11.dll |02/10/2006 20:04:40

C:\WINDOWS\system32\dpl100.dll |11/08/2006 00:03:58

C:\WINDOWS\system32\dpu10.dll |11/07/2006 23:54:31

C:\WINDOWS\system32\dpu11.dll |11/07/2006 23:54:31

C:\WINDOWS\system32\dpuGUI10.dll |11/07/2006 23:54:34

C:\WINDOWS\system32\dpuGUI11.dll |11/07/2006 23:54:31

C:\WINDOWS\system32\dpus11.dll |11/07/2006 23:54:31

C:\WINDOWS\system32\dpv11.dll |11/07/2006 23:54:31

C:\WINDOWS\system32\dtu100.dll |11/08/2006 00:03:57

C:\WINDOWS\system32\Edcrypt.dll |23/10/2006 20:33:22

C:\WINDOWS\system32\encdnet.dll |18/02/2007 19:23:00

C:\WINDOWS\system32\EqnClass.Dll |23/10/2006 21:13:02

C:\WINDOWS\system32\ff_vfw.dll |29/11/2005 21:17:16

C:\WINDOWS\system32\GEARAspi.dll |19/09/2006 15:43:58

C:\WINDOWS\system32\hticons.dll |23/10/2006 20:16:52

C:\WINDOWS\system32\hypertrm.dll |23/10/2006 20:16:52

C:\WINDOWS\system32\iccvid.dll |28/06/2002 20:38:50

C:\WINDOWS\system32\INETWH32.dll |18/11/2006 14:41:37

C:\WINDOWS\system32\ir32_32.dll |28/06/2002 20:39:27

C:\WINDOWS\system32\ir41_qc.dll |28/06/2002 20:39:27

C:\WINDOWS\system32\ir41_qcx.dll |28/06/2002 20:39:27

C:\WINDOWS\system32\ir50_32.dll |28/06/2002 20:39:28

C:\WINDOWS\system32\ir50_qc.dll |28/06/2002 20:39:28

C:\WINDOWS\system32\ir50_qcx.dll |28/06/2002 20:39:28

C:\WINDOWS\system32\isrdbg32.dll |23/10/2006 20:18:25

C:\WINDOWS\system32\jgaw400.dll |28/06/2002 20:39:36

C:\WINDOWS\system32\jgdw400.dll |28/06/2002 20:39:36

C:\WINDOWS\system32\jgmd400.dll |28/06/2002 20:39:36

C:\WINDOWS\system32\jgpl400.dll |28/06/2002 20:39:37

C:\WINDOWS\system32\jgsd400.dll |28/06/2002 20:39:37

C:\WINDOWS\system32\jgsh400.dll |28/06/2002 20:39:37

C:\WINDOWS\system32\L6PODxt.dll |30/01/2007 02:15:14

C:\WINDOWS\system32\LEX2KUSB.DLL |08/07/2002 15:49:26

C:\WINDOWS\system32\LEXBCE.DLL |08/07/2002 15:49:26

C:\WINDOWS\system32\lexlmpm.dll |08/07/2002 15:49:06

C:\WINDOWS\system32\LEXP2P32.DLL |08/07/2002 15:49:26

C:\WINDOWS\system32\libdivx.dll |12/07/2006 00:40:00

C:\WINDOWS\system32\lxakcomm.dll |08/07/2002 15:49:30

C:\WINDOWS\system32\lxakcu.dll |08/07/2002 15:49:30

C:\WINDOWS\system32\lxakcur.dll |08/07/2002 15:49:06

C:\WINDOWS\system32\lxakjswr.dll |08/07/2002 15:49:06

C:\WINDOWS\system32\lxaklcnp.dll |08/07/2002 15:49:31

C:\WINDOWS\system32\lxaklcnt.dll |08/07/2002 15:49:31

C:\WINDOWS\system32\lxakpmnt.dll |08/07/2002 15:49:31

C:\WINDOWS\system32\lxakpwr.dll |08/07/2002 15:49:32

C:\WINDOWS\system32\lxakutil.dll |08/07/2002 15:49:32

C:\WINDOWS\system32\LXSMUNIN.DLL |08/07/2002 15:49:07

C:\WINDOWS\system32\LXSUPMON.DLL |08/07/2002 15:49:07

C:\WINDOWS\system32\mciqtz32.dll |03/01/2007 00:23:24

C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06

C:\WINDOWS\system32\MP3EncX.dll |09/02/2007 19:08:08

C:\WINDOWS\system32\msdmo(2).dll |25/10/2006 20:46:18

C:\WINDOWS\system32\msdmo.dll |25/10/2006 20:46:18

C:\WINDOWS\system32\msencode.dll |28/06/2002 20:43:25

C:\WINDOWS\system32\nv4_disp.dll |11/08/2006 20:42:52

C:\WINDOWS\system32\nvapi.dll |11/08/2006 20:43:10

C:\WINDOWS\system32\nvcod.dll |11/08/2006 20:42:44

C:\WINDOWS\system32\nvcodins.dll |11/08/2006 20:42:44

C:\WINDOWS\system32\nvcpl.dll |11/08/2006 20:43:02

C:\WINDOWS\system32\nvcpluir.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvdisps.dll |11/08/2006 20:45:28

C:\WINDOWS\system32\nvdispsr.dll |11/08/2006 20:45:30

C:\WINDOWS\system32\nvexpbar.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvgames.dll |11/08/2006 20:45:32

C:\WINDOWS\system32\nvgamesr.dll |11/08/2006 20:45:34

C:\WINDOWS\system32\nvhwvid.dll |11/08/2006 20:45:20

C:\WINDOWS\system32\nview.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvmccs.dll |11/08/2006 20:45:22

C:\WINDOWS\system32\nvmccsrs.dll |11/08/2006 20:45:22

C:\WINDOWS\system32\nvmccss.dll |11/08/2006 20:45:38

C:\WINDOWS\system32\nvmccssr.dll |11/08/2006 20:45:40

C:\WINDOWS\system32\nvmctray.dll |11/08/2006 20:43:04

C:\WINDOWS\system32\nvmobls.dll |11/08/2006 20:45:42

C:\WINDOWS\system32\nvmoblsr.dll |11/08/2006 20:45:42

C:\WINDOWS\system32\nvnt4cpl.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvoglnt.dll |11/08/2006 20:42:58

