windows antivirus encoore lui

triton · le 30 août 2007

Ok : poste moi stp les rapports qui ont été générés : ils se trouvent ici > C:\ rapport.txt et C:\fixwareout\report.txt Poste les ainsi qu'un nouveau rapport hijackthis stp.

merci ce sera pour lundi maintenant

triton · le 4 septembre 2007

merci ce sera pour lundi maintenant

BONJOUR?

LA SUITE DES REJOUISSANCES /

SmitFraudFix v2.217

Rapport fait à 17:01:57,82, 30/08/2007

Executé à partir de E:\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est NTFS

Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

192.168.200.3 ad.doubleclick.net

192.168.200.3 ad.fastclick.net

192.168.200.3 ads.fastclick.net

192.168.200.3 ar.atwola.com

192.168.200.3 atdmt.com

192.168.200.3 avp.ch

192.168.200.3 avp.com

192.168.200.3 avp.ru

192.168.200.3 awaps.net

192.168.200.3 banner.fastclick.net

192.168.200.3 banners.fastclick.net

192.168.200.3 ca.com

192.168.200.3 click.atdmt.com

192.168.200.3 clicks.atdmt.com

192.168.200.3 customer.symantec.com

192.168.200.3 dispatch.mcafee.com

192.168.200.3 download.mcafee.com

192.168.200.3 downloads-us1.kaspersky-labs.com

192.168.200.3 downloads-us2.kaspersky-labs.com

192.168.200.3 downloads-us3.kaspersky-labs.com

192.168.200.3 downloads1.kaspersky-labs.com

192.168.200.3 downloads2.kaspersky-labs.com

192.168.200.3 downloads3.kaspersky-labs.com

192.168.200.3 downloads4.kaspersky-labs.com

192.168.200.3 engine.awaps.net

192.168.200.3 f-secure.com

192.168.200.3 fastclick.net

192.168.200.3 ftp.avp.ch

192.168.200.3 ftp.downloads1.kaspersky-labs.com

192.168.200.3 ftp.downloads2.kaspersky-labs.com

192.168.200.3 ftp.downloads3.kaspersky-labs.com

192.168.200.3 ftp.f-secure.com

192.168.200.3 ftp.kasperskylab.ru

192.168.200.3 ftp.sophos.com

192.168.200.3 ids.kaspersky-labs.com

192.168.200.3 kaspersky-labs.com

192.168.200.3 kaspersky.com

192.168.200.3 liveupdate.symantec.com

192.168.200.3 liveupdate.symantecliveupdate.com

192.168.200.3 mast.mcafee.com

192.168.200.3 mcafee.com

192.168.200.3 media.fastclick.net

192.168.200.3 my-etrust.com

192.168.200.3 nai.com

192.168.200.3 networkassociates.com

192.168.200.3 norton.com

192.168.200.3 phx.corporate-ir.net

192.168.200.3 rads.mcafee.com

192.168.200.3 secure.nai.com

192.168.200.3 securityresponse.symantec.com

192.168.200.3 service1.symantec.com

192.168.200.3 sophos.com

192.168.200.3 spd.atdmt.com

192.168.200.3 symantec.com

192.168.200.3 trendmicro.com

192.168.200.3 update.symantec.com

192.168.200.3 updates.symantec.com

192.168.200.3 updates1.kaspersky-labs.com

192.168.200.3 updates2.kaspersky-labs.com

192.168.200.3 updates3.kaspersky-labs.com

192.168.200.3 updates4.kaspersky-labs.com

192.168.200.3 updates5.kaspersky-labs.com

192.168.200.3 us.mcafee.com

192.168.200.3 vil.nai.com

192.168.200.3 viruslist.com

192.168.200.3 viruslist.ru

192.168.200.3 virusscan.jotti.org

192.168.200.3 virustotal.com

192.168.200.3 www.avp.ch

192.168.200.3 www.avp.com

192.168.200.3 www.avp.ru

192.168.200.3 www.awaps.net

192.168.200.3 www.ca.com

192.168.200.3 www.f-secure.com

192.168.200.3 www.fastclick.net

192.168.200.3 www.grisoft.com

192.168.200.3 www.kaspersky-labs.com

192.168.200.3 www.kaspersky.com

192.168.200.3 www.kaspersky.ru

192.168.200.3 www.mcafee.com

192.168.200.3 www.my-etrust.com

192.168.200.3 www.nai.com

192.168.200.3 www.networkassociates.com

192.168.200.3 www.sophos.com

192.168.200.3 www.symantec.com

192.168.200.3 www.trendmicro.com

192.168.200.3 www.viruslist.com

192.168.200.3 www.viruslist.ru

192.168.200.3 www.virustotal.com

192.168.200.3 www3.ca.com

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{FFA92BA0-7FD5-4866-B39D-58FC128F4843}: DhcpNameServer=10.0.0.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{FFA92BA0-7FD5-4866-B39D-58FC128F4843}: DhcpNameServer=10.0.0.1