C:\WINDOWS\system32\nvrsar.dll |11/08/2006 20:44:30

C:\WINDOWS\system32\nvrscs.dll |11/08/2006 20:44:34

C:\WINDOWS\system32\nvrsda.dll |11/08/2006 20:43:48

C:\WINDOWS\system32\nvrsde.dll |11/08/2006 20:43:36

C:\WINDOWS\system32\nvrsel.dll |11/08/2006 20:44:28

C:\WINDOWS\system32\nvrseng.dll |11/08/2006 20:43:34

C:\WINDOWS\system32\nvrses.dll |11/08/2006 20:44:02

C:\WINDOWS\system32\nvrsesm.dll |11/08/2006 20:45:16

C:\WINDOWS\system32\nvrsfi.dll |11/08/2006 20:43:56

C:\WINDOWS\system32\nvrsfr.dll |11/08/2006 20:43:22

C:\WINDOWS\system32\nvrshe.dll |11/08/2006 20:44:54

C:\WINDOWS\system32\nvrshu.dll |11/08/2006 20:45:12

C:\WINDOWS\system32\nvrsit.dll |11/08/2006 20:43:44

C:\WINDOWS\system32\nvrsja.dll |11/08/2006 20:44:50

C:\WINDOWS\system32\nvrsko.dll |11/08/2006 20:45:02

C:\WINDOWS\system32\nvrsnl.dll |11/08/2006 20:43:26

C:\WINDOWS\system32\nvrsno.dll |11/08/2006 20:44:58

C:\WINDOWS\system32\nvrspl.dll |11/08/2006 20:44:46

C:\WINDOWS\system32\nvrspt.dll |11/08/2006 20:44:36

C:\WINDOWS\system32\nvrsptb.dll |11/08/2006 20:43:40

C:\WINDOWS\system32\nvrsru.dll |11/08/2006 20:43:20

C:\WINDOWS\system32\nvrssk.dll |11/08/2006 20:45:06

C:\WINDOWS\system32\nvrssl.dll |11/08/2006 20:45:10

C:\WINDOWS\system32\nvrssv.dll |11/08/2006 20:43:58

C:\WINDOWS\system32\nvrstr.dll |11/08/2006 20:44:40

C:\WINDOWS\system32\nvrszhc.dll |11/08/2006 20:43:52

C:\WINDOWS\system32\nvrszht.dll |11/08/2006 20:43:30

C:\WINDOWS\system32\nvshell.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvvitvs.dll |11/08/2006 20:45:44

C:\WINDOWS\system32\nvvitvsr.dll |11/08/2006 20:45:46

C:\WINDOWS\system32\nvwddi.dll |11/08/2006 20:43:08

C:\WINDOWS\system32\nvwdmcpl.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwimg.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsar.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrscs.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsda.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsde.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsel.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrseng.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrses.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsesm.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsfi.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsfr.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrshe.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrshu.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsit.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsja.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsko.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsnl.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsno.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrspl.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrspt.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsptb.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrsru.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrssk.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrssl.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrssv.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrstr.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrszhc.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwrszht.dll |11/08/2006 20:43:00

C:\WINDOWS\system32\nvwss.dll |11/08/2006 20:45:36

C:\WINDOWS\system32\nvwssr.dll |11/08/2006 20:45:38

C:\WINDOWS\system32\OpenAL32.dll |03/01/2007 00:11:54

C:\WINDOWS\system32\P1130Hwx.dll |31/10/2006 19:22:49

C:\WINDOWS\system32\P1130Pin.dll |31/10/2006 19:22:49

C:\WINDOWS\system32\P1130Sti.dll |31/10/2006 19:22:49

C:\WINDOWS\system32\P1130Vfw.dll |31/10/2006 19:22:49

C:\WINDOWS\system32\Packet.dll |18/12/2006 16:32:26

C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16

C:\WINDOWS\system32\pnc3250.dll |18/02/2007 19:23:01

C:\WINDOWS\system32\pncrt.dll |03/11/2006 15:41:26

C:\WINDOWS\system32\pndx5016.dll |03/11/2006 15:41:29

C:\WINDOWS\system32\pndx5032.dll |03/11/2006 15:41:29

C:\WINDOWS\system32\pneng50.dll |18/02/2007 19:23:01

C:\WINDOWS\system32\pngu3263.dll |18/02/2007 19:23:01

C:\WINDOWS\system32\PostProc.dll |23/10/2006 20:33:22

C:\WINDOWS\system32\PSCLU113.dll |01/11/2006 20:11:28

C:\WINDOWS\system32\pscUD113.dll |01/11/2006 20:11:28

C:\WINDOWS\system32\pscVSWIA.dll |01/11/2006 20:11:28

C:\WINDOWS\system32\psisdecd.dll |03/01/2007 00:23:30

C:\WINDOWS\system32\pthreadVC.dll |18/12/2006 16:32:26

C:\WINDOWS\system32\px.dll |27/10/2006 23:17:17

C:\WINDOWS\system32\pxafs.dll |27/10/2006 23:39:13

C:\WINDOWS\system32\pxdrv.dll |27/10/2006 23:17:17

C:\WINDOWS\system32\pxmas.dll |27/10/2006 23:17:17

C:\WINDOWS\system32\pxsfs.dll |27/10/2006 23:39:13

C:\WINDOWS\system32\pxwave.dll |27/10/2006 23:17:17

C:\WINDOWS\system32\qedwipes.dll |03/01/2007 00:23:24

C:\WINDOWS\system32\qt-dx331.dll |27/07/2006 18:28:42

C:\WINDOWS\system32\ra3214_4.dll |18/02/2007 19:23:01

C:\WINDOWS\system32\ra3228_8.dll |18/02/2007 19:23:03

C:\WINDOWS\system32\ra32dnet.dll |18/02/2007 19:23:03

C:\WINDOWS\system32\ra32sipr.dll |18/02/2007 19:23:02

C:\WINDOWS\system32\rmbe3260.dll |18/02/2007 19:23:02

C:\WINDOWS\system32\rmoc3260.dll |03/11/2006 15:42:02

C:\WINDOWS\system32\Roboex32.dll |18/11/2006 14:41:37

C:\WINDOWS\system32\scriptpw.dll |28/06/2002 20:49:33

C:\WINDOWS\system32\slbcsp.dll |28/06/2002 20:50:38

C:\WINDOWS\system32\slbiop.dll |28/06/2002 20:50:39

C:\WINDOWS\system32\slbrccsp.dll |28/06/2002 20:50:39

C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18

C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18

C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18

C:\WINDOWS\system32\spxcoins.dll |23/10/2006 21:13:03

C:\WINDOWS\system32\ssldivx.dll |12/07/2006 00:40:00

C:\WINDOWS\system32\stci.dll |23/10/2006 20:27:25

C:\WINDOWS\system32\stlpmt45.dll |18/02/2007 17:33:44

C:\WINDOWS\system32\SYNSOACC.dll |18/02/2007 19:19:47

C:\WINDOWS\system32\SynsoLChk.dll |18/02/2007 19:19:48

C:\WINDOWS\system32\SysInfo.dll |19/02/2007 02:26:30

C:\WINDOWS\system32\systeminfo.dll |16/02/2007 16:47:22

C:\WINDOWS\system32\tsd32.dll |28/06/2002 20:54:07

C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\virtear.dll |23/10/2006 20:33:33