HKLM\SYSTEM\CS3\Services\Tcpip\..\{FFA92BA0-7FD5-4866-B39D-58FC128F4843}: DhcpNameServer=10.32.235.18 10.0.0.1

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.1

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.1

HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=10.32.235.18 10.0.0.1

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Username "boss" - 2007-08-30 16:41:53 [Fixwareout edited 2007/07/05]

»»»»»Prerun check

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

"nameserver"="85.255.114.54 85.255.112.26" <Value cleared.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{4F24856B-E7B5-42FA-8898-F1B5156B6552}

"nameserver"="85.255.114.54,85.255.112.26" <Value cleared.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7A0DB3F8-E7A9-4D6E-BC8E-A3FDC4AD2558}

"nameserver"="85.255.114.54,85.255.112.26" <Value cleared.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{FFA92BA0-7FD5-4866-B39D-58FC128F4843}

"nameserver"="85.255.114.54,85.255.112.26" <Value cleared.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{0AD34A51-0577-4041-A095-B90383F744E9}

"DhcpNameServer"="85.255.114.54,85.255.112.26" <Value cleared.

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7A0DB3F8-E7A9-4D6E-BC8E-A3FDC4AD2558}

"DhcpNameServer"="85.255.114.54,85.255.112.26" <Value cleared.

Cache de résolution DNS vidé.

System was rebooted successfully.

»»»»» Postrun check

HKLM\SOFTWARE\~\Winlogon\ "System"=""

....

»»»»» Misc files.

....

»»»»» Checking for older varients.

....

»»»»» Current runs (hklm hkcu "run" Keys Only)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"

"IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"

"SigmatelSysTrayApp"="stsystra.exe"

"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

"DMXLauncher"="C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe"

"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"

"ISUSPM Startup"="C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"

"ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start"

"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""

"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"

"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"

"AAWTray"="C:\\Program Files\\Lavasoft\\Ad-Aware 2007\\AAWTray.exe"

"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"

"SDTray"="\"C:\\Program Files\\Spyware Doctor\\SDTrayApp.exe\""

"WinAVX"="C:\\WINDOWS\\system32\\WinAvXX.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

"DexStarter_IC-304V1"="\"C:\\Documents and Settings\\boss\\Application Data\\Color_Server_Client_Tools\\PrinterDriver\\IC-304V1\\DexRunner.bat\""

"WinAVX"="C:\\WINDOWS\\system32\\WinAvXX.exe"

....

Hosts file was reset, If you use a custom hosts file please replace it

»»»»» End report »»»»»

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 14:47:54, on 04/09/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.exe

C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Google\Gmail Notifier\gnotify.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Documents and Settings\boss\Application Data\Color_Server_Client_Tools\JRE\JRE1.4.2\bin\DEX_IC-304V1.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe

C:\Program Files\OpenOffice.org 2.2\program\soffice.exe

C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\wlancfg.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\boss\Mes documents\antivirus francis\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.fr/myway

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe

O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [DexStarter_IC-304V1] "C:\Documents and Settings\boss\Application Data\Color_Server_Client_Tools\PrinterDriver\IC-304V1\DexRunner.bat"

O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Moniteur & Configuration.lnk = ?

O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

O4 - Startup: system.exe

O4 - Global Startup: autorun.exe

O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\WINDOWS\wlancfg.exe

O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--

End of file - 9327 bytes

merci

Thanos · le 4 septembre 2007

salut

Il y a du mieux

Poste moi le rapport suivant à présent stp >

Télécharge WinPFind3U.exe sur ton bureau.

Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.
Sous le groupe Files Created Within sélectionne 60 days
Sous le groupe Files Modified Within sélectionne 60 days
Sous le groupe String Search sélectionne Non-Microsoft
Sous le groupe Additional Scans coche les cases >
Reg- Uninstall List
Reg- Security Settings
Reg- Software Policy Settings
Reg- Additional Folder Scans
A présent clique sur le bouton Run Scan dans la barre d'outils
Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.
Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.
Copie/Colle le contenu du rapport dans ta prochaine réponse.