C:\WINDOWS\system32\vsdata.dll |29/11/2006 18:48:33

C:\WINDOWS\system32\vsinit.dll |29/11/2006 18:48:32

C:\WINDOWS\system32\vsmonapi.dll |29/11/2006 18:49:02

C:\WINDOWS\system32\vspubapi.dll |29/11/2006 18:49:02

C:\WINDOWS\system32\vsutil.dll |29/11/2006 18:48:32

C:\WINDOWS\system32\vswmi.dll |29/11/2006 18:49:05

C:\WINDOWS\system32\vsxml.dll |29/11/2006 18:49:04

C:\WINDOWS\system32\vxblock.dll |27/10/2006 23:17:17

C:\WINDOWS\system32\WanPacket.dll |18/12/2006 16:32:26

C:\WINDOWS\system32\win11093.dll |24/02/2007 16:08:12

C:\WINDOWS\system32\win11343.dll |23/02/2007 13:35:43

C:\WINDOWS\system32\win11729.dll |23/02/2007 13:36:49

C:\WINDOWS\system32\win12715.dll |22/02/2007 17:04:25

C:\WINDOWS\system32\win15498.dll |22/02/2007 13:39:07

C:\WINDOWS\system32\win16119.dll |24/02/2007 16:09:23

C:\WINDOWS\system32\win17726.dll |22/02/2007 17:05:36

C:\WINDOWS\system32\win195.dll |23/02/2007 21:09:54

C:\WINDOWS\system32\win23888.dll |24/02/2007 00:05:04

C:\WINDOWS\system32\win27484.dll |25/02/2007 00:02:31

C:\WINDOWS\system32\win29283.dll |24/02/2007 00:04:04

C:\WINDOWS\system32\win29580.dll |23/02/2007 00:07:24

C:\WINDOWS\system32\win33956.dll |22/02/2007 13:38:20

C:\WINDOWS\system32\win37420.dll |22/02/2007 13:39:29

C:\WINDOWS\system32\win39148.dll |23/02/2007 17:02:37

C:\WINDOWS\system32\win41876.dll |23/02/2007 00:07:37

C:\WINDOWS\system32\win45630.dll |25/02/2007 00:01:44

C:\WINDOWS\system32\win47653.dll |22/02/2007 21:02:01

C:\WINDOWS\system32\win48624.dll |24/02/2007 20:05:51

C:\WINDOWS\system32\win50741.dll |23/02/2007 00:06:40

C:\WINDOWS\system32\win51778.dll |23/02/2007 21:09:40

C:\WINDOWS\system32\win51878.dll |24/02/2007 04:01:28

C:\WINDOWS\system32\win52965.dll |23/02/2007 17:01:45

C:\WINDOWS\system32\win5643.dll |24/02/2007 04:00:41

C:\WINDOWS\system32\win58202.dll |24/02/2007 16:08:59

C:\WINDOWS\system32\win58311.dll |23/02/2007 13:36:30

C:\WINDOWS\system32\win61058.dll |22/02/2007 17:05:13

C:\WINDOWS\system32\win61734.dll |24/02/2007 20:06:04

C:\WINDOWS\system32\win62575.dll |22/02/2007 21:02:16

C:\WINDOWS\system32\win628.dll |23/02/2007 17:03:04

C:\WINDOWS\system32\win63707.dll |24/02/2007 20:05:01

C:\WINDOWS\system32\win65018.dll |24/02/2007 04:01:41

C:\WINDOWS\system32\win6559.dll |23/02/2007 21:08:55

C:\WINDOWS\system32\win825.dll |22/02/2007 21:01:15

C:\WINDOWS\system32\win87em.dll |28/06/2002 20:56:53

C:\WINDOWS\system32\win8872.dll |24/02/2007 00:04:49

C:\WINDOWS\system32\wmdrtc32.dll |25/02/2007 03:11:21

C:\WINDOWS\system32\Wnaspint.dll |09/02/2007 19:41:30

C:\WINDOWS\system32\wpcap.dll |18/12/2006 16:32:26

C:\WINDOWS\system32\wrap_oal.dll |03/01/2007 00:11:54

C:\WINDOWS\system32\xvidcore.dll |31/10/2006 00:08:50

C:\WINDOWS\system32\zlcomm.dll |29/11/2006 18:49:11

C:\WINDOWS\system32\zlcommdb.dll |29/11/2006 18:49:11

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 9856-D1BD

 

Répertoire de C:\WINDOWS\system32

 

28/06/2002 20:36 4 096 csrss.exe

1 fichier(s) 4 096 octets

0 Rép(s) 33 923 342 336 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 9856-D1BD

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

24/02/2007 05:45 <REP> .

24/02/2007 05:45 <REP> ..

23/10/2006 20:19 65 desktop.ini

25/06/2006 11:50 1 793 erma.inf

22/11/2006 23:22 372 736 GAME_UNO1.dll

22/11/2006 20:50 316 GAME_UNO1.INF

12/10/2006 04:07 896 jinstall-1_5_0_09.inf

27/07/2006 12:52 367 LegitCheckControl.inf

29/05/2003 15:00 160 864 messengerstatsclient.dll

29/01/2007 09:46 234 536 MessengerStatsPAClient.dll

20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd

29/05/2003 15:00 84 064 minesweeper.dll

27/01/2004 18:14 2 299 mp43dmo.inf

29/05/2003 15:00 77 408 msgrchkr.dll

03/06/2004 10:05 524 445 RdxIE.dll

09/11/2006 14:36 5 019 swflash.inf

27/05/2003 18:24 233 472 yacscom.dll

25/05/2003 14:47 233 yacscom.inf

24/01/2007 17:39 149 544 ZIntro.ocx

17 fichier(s) 1 849 219 octets

 

Total des fichiers listés :

17 fichier(s) 1 849 219 octets

2 Rép(s) 33 923 342 336 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

 

 

 

Liste des programmes installes

 

a-squared Anti-Malware 2.1

Acoustica Audio Converter Pro

Ad-Aware SE Personal

Adobe Flash Player 9 ActiveX

Adobe Shockwave Player

Alcatel SpeedTouch USB Software

Apple Software Update

Archiveur WinRAR

Audacity 1.2.6

AutoUpdate

avast! Antivirus

AVG Anti-Spyware 7.5

AVS Audio Tools version 4.3

AW IP Locator

BlazeDVD 5.0 Standard

Canon PowerShot A40 WIA Driver

CCleaner (remove only)

CDex extraction audio

Correctif Windows XP - Article Base de Connaissances 834707

Correctif Windows XP - KB823559

Correctif Windows XP - KB828741

Correctif Windows XP - KB835732

Correctif Windows XP - KB842773

Creative WebCam NX Pro Driver (1.03.03.0326)

Direct MIDI to MP3 Converter 3.0

DivX Codec

DivX Content Uploader

DivX Converter

DivX Player

DivX Web Player

Détecteur de flux Windows Live Toolbar

DVD X Player 4.0 Professionnel

EarMaster Pro 4

eMule

Extension MSN pour Windows Live Toolbar

FairStars Audio Converter 1.55

ffdshow

Free Download Manager 2.1

FTP Expert 3

Google Toolbar for Firefox

Google Toolbar for Internet Explorer

Guitar Pro 5.1

HijackThis 1.99.1

iTunes

J2SE Runtime Environment 5.0 Update 10

J2SE Runtime Environment 5.0 Update 9

Jetico Personal Firewall 1.0

K-Lite Codec Pack 2.77 Basic

Le Centre de Contrôle de Licences de Syncrosoft

Lexmark Supplies Monitor

Lexmark Z55

Line 6 Drivers 3.2.9.2 (Remove Only)

Line 6 Monkey 1.16 (Remove Only)

LMSOFT Web Creator Pro 3

M6Video version 2.1.1.114

Macromedia Dreamweaver 8

Macromedia Extension Manager

Messenger Plus! Live

Microsoft .NET Framework 1.1

Microsoft Office XP Professional

Microsoft Windows Journal Viewer

MIDI to MP3 Converter

MIDI TO MP3 MAKER version 3.1

Midi2Wav Recorder 3.7 DEMO

MidiMeow 1.02 v3

mIRC

Mozilla Firefox (1.5.0.10)

MP3 WAV Converter 3.18

Navigation par onglets (Windows Live Toolbar)

NVIDIA Drivers

OpenAL

Package du correctif Windows XP [voir Q329115 pour plus de détails]

Power MIDI to MP3 1.6

Power Tab Editor 1.7

QuickTime

RealPlayer

RUNAWAY 2 - The dream of the turtle - DEMO

Safety Bar

SecondLife (remove only)

Skype 3.0

Skype Plugin Manager

Sonic Riders Demo Uninstall

SoundMAX

Steam

Switch

SyncroSoft Emu (Remove only)

Tom Clancy's Splinter Cell Double Agent Demo

VMN Toolbar

WebFldrs XP

Winamp (remove only)

Windows Installer 3.0 (KB884016)

Windows Live Messenger

Windows Live Sign-in Assistant

Windows Live Toolbar

Windows Live Toolbar

Windows Media Format Runtime

Windows XP Hotfix (SP1) [see Q329048 for more information]

Windows XP Hotfix (SP1) [see Q329390 for more information]

Windows XP Hotfix (SP1) [see Q329441 for more information]

Windows XP Hotfix (SP1) [see Q329834 for more information]

Windows XP Hotfix (SP1) Q329170

Windows XP Hotfix (SP1) Q810577

Windows XP Hotfix (SP1) Q810833

Windows XP Hotfix (SP1) Q815021

Windows XP Hotfix (SP1) Q817606

Yahoo! Toolbar

Yahoo! Toolbar

 

 

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 9856-D1BD

 

Répertoire de C:\Program Files

 

23/02/2007 00:13 <REP> .

23/02/2007 00:13 <REP> ..

09/02/2007 19:43 <REP> Acoustica Audio Converter Pro

23/10/2006 20:27 <REP> Alcatel

28/11/2006 11:56 <REP> Alwil Software

23/10/2006 20:33 <REP> Analog Devices

27/10/2006 19:42 <REP> Apple Software Update

30/01/2007 21:30 <REP> a-squared Anti-Malware

10/01/2007 01:48 <REP> Atelier Web

18/02/2007 16:41 <REP> Audacity

18/02/2007 17:33 <REP> AVSMedia

19/02/2007 02:24 <REP> BlazeVideo

01/11/2006 20:11 <REP> Canon

30/01/2007 21:33 <REP> CCleaner

09/02/2007 19:32 <REP> CDex_170b2

23/10/2006 20:17 <REP> ComPlus Applications

04/11/2006 12:49 <REP> DeliPlayer2

09/02/2007 19:04 <REP> Direct MIDI to MP3 Converter

31/10/2006 22:58 <REP> DivX

19/02/2007 02:20 <REP> DVD X Player 4.0 Professionnel

27/01/2007 04:02 <REP> EarMaster

25/02/2007 02:43 <REP> eMule

09/02/2007 19:49 <REP> FairStars Audio Converter

05/11/2006 01:34 <REP> ffdshow

18/02/2007 17:33 <REP> Fichiers communs

02/01/2007 12:28 <REP> Free Download Manager

03/11/2006 02:09 <REP> Google

04/02/2007 14:18 <REP> Grisoft

30/10/2006 21:49 <REP> Guitar Pro 5

29/12/2006 14:43 2 068 History.txt

18/11/2006 14:25 <REP> Internet Explorer

15/12/2006 03:14 <REP> iPod

15/12/2006 03:15 <REP> iTunes

04/02/2007 00:48 <REP> Java

06/02/2007 22:40 <REP> Jetico

28/11/2006 12:11 <REP> Kaspersky Lab

01/12/2006 02:16 <REP> Kazaa

31/10/2006 00:08 <REP> K-Lite Codec Pack

06/02/2007 23:13 <REP> Lavasoft

18/02/2007 16:15 <REP> Line6

03/02/2007 14:29 <REP> M6Video

18/11/2006 14:53 <REP> Macromedia

28/01/2007 16:10 <REP> Messenger

09/12/2006 05:01 <REP> Messenger Plus! Live

23/10/2006 20:21 <REP> microsoft frontpage

15/11/2006 16:40 <REP> Microsoft Office

09/02/2007 19:08 <REP> MIDI to MP3 Converter

09/02/2007 19:29 <REP> midi2mp3

09/02/2007 19:01 <REP> Midi2Wav Recorder

09/02/2007 19:29 <REP> MidiMeow

18/11/2006 14:27 <REP> Mindscape

14/01/2007 04:14 <REP> mIRC

23/10/2006 20:18 <REP> Movie Maker

25/02/2007 03:13 <REP> Mozilla Firefox

01/11/2006 01:20 <REP> MP3 WAV Converter

23/10/2006 20:58 <REP> MSN

23/10/2006 20:17 <REP> MSN Gaming Zone

11/02/2007 01:07 <REP> MSN Messenger

09/02/2007 19:33 <REP> NCH Swift Sound

30/01/2007 02:06 <REP> NetMeeting

03/01/2007 00:11 <REP> OpenAL

29/12/2006 14:44 883 Options.txt

23/10/2006 20:18 <REP> Outlook Express

24/11/2006 21:14 <REP> PENDULO Studios

09/02/2007 19:26 <REP> Power MIDI to MP3

21/12/2006 20:22 <REP> Power Tab Software

02/02/2007 20:39 <REP> QuickTime

03/11/2006 15:41 <REP> Real

29/12/2006 14:39 366 080 regsearch.exe

23/01/2007 13:44 <REP> SecondLife

29/10/2006 21:33 <REP> SEGA

23/10/2006 20:17 <REP> Services en ligne

05/02/2007 23:01 <REP> Skype

04/02/2007 12:19 <REP> Spybot - Search & Destroy

25/02/2007 03:11 <REP> Steam

18/02/2007 19:20 <REP> Syncrosoft

11/11/2006 22:03 <REP> Ubisoft

18/11/2006 14:16 <REP> Visicom Media

30/01/2007 02:34 <REP> vmntoolbar

08/02/2007 19:11 <REP> Winamp

12/11/2006 21:58 <REP> Windows Journal Viewer

23/10/2006 20:43 <REP> Windows Live Toolbar

18/02/2007 17:34 <REP> Windows Media Player

23/10/2006 20:17 <REP> Windows NT

23/10/2006 20:31 <REP> WinRAR

23/10/2006 20:21 <REP> xerox

25/10/2006 23:51 <REP> Yahoo!

3 fichier(s) 369 031 octets

84 Rép(s) 33 922 854 912 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 9856-D1BD

 

Répertoire de C:\Program Files\fichiers communs

 

18/02/2007 17:33 <REP> .

18/02/2007 17:33 <REP> ..

18/02/2007 17:34 <REP> AVSMedia

15/11/2006 16:41 <REP> Designer

18/11/2006 14:52 <REP> InstallShield

15/12/2006 23:39 <REP> Java

18/11/2006 14:56 <REP> Macromedia

15/11/2006 16:42 <REP> Microsoft Shared

23/10/2006 20:18 <REP> MSSoap

23/10/2006 21:13 <REP> ODBC

03/11/2006 15:42 <REP> Real

23/10/2006 20:18 <REP> Services

05/02/2007 19:17 <REP> Skype

23/10/2006 21:13 <REP> SpeechEngines

15/11/2006 16:40 <REP> System

03/11/2006 15:42 <REP> xing shared

0 fichier(s) 0 octets

16 Rép(s) 33 922 854 912 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 9856-D1BD

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

15/11/2006 16:42 <REP> .

15/11/2006 16:42 <REP> ..