@+

triton · le 4 septembre 2007

salut

Il y a du mieux

Poste moi le rapport suivant à présent stp >

Télécharge WinPFind3U.exe sur ton bureau.

Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.

Sous le groupe Files Created Within sélectionne 60 days

Sous le groupe Files Modified Within sélectionne 60 days

Sous le groupe String Search sélectionne Non-Microsoft

Sous le groupe Additional Scans coche les cases >
Reg- Uninstall List

Reg- Security Settings

Reg- Software Policy Settings

Reg- Additional Folder Scans

A présent clique sur le bouton Run Scan dans la barre d'outils

Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.

Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.

Copie/Colle le contenu du rapport dans ta prochaine réponse.

@+

voila voila

WinPFind3 logfile created on: 04/09/2007 15:33:28

WinPFind3U by OldTimer - Version 1.0.41 Folder = C:\Documents and Settings\boss\Bureau\WinPFind3u\

Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)

Internet Explorer (Version = 6.0.2900.2180)

510,09 Mb Total Physical Memory | 194,83 Mb Available Physical Memory | 38,20% Memory free

1,22 Gb Paging File | 0,68 Gb Available in Paging File | 56,16% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 229,76 Gb Total Space | 211,97 Gb Free Space | 92,26% Space Free

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Computer Name: FRANCIS

Current User Name: boss

Logged in as Administrator.

Current Boot Mode: Normal

[Processes - Non-Microsoft Only]

aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 1 | Size = 566616 bytes | Modified Date = 27/08/2007 14:38:50 | Attr = ]

aawtray.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\AAWTray.exe -> [Ver = 1, 0, 0, 1 | Size = 88024 bytes | Modified Date = 08/08/2007 15:53:16 | Attr = ]

ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 75128 bytes | Modified Date = 28/07/2007 00:03:34 | Attr = ]

ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 243064 bytes | Modified Date = 28/07/2007 00:03:08 | Attr = ]

ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 132472 bytes | Modified Date = 28/07/2007 00:03:28 | Attr = ]

ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 345464 bytes | Modified Date = 28/07/2007 00:02:20 | Attr = ]

aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 16248 bytes | Modified Date = 27/07/2007 23:52:46 | Attr = ]

ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4118 | Size = 380928 bytes | Modified Date = 04/08/2005 06:02:58 | Attr = ]

autorun.exe -> %AllUsersStartup%\autorun.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

dex_ic-304v1.exe -> %UserAppData%\Color_Server_Client_Tools\JRE\JRE1.4.2\bin\DEX_IC-304V1.EXE -> [Ver = | Size = 28771 bytes | Modified Date = 26/01/2004 18:58:48 | Attr = ]

dmxlauncher.exe -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 86016 bytes | Modified Date = 15/09/2004 03:01:00 | Attr = ]

dvdlauncher.exe -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 53248 bytes | Modified Date = 23/02/2005 18:19:56 | Attr = ]

gnotify.exe -> %ProgramFiles%\Google\Gmail Notifier\gnotify.exe -> Google Inc. [Ver = 1.0.25.0 | Size = 479232 bytes | Modified Date = 15/07/2005 23:48:34 | Attr = ]

hpcmpmgr.exe -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/05/2004 15:18:56 | Attr = ]

hpqimzone.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqimzone.exe -> Hewlett-Packard Co. [Ver = 053.000.013.000 | Size = 479232 bytes | Modified Date = 12/05/2005 00:33:52 | Attr = ]

hpqste08.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqste08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 204800 bytes | Modified Date = 12/05/2005 00:40:38 | Attr = ]

hpqtra08.exe -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 282624 bytes | Modified Date = 11/05/2005 23:23:26 | Attr = ]

hprblog.exe -> %ProgramFiles%\HP\Digital Imaging\Product Assistant\bin\hprblog.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 77824 bytes | Modified Date = 11/05/2005 23:16:22 | Attr = ]

hpzipm12.exe -> %System32%\HPZipm12.exe -> HP [Ver = 9, 0, 0, 0 | Size = 69632 bytes | Modified Date = 29/09/2004 12:14:36 | Attr = ]

iaanotif.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 5.0.1.1001 | Size = 139264 bytes | Modified Date = 25/04/2005 10:50:08 | Attr = ]

iaantmon.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> Intel Corporation [Ver = 5.0.1.1001 | Size = 86142 bytes | Modified Date = 25/04/2005 10:49:52 | Attr = ]

issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 27/07/2004 18:50:18 | Attr = ]

jusched.exe -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 19/11/2003 19:48:14 | Attr = ]

qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 01/09/2006 15:57:48 | Attr = ]