15/11/2006 16:41 <REP> 1033

15/11/2006 16:42 <REP> 1036

15/02/2001 05:45 1 318 912 MSONSEXT.DLL

13/02/2001 08:23 58 784 MSOSV.DLL

03/06/1999 13:09 122 937 MSOWS409.DLL

07/03/2001 08:00 127 033 MSOWS40c.DLL

06/08/2000 09:04 401 462 MSVCP60.DLL

22/01/2001 03:25 69 632 PKMAXCTL.DLL

22/01/2001 03:25 872 448 PKMCDO.DLL

22/01/2001 03:25 159 744 PKMCORE.DLL

07/02/2001 09:59 106 496 PKMFORMS.DLL

12/02/2001 04:03 684 032 PKMRES.DLL

22/01/2001 03:25 28 672 PKMSSTLB.DLL

22/01/2001 03:25 40 960 PKMTEMPL.DLL

22/01/2001 03:25 24 576 PKMTRACE.DLL

22/01/2001 03:25 86 016 PKMWS.DLL

22/01/2001 03:25 237 568 PROMDEMO.DLL

22/01/2001 03:25 184 320 SECMGR.DLL

22/01/2001 03:25 323 584 VAIDDMGR.DLL

22/01/2001 03:25 32 768 VAIMEM.DLL

18 fichier(s) 4 879 944 octets

4 Rép(s) 33 922 854 912 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 9856-D1BD

 

Répertoire de C:\

 

21/02/2007 02:28 96 768 diff.exe

27/08/2006 14:10 132 096 grep.exe

2 fichier(s) 228 864 octets

0 Rép(s) 33 922 854 912 octets libres

c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe

c:\Documents and Settings\broly\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_16496df1.exe

c:\Documents and Settings\broly\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_18be6784.exe

c:\Documents and Settings\broly\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_294823.exe

c:\Documents and Settings\broly\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_2cd672ae.exe

c:\Documents and Settings\broly\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_4ae13d6c.exe

c:\Documents and Settings\broly\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_69525f90.exe

c:\Documents and Settings\broly\Application Data\Mozilla\Firefox\Profiles\cddk9pr1.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\unins000.exe

c:\Documents and Settings\broly\Bureau\a2AntiMalwareSetup.exe

c:\Documents and Settings\broly\Bureau\aawsepersonal(2).exe

c:\Documents and Settings\broly\Bureau\aawsepersonal.exe

c:\Documents and Settings\broly\Bureau\audacity-win-1.2.6.exe

c:\Documents and Settings\broly\Bureau\avgas-setup-7.5.0.50.exe

c:\Documents and Settings\broly\Bureau\avsaudiotools.exe

c:\Documents and Settings\broly\Bureau\BlazeDVDSetup-Standard.exe

c:\Documents and Settings\broly\Bureau\broly.exe

c:\Documents and Settings\broly\Bureau\ccsetup136.exe

c:\Documents and Settings\broly\Bureau\dxwebsetup.exe

c:\Documents and Settings\broly\Bureau\fdminst.exe

c:\Documents and Settings\broly\Bureau\Fixwareout.exe

c:\Documents and Settings\broly\Bureau\FlatOut2.exe

c:\Documents and Settings\broly\Bureau\fsaconv.exe

c:\Documents and Settings\broly\Bureau\gmer.exe

c:\Documents and Settings\broly\Bureau\hurl(2).exe

c:\Documents and Settings\broly\Bureau\hurl.exe

c:\Documents and Settings\broly\Bureau\ichigo 120 zettaizetsumei.exe

c:\Documents and Settings\broly\Bureau\idman505.exe

c:\Documents and Settings\broly\Bureau\jre-1_5_0_10-windows-i586-p-s(2).exe

c:\Documents and Settings\broly\Bureau\jre-1_5_0_10-windows-i586-p-s.exe

c:\Documents and Settings\broly\Bureau\kazaa_setup.exe

c:\Documents and Settings\broly\Bureau\m2winstall.exe

c:\Documents and Settings\broly\Bureau\midi2mp3_setup.exe

c:\Documents and Settings\broly\Bureau\mirc62.exe

c:\Documents and Settings\broly\Bureau\MPSetup.exe

c:\Documents and Settings\broly\Bureau\mwav(2).exe

c:\Documents and Settings\broly\Bureau\mwav(3).exe

c:\Documents and Settings\broly\Bureau\mwav.exe

c:\Documents and Settings\broly\Bureau\Namaka 01.exe

c:\Documents and Settings\broly\Bureau\Photoshop_CS2_F_TryOut(2).exe

c:\Documents and Settings\broly\Bureau\Photoshop_CS2_F_TryOut.exe

c:\Documents and Settings\broly\Bureau\SDFix.exe

c:\Documents and Settings\broly\Bureau\setup-oneclick-m6(2).exe

c:\Documents and Settings\broly\Bureau\SkypeSetup.exe

c:\Documents and Settings\broly\Bureau\spybotsd14(2).exe

c:\Documents and Settings\broly\Bureau\spybotsd14.exe

c:\Documents and Settings\broly\Bureau\SteamInstall.exe

c:\Documents and Settings\broly\Bureau\WGAPluginInstall.exe

c:\Documents and Settings\broly\Bureau\winpfind3u.exe

c:\Documents and Settings\broly\Bureau\wrar361fr.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\diff.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\Fport.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\grep.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\LFiles.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\pslist.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\streams.exe

c:\Documents and Settings\broly\Bureau\DiagHelp\swreg.exe

c:\Documents and Settings\broly\Bureau\doc\doc\R89530.EXE

c:\Documents and Settings\broly\Bureau\Hoster\Hoster.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\dumphive.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\GenericRenosFix.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\Process.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\Reboot.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\restart.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\SmiUpdate.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\SrchSTS.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\swreg.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\swsc.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\swxcacls.exe

c:\Documents and Settings\broly\Bureau\SmitfraudFix\unzip.exe

c:\Documents and Settings\broly\Bureau\Steinberg\Cubase SX 3\open_cubasesx3_application_data_folder.exe

c:\Documents and Settings\broly\Bureau\ZR_1.0.0.37\Zeb-Restore.exe

c:\Documents and Settings\broly\Local Settings\Temp\h2o.exe

c:\Documents and Settings\broly\Local Settings\Temp\icz80odu.exe

c:\Documents and Settings\broly\Local Settings\Temp\o65cilz6.exe

c:\Documents and Settings\broly\Local Settings\Temp\trueemu.exe

c:\Documents and Settings\broly\Local Settings\Temp\Wia_PS_A40_410\_ISDEL.EXE

c:\Documents and Settings\broly\Local Settings\Temp\Wia_PS_A40_410\SETUP.EXE

c:\Documents and Settings\broly\Local Settings\Temp\Wia_PS_A40_410\WIN_MEXP\PSCND113.EXE

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\defenc.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\fixrjb.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\mergedt.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\MSGROOT\rnxproc.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\PLAYER\realplay.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\PLAYERFILES\realjbox.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\PLAYERFILES\rphelperapp.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\RNADMIN\RealOneMessageCenter.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\TEMP\setreg.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\UPDATE\r1puninst.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\UPDATE\upgrdhlp.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\ZGOOGLE_DESKTOP\GDSSetup.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\ZGOOGLE_TOOLBAR\GoogleToolbarInstaller.exe

c:\Documents and Settings\broly\Local Settings\Temp\~rnsetup\ZGOOGLE_TOOLBAR\GoogleToolbarInstaller98.exe

c:\Documents and Settings\broly\Mes documents\avgas-signatures-full-current.exe

c:\Documents and Settings\broly\Mes documents\DVDXPlayerSetupPro_Fr.exe

c:\Documents and Settings\broly\Mes documents\mwav.exe

c:\Documents and Settings\broly\Mes documents\regsearch.exe

c:\Documents and Settings\broly\Mes documents\winpfind3u.exe

c:\Documents and Settings\broly\Mes documents\ArmADemo103\ArmaDemo103Setup.exe

c:\Documents and Settings\broly\Mes documents\Downloads\Compressed\battlefield_2142_demo_jouable_1_multi-langues_26113\setup.exe

c:\Documents and Settings\broly\Mes documents\dx90c\DXSETUP.exe

c:\Documents and Settings\broly\Mes documents\Mes fichiers reçus\R89530.EXE

c:\Documents and Settings\broly\Mes documents\powertab\InstMsiA.Exe

c:\Documents and Settings\broly\Mes documents\powertab\InstMsiW.Exe

c:\Documents and Settings\broly\Mes documents\powertab\Setup.Exe

c:\Documents and Settings\broly\Mes documents\Wia_PS_A40_410\_ISDEL.EXE

c:\Documents and Settings\broly\Mes documents\Wia_PS_A40_410\SETUP.EXE

c:\Documents and Settings\broly\Mes documents\Wia_PS_A40_410\WIN_MEXP\PSCND113.EXE

c:\Documents and Settings\broly\Mes documents\WinPFind3u\WinPFind3U.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winaagda.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winabflx.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winacfc.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winadsext.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winagerw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winamfvl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winanwfw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winapfm.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winauvu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winawomij.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winawsx.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winaxefd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winayed.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winayyp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbhox.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbhqw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbmamhp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbolo.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbqxp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbscy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbtjv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winbwos.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wincagbj.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winccrd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wincgav.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wincghdd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wincmhhr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wincnic.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wincqpbru.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wincytqte.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windaggwe.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winddvv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windhec.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windhjf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windiabh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windmqtru.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windnxupu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windpvhb.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windurkl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windutmr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\windwcv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winebyd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winedhsp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winedpsj.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wineewl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wineggv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winegyi.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winejylm.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winekqh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winemox.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winemwgsy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wineqicj.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wineqygcm.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wineuje.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winevpvnl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfdhcv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfeosb.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfjva.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfknd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfnaqgr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfsbvar.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfshs.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfspvc.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfxjb.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfxws.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winfyxyro.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wingcuy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wingjrhxi.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wingktlgp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wingvuid.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wingvweq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wingysa.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhejl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhewqts.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhfdbp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhhhbr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhhpq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhhsly.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhiybbp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhjagdt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhjff.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhjwwmv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhkyog.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhltr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhluff.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhmaiel.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhmggk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhqmoxk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhqoh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhspwvj.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhtcfn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winhxvrsm.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winidwnco.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winifmhuh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winiglym.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winijbty.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winikcimv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winilhwev.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winilpxqu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winiobunw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winiqnfw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winirpyis.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winisxbex.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winiuju.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjaiv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjaxa.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjbdly.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjfbaui.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjfoee.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjjiskn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjkydov.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjlymke.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjmunlk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjntiy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjqfuru.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjqsp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjrsyah.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjtmu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winjulg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkaoht.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkdfbmq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkgmnw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkjhqj.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winklms.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkosfy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkwdg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkyejg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winkyuan.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlaetr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlbul.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlhlqsc.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winljhug.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlqvs.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlsbwau.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlsjcpy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winltftno.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winltovv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlwcq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlxmang.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlyhcvl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winlyxwp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmdan.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmdfeq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmdiw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmepgm.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmhaj.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmhkn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmjixri.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmjtni.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmlfd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmljrv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmmyvn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmnwcmr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmrfnnx.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmvwsk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmyrmat.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winmyyfrr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnbfni.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winncnbrn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winndss.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnfnrv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnhnl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnial.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnikrv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnipro.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnixqhg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnofs.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winntvssi.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnuxcv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnvdsec.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winnwdv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winoacmm.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winocgf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winogbl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winoiakg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winokqs.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winonbn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winopap.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winoupj.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winowfd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpcir.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpidn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpooie.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpqtu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpsuvki.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpucsiu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpwcmm.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpyth.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winpyyka.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqgne.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqikenr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqjnw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqljay.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqlxw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqsdh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqsylly.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqtvbv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqvca.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqvsraf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winqyrju.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrcsra.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrdra.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrfhbyt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrhkppw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrimpt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrogdoy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrowpat.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrrtiht.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrsknh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winrvgfd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winryxpb.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsard.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winscidku.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winseeoms.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsfexxb.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsfnum.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsgjdo.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsjggvf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winskrkh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsnlg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsoubup.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsqwn.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winstge.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsukynt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winsvid.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winswjhor.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintcivkx.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintcjawl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintfkg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winthoofs.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintjnd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintmki.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintneeuq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintqabsx.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintrha.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winttqit.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintuddgy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\wintytsv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winufexk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winujtpgf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winukgi.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuovf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winupid.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuqqx.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winutsc.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuueay.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuuimpf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuuvmje.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuwnuy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuwwdew.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuyek.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuysguw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winuyvnw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvfog.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvgwxog.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvjhjda.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvjtjbq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvknymx.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvkqfq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvmesra.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvqkq.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvqyhe.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvreoau.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvrgl.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvswtuk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvtpdji.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvtuutt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvukdr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winvyim.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwfdk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwldo.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwmgrtk.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwmqt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwpdjpi.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwqbgnb.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwruhd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwudvfr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwufymh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwugdt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winwuvtd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxbjivv.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxeyu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxfog.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxguac.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxihp.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxjlo.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxkakfy.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxlftf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxlqng.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxmav.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxocdlt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxqjdqw.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxqxxgg.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxtsql.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxxax.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxycu.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxygec.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winxyyvpd.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winybkjh.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winybwlf.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winydid.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winygmc.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winygnbr.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winyhmt.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winykok.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winywjts.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winywox.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winyxipe.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winyxrpna.exe

c:\Documents and Settings\broly\Mes documents\WinPFind3u\MovedFiles\Documents and Settings\broly\Local Settings\Temp\winyyfte.exe

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\broly\Application Data\Macromedia\Dreamweaver 8\Configuration\Flash Player\FlashPlayerW.dll

c:\Documents and Settings\broly\Application Data\Mozilla\Firefox\Profiles\cddk9pr1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll

c:\Documents and Settings\broly\Application Data\Mozilla\Firefox\Profiles\cddk9pr1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll

c:\Documents and Settings\broly\Application Data\Mozilla\Firefox\Profiles\cddk9pr1.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\PNRComponent.dll

c:\Documents and Settings\broly\Application Data\Mozilla\Firefox\Profiles\cddk9pr1.default\extensions\{F12DF744-0CD1-48DE-96BF-12BB1074FF54}\components\OneclickFF.dll

 

Liste des drivers...

Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

salut :P

 

Le rapport que tu as posté est le bon!

 

Bon les fichiers sont éliminés, mais ils réapparaissent à chaque fois au reboot!!

 

Stp poste ce rapport>

 

-Télécharge silentrunners sur le bureau:

 

Dézippe le fichier dans un dossier .

Double clique sur le fichier "silentrunners.vbs" :une fenêtre va s'ouvrir ,clique sur "non" . Poste le rapport qui a été généré.

 

Télécharge AVZ sur ton bureau.

  • Dézippe le fichier : un dossier va se créer, il se nomme Avz4en.
  • Ouvre le dossier et double clique sur Avz.exe (le bouclier) pour lancer le programme.
  • Clique sur "File" (en haut à gauche) et sélectionne "On-line Automatic Updates et suis les instructions à l'écran.
  • Une fois les mises à jour installées, tu dois reçevoir un le message "Automatic Updates completed succesfully...".
  • Sur l'écran principal, clique sur Search Parameters règle le curseur "Heuristic analysis" au maximum.
  • A droite, clique sur "Perform Healing", puis clique sur "Start".
  • Lorsque le scan est terminé, clique sur le bouton "Save Log" à droite du panneau de scan.
  • Poste stp le rapport généré.