soffice.bin -> %ProgramFiles%\OpenOffice.org 2.2\program\soffice.bin -> OpenOffice.org [Ver = 1.09.9153 | Size = 2510848 bytes | Modified Date = 29/05/2007 15:48:16 | Attr = ]

soffice.exe -> %ProgramFiles%\OpenOffice.org 2.2\program\soffice.exe -> OpenOffice.org [Ver = 1.09.9153 | Size = 2359296 bytes | Modified Date = 29/05/2007 15:48:14 | Attr = ]

stsystra.exe -> %SystemRoot%\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4450.0 nd83 cp1 | Size = 339968 bytes | Modified Date = 23/03/2005 02:20:44 | Attr = ]

tfswctrl.exe -> %System32%\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 06/12/2004 03:05:00 | Attr = ]

winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.41.0 | Size = 322560 bytes | Modified Date = 31/08/2007 10:30:22 | Attr = ]

wlancfg.exe -> %SystemRoot%\wlancfg.exe -> Inventel [Ver = 3, 1, 0, 0 | Size = 1294336 bytes | Modified Date = 05/12/2003 19:50:10 | Attr = ]

wlanmonitor.exe -> %ProgramFiles%\802.11 Wireless LAN\WlanMonitor.exe -> ATMEL [Ver = 3, 3, 4, 52 | Size = 450560 bytes | Modified Date = 01/10/2003 15:27:44 | Attr = ]

[Win32 Services - Non-Microsoft Only]

(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 05/08/2004 14:00:00 | Attr = ]

(Planificateur LiveUpdate automatique) Planificateur LiveUpdate automatique [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> File not found

[Registry - Non-Microsoft Only]

< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

{0228e555-4f9c-4e35-a3ec-b109a192b4c2} -> %ProgramFiles%\Google\Gmail Notifier\gnotify.exe -> Google Inc. [Ver = 1.0.25.0 | Size = 479232 bytes | Modified Date = 15/07/2005 23:48:34 | Attr = ]

AAWTray -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\AAWTray.exe -> [Ver = 1, 0, 0, 1 | Size = 88024 bytes | Modified Date = 08/08/2007 15:53:16 | Attr = ]

avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 75128 bytes | Modified Date = 28/07/2007 00:03:34 | Attr = ]

dla -> %System32%\dla\tfswctrl.exe -> Sonic Solutions [Ver = 1.04.08a | Size = 127035 bytes | Modified Date = 06/12/2004 03:05:00 | Attr = ]

DMXLauncher -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [Ver = | Size = 86016 bytes | Modified Date = 15/09/2004 03:01:00 | Attr = ]

DVDLauncher -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 53248 bytes | Modified Date = 23/02/2005 18:19:56 | Attr = ]

HP Component Manager -> %ProgramFiles%\HP\hpcoretech\hpcmpmgr.exe -> Hewlett-Packard Company [Ver = 2.1.1.0 | Size = 241664 bytes | Modified Date = 12/05/2004 15:18:56 | Attr = ]

IAAnotif -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 5.0.1.1001 | Size = 139264 bytes | Modified Date = 25/04/2005 10:50:08 | Attr = ]

ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 27/07/2004 18:50:42 | Attr = ]

ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 27/07/2004 18:50:18 | Attr = ]

QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 7.1.3 | Size = 282624 bytes | Modified Date = 01/09/2006 15:57:48 | Attr = ]

SigmatelSysTrayApp -> %SystemRoot%\stsystra.exe -> SigmaTel, Inc. [Ver = 1.0.4450.0 nd83 cp1 | Size = 339968 bytes | Modified Date = 23/03/2005 02:20:44 | Attr = ]

SunJavaUpdateSched -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 19/11/2003 19:48:14 | Attr = ]

WinAVX -> %System32%\WinAvXX.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->

IMAIL -> Installed = 1 ->

MAPI -> Installed = 1 ->

MSFS -> Installed = 1 ->

< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

DexStarter_IC-304V1 -> %UserAppData%\Color_Server_Client_Tools\PrinterDriver\IC-304V1\DexRunner.bat -> [Ver = | Size = 438 bytes | Modified Date = 22/06/2007 17:45:14 | Attr = ]

WinAVX -> %System32%\WinAvXX.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

< Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->

-> %AllUsersStartup%\autorun.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

%AllUsersStartup%\Démarrage rapide du logiciel HP Image Zone.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqthb08.exe -> Hewlett-Packard Co. [Ver = 053.000.013.000 | Size = 73728 bytes | Modified Date = 12/05/2005 00:49:24 | Attr = ]