Modifié par charles ingals
Broly159 Member

Broly159

Posté(e)
  • Auteur
Posté(e)

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP

Output limited to non-default values, except where indicated by "{++}"

 

 

Startup items buried in registry:

---------------------------------

 

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS]

"ctfmon.exe" = "C:\WINDOWS\System32\ctfmon.exe" [MS]

"Free Download Manager" = "C:\Program Files\Free Download Manager\fdm.exe -autorun" [null data]

"Steam" = ""C:\Program Files\Steam\Steam.exe" -silent" ["Valve Corporation"]

"Skype" = ""C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]

"BlazeServoTool" = ""C:\Program Files\BlazeVideo\BlazeDVD 5 Standard\MediaDetector.exe"" ["BlazeVideo Company"]

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

"SpeedTouch USB Diagnostics" = ""C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon" ["THOMSON multimedia"]

"SoundMAXPnP" = "C:\Program Files\Analog Devices\Core\smax4pnp.exe" ["Analog Devices, Inc."]

"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]

"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]

"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]

"IMJPMIG8.1" = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" [MS]

"MSPY2002" = "C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC" [null data]

"PHIME2002ASync" = "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC" [MS]

"PHIME2002A" = "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName" [MS]

"iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]

"m6" = "C:\Program Files\M6Video\M6video.exe" ["1-Click Media Networks"]

"JeticoPFStartup" = ""C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe"" ["Jetico, Inc."]

"H2O" = "C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" ["Team H2O"]

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{02478D38-C3F9-4EFB-9B51-7695ECA05670}\(Default) = (no title provided)

-> {HKLM...CLSID} = "Yahoo! Toolbar Helper"

\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

-> {HKLM...CLSID} = "SSVHelper Class"

\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll" ["Sun Microsystems, Inc."]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)

-> {HKLM...CLSID} = "Windows Live Sign-in Helper"

\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)

-> {HKLM...CLSID} = "Google Toolbar Helper"

\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided)

-> {HKLM...CLSID} = "Windows Live Toolbar Helper"

\InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS]

{CC59E0F9-7E43-44FA-9FAA-8377850BF205}\(Default) = (no title provided)

-> {HKLM...CLSID} = "FDMIECookiesBHO Class"

\InProcServer32\(Default) = "C:\Program Files\Free Download Manager\iefdmcks.dll" [null data]

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"

-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"

\InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"

-> {HKLM...CLSID} = "HyperTerminal Icon Ext"

\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"

-> {HKLM...CLSID} = "Mes dossiers de partage"

\InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll" [MS]

"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"

-> {HKLM...CLSID} = "DesktopContext Class"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]

"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"

-> {HKLM...CLSID} = "NVIDIA CPL Extension"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

-> {HKLM...CLSID} = "Desktop Explorer"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

-> {HKLM...CLSID} = "nView Desktop Context Menu"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"

-> {HKLM...CLSID} = "RealOne Player Context Menu Class"

\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"

-> {HKLM...CLSID} = "Outlook File Icon Extension"

\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]

"{1EBC3533-B289-409F-9924-B84B3F0717D2}" = "AceFTP Context Menu Shell Extension"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll" ["Visicom Media Inc."]

"{AB77609F-2178-4E6F-9C4B-44AC179D937A}" = "a-squared Context Menu Shell Extension"

-> {HKLM...CLSID} = "a-squared context menu"

\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]

"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"

-> {HKLM...CLSID} = "iTunes"

\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]

"{472083B0-C522-11CF-8763-00608CC02F24}" = "avast"

-> {HKLM...CLSID} = "avast"

\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "AVG Anti-Spyware 7.5"

-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"

\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" ["Anti-Malware Development a.s."]

 

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"

-> {HKLM...CLSID} = "avast"

\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"

-> {HKLM...CLSID} = "CContextScan Object"

\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]

FTP Expert\(Default) = "{1EBC3533-B289-409F-9924-B84B3F0717D2}"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll" ["Visicom Media Inc."]

M2WShlExMenu\(Default) = "{DC6FA7E0-6666-11D5-8CE2-444553540000}"

-> {HKLM...CLSID} = "MP3ToWave Shell Extension"

\InProcServer32\(Default) = "C:\Program Files\Acoustica Audio Converter Pro\M2WShlEx.dll" ["Acoustica"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

 

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"

-> {HKLM...CLSID} = "CContextScan Object"

\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]

FTP Expert\(Default) = "{1EBC3533-B289-409F-9924-B84B3F0717D2}"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll" ["Visicom Media Inc."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

 

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"

-> {HKLM...CLSID} = "a-squared context menu"

\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]

avast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}"

-> {HKLM...CLSID} = "avast"

\InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"]

MP3ToWave\(Default) = "{DC6FA7E0-6666-11D5-8CE2-444553540000}"

-> {HKLM...CLSID} = "MP3ToWave Shell Extension"

\InProcServer32\(Default) = "C:\Program Files\Acoustica Audio Converter Pro\M2WShlEx.dll" ["Acoustica"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

 

HKLM\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

a2ContMenu\(Default) = "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"

-> {HKLM...CLSID} = "a-squared context menu"

\InProcServer32\(Default) = "C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL" ["Emsi Software GmbH"]

 

 

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

 

Note: detected settings may not have any effect.

 

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

 

"DisableRegistryTools" = (REG_DWORD) hex:0x00000000

{User Configuration|Administrative Templates|System|

Prevent access to registry editing tools}

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

 

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}

 

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}

 

 

Active Desktop and Wallpaper:

-----------------------------

 

Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

 

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

"Wallpaper" = "C:\Documents and Settings\broly\Mes documents\fggf.bmp"

 

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\broly\Mes documents\fggf.bmp"

 

 

Enabled Screen Saver:

---------------------

 

HKCU\Control Panel\Desktop\

"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]

 

 

Startup items in "broly" & "All Users" startup folders:

-------------------------------------------------------

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS]

 

 

Enabled Scheduled Tasks:

------------------------

 

"AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -Task" ["Apple Computer, Inc."]

"Check Updates for Windows Live Toolbar" -> launches: "C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE" [MS]

 

 

Winsock2 Service Provider DLLs:

-------------------------------

 

Namespace Service Providers

 

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

 

Transport Service Providers

 

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 17

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

 

 

Toolbars, Explorer Bars, Extensions:

------------------------------------

 

Toolbars

 

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"

-> {HKLM...CLSID} = "Windows Live Toolbar"

\InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

-> {HKLM...CLSID} = "&Google"

\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"

-> {HKLM...CLSID} = "Yahoo! Toolbar"

\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."]

 

HKLM\Software\Microsoft\Internet Explorer\Toolbar\

"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = (no title provided)

-> {HKLM...CLSID} = "Windows Live Toolbar"

\InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS]

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided)

-> {HKLM...CLSID} = "Yahoo! Toolbar"

\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)

-> {HKLM...CLSID} = "&Google"

\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

 

Extensions (Tools menu items, main toolbar menu buttons)

 

HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

"MenuText" = "Console Java (Sun)"

"CLSIDExtension" = "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}"

-> {HKCU...CLSID} = "Java Plug-in 1.5.0_10"

\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll" ["Sun Microsystems, Inc."]

-> {HKLM...CLSID} = "Java Plug-in 1.5.0_10"

\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll" ["Sun Microsystems, Inc."]

 

{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:\Program Files\Messenger\MSMSGS.EXE" [MS]

 

 

Miscellaneous IE Hijack Points

------------------------------

 

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

 

Added lines (compared with English-language version):

[strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/"

 

Missing lines (compared with English-language version):

[strings]: 1 line

 

 

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

 

AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe" ["Anti-Malware Development a.s."]

iPod Service, iPod Service, ""C:\Program Files\iPod\bin\iPodService.exe"" ["Apple Computer, Inc."]

LexBce Server, LexBceS, "C:\WINDOWS\system32\LEXBCES.EXE" ["Lexmark International, Inc."]

NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"]

Service Messenger Sharing Folders USN Journal Reader, usnjsvc, ""C:\Program Files\MSN Messenger\usnsvc.exe"" [MS]

Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]

 

 

Print Monitors:

---------------

 

HKLM\System\CurrentControlSet\Control\Print\Monitors\

Lexmark Network Port\Driver = "LEXLMPM.DLL" ["Lexmark International, Inc."]

 

 

----------

<<!>>: Suspicious data at a malware launch point.

 

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

DLL launch points, use the -supp parameter or answer "No" at the

first message box and "Yes" at the second message box.

---------- (total run time: 1304 seconds, including 7 seconds for message boxes)

 

 

 

 

 

 

 

 

 

 

 

 

AVZ Antiviral Toolkit log; AVZ version is 4.23

Scanning started at 25/02/2007 23:01:03

Database loaded: 89450 signatures, 2 NN profile, 55 scripts of healing, Signature database from 25.02.2007 11:08

Heuristic microprograms loaded : 367

Digital signatures of system files loaded: 56484

Heuristic analyzer mode: Maximum heuristics level

Healing mode: enabled

Windows version: 5.1.2600, ; AVZ is launched with administrator rights

1. Searching for rootkits and programs intercepting API functions

1.1 Searching for user-mode API hooks

Analysis kernel32.dll, export table found in section .text

Analysis ntdll.dll, export table found in section .text

Analysis user32.dll, export table found in section .text

Analysis advapi32.dll, export table found in section .text

Analysis ws2_32.dll, export table found in section .text

Analysis wininet.dll, export table found in section .text

Analysis rasapi32.dll, export table found in section .text

Analysis urlmon.dll, export table found in section .text

Analysis netapi32.dll, export table found in section .text

1.2 Searching for kernel-mode API hooks

Driver loaded successfully

SDT found (RVA=06D100)

Kernel ntoskrnl.exe found in the memory at the address 804D0000

SDT = 8053D100

KiST = 804F6FDC (284)

Function NtConnectPort (1F) intercepted (805790EC->F7A4A5BE), hook C:\WINDOWS\System32\Drivers\bcftdi.SYS

Function NtCreatePort (2E) intercepted (80579BC2->F7A4A50E), hook C:\WINDOWS\System32\Drivers\bcftdi.SYS

Function NtCreateThread (35) intercepted (805A3EC4->F7A4A3F8), hook C:\WINDOWS\System32\Drivers\bcftdi.SYS

Function NtOpenProcess (7A) intercepted (8059E4C2->F7F618AC), hook C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys

Function NtTerminateProcess (101) intercepted (805A5262->F7F61812), hook C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys

Function NtWriteVirtualMemory (115) intercepted (8058D388->F7A4A68A), hook C:\WINDOWS\System32\Drivers\bcftdi.SYS

Functions checked: 284, intercepted: 6, restored: 0

1.3 Checking IDT and SYSENTER

Analysis for CPU 1

Checking IDT and SYSENTER - complete

1.4 Searching for masking processes and drivers

Checking not performed as monitoring driver AVZPM is not installed

2. Scanning memory

Number of processes found: 38

Process c:\program files\mozilla firefox\firefox.exe contains network functionality (net.dll)

c:\windows\temp\winqgoyf.exe >>>>> Trojan-Spy.Win32.Goldun.lm deleted successfully

>>>To delete the file c:\windows\temp\winocqbd.exe reboot is required

c:\windows\temp\winocqbd.exe >>>>> Trojan-Spy.Win32.Goldun.lm deleted successfully

Number of modules loaded: 376

>>>To delete the file c:\windows\system32\wmdrtc32.dll reboot is required

c:\windows\system32\wmdrtc32.dll >>>>> Email-Worm.Win32.Warezov.et deleted successfully

Memory checking complete

3. Scanning disks

Automatic cleanup of programs' traces during the healing

4. Checking Winsock Layered Service Provider (SPI/LSP)

LSP settings checked. No errors detected

5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)

C:\WINDOWS\System32\NVWRSFR.DLL --> Suspicion for a Keylogger or Trojan DLL

C:\WINDOWS\System32\NVWRSFR.DLL>>> Behavioral analysis:

Behaviour typical for keyloggers not detected

Note: Do NOT delete suspicious files, send them for analysis (see FAQ for more details), because there are lots of useful hooking DLLs

6. Searching for opened TCP/UDP ports used by malicious programs

checking disabled by user

7. Heuristic system check

Checking complete

Files scanned: 414, extracted from archives: 0, malicious programs found 3

Scanning finished at 25/02/2007 23:01:30

Attention !!! Reboot is required to complete the process of healing.

Time of scanning: 00:00:28

If you have a suspicion on presence of viruses or questions on the suspected objects,

you can address http://virusinfo.info conference

Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

salut :P

 

Ok on va utiliser ce tool pour éliminer Goldun >

 

Télécharger haxfix.exe

et le sauvegarder sur le bureau.

  • Double cliquer sur haxfix.exe pour installer haxfix. (l'installation standard est c:\program Files\haxfix)
  • Cocher "Create a desktop icon"
  • Cliquer "Next"
  • Quand l'installation est terminée, s'assurer que "Launch HaxFix" est coché
  • Cliquer "Finish"

Une "fenêtre DOS" à fond rouge s'ouvre avec les options suivantes:

1. Make logfile (créer un rapport)

2. Run auto fix (lancer la réparation en mode automatique)

3. Run manual fix (lancer la réparation en mode manuel)

E. Exit Haxfix (quitter Haxfix)

  • Selectionner l'option 1. Make logfile en tapant 1 puis taper "Entrée"
  • Haxfix va analyser le système. Quand il a fini, un rapport s'ouvrira: haxlog.txt > (c:\haxlog.txt)
  • Copier le contenu de ce rapport et l'inclure (coller) dans votre réponse.

Modifié par charles ingals
Broly159 Member

Broly159

Posté(e)
  • Auteur
Posté(e)

HAXFIX logfile - by Marckie

 

version 4.37

27/02/2007 22:08:49,87

 

--- Checking for Haxdoor ---

 

checking for a3d files

a3d files not found

 

checking for matching notify keys

no matching notify keys found

 

checking for matching services

no matching services found

 

checking for matching safeboot services

no matching safeboot services found

 

checking for other Haxdoor-files

no other Haxdoor-files found

 

 

--- Checking for Goldun ---

 

 

checking for SSODL keys

no ssodl keys found

 

checking for notify keys

no notify keys found

 

checking for services

no services found

 

checking for other Goldun-files

wmdconf32.dll found

 

checking iexplore.exe

iexplore.exe is not infected

 

 

Finished!

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...