%AllUsersStartup%\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 53.0.13.000 | Size = 282624 bytes | Modified Date = 11/05/2005 23:23:26 | Attr = ]

< User Startup > -> C:\Documents and Settings\boss\Menu Démarrer\Programmes\Démarrage ->

%UserStartup%\Moniteur & Configuration.lnk -> %ProgramFiles%\802.11 Wireless LAN\WlanMonitor.exe -> ATMEL [Ver = 3, 3, 4, 52 | Size = 450560 bytes | Modified Date = 01/10/2003 15:27:44 | Attr = ]

%UserStartup%\OpenOffice.org 2.2.lnk -> %ProgramFiles%\OpenOffice.org 2.2\program\quickstart.exe -> [Ver = | Size = 393216 bytes | Modified Date = 02/02/2007 17:54:56 | Attr = ]

-> %UserStartup%\system.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->

< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->

C:\WINDOWS\system32\printer.exe -> %System32%\printer.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableTaskMgr -> 1 ->

< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoWindowsUpdate -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 ->

< HOSTS File > (3457 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->

192.168.200.3 ad.doubleclick.net -> ->

192.168.200.3 ad.fastclick.net -> ->

192.168.200.3 ads.fastclick.net -> ->

192.168.200.3 ar.atwola.com -> ->

192.168.200.3 atdmt.com -> ->

192.168.200.3 avp.ch -> ->

192.168.200.3 avp.com -> ->

192.168.200.3 avp.ru -> ->

192.168.200.3 awaps.net -> ->

192.168.200.3 banner.fastclick.net -> ->

192.168.200.3 banners.fastclick.net -> ->

192.168.200.3 ca.com -> ->

192.168.200.3 click.atdmt.com -> ->

192.168.200.3 clicks.atdmt.com -> ->

192.168.200.3 customer.symantec.com -> ->

192.168.200.3 dispatch.mcafee.com -> ->

192.168.200.3 download.mcafee.com -> ->

192.168.200.3 download.microsoft.com -> ->

192.168.200.3 downloads-us1.kaspersky-labs.com -> ->

192.168.200.3 downloads-us2.kaspersky-labs.com -> ->

192.168.200.3 downloads-us3.kaspersky-labs.com -> ->

192.168.200.3 downloads.microsoft.com -> ->

192.168.200.3 downloads1.kaspersky-labs.com -> ->

192.168.200.3 downloads2.kaspersky-labs.com -> ->

192.168.200.3 downloads3.kaspersky-labs.com -> ->

192.168.200.3 downloads4.kaspersky-labs.com -> ->

192.168.200.3 engine.awaps.net -> ->

192.168.200.3 f-secure.com -> ->

192.168.200.3 fastclick.net -> ->

192.168.200.3 ftp.avp.ch -> ->

192.168.200.3 ftp.downloads1.kaspersky-labs.com -> ->

192.168.200.3 ftp.downloads2.kaspersky-labs.com -> ->

192.168.200.3 ftp.downloads3.kaspersky-labs.com -> ->

192.168.200.3 ftp.f-secure.com -> ->

192.168.200.3 ftp.kasperskylab.ru -> ->

192.168.200.3 ftp.sophos.com -> ->

192.168.200.3 go.microsoft.com -> ->

192.168.200.3 ids.kaspersky-labs.com -> ->

192.168.200.3 kaspersky-labs.com -> ->

192.168.200.3 kaspersky.com -> ->

192.168.200.3 liveupdate.symantec.com -> ->

192.168.200.3 liveupdate.symantecliveupdate.com -> ->

192.168.200.3 mast.mcafee.com -> ->

192.168.200.3 mcafee.com -> ->

192.168.200.3 media.fastclick.net -> ->

192.168.200.3 microsoft.com -> ->

192.168.200.3 msdn.microsoft.com -> ->

192.168.200.3 my-etrust.com -> ->

192.168.200.3 nai.com -> ->

192.168.200.3 networkassociates.com -> ->

192.168.200.3 norton.com -> ->

192.168.200.3 office.microsoft.com -> ->

192.168.200.3 pandasoftware.com -> ->

192.168.200.3 phx.corporate-ir.net -> ->

192.168.200.3 rads.mcafee.com -> ->

192.168.200.3 secure.nai.com -> ->

192.168.200.3 securityresponse.symantec.com -> ->

192.168.200.3 service1.symantec.com -> ->

192.168.200.3 sophos.com -> ->

192.168.200.3 spd.atdmt.com -> ->

192.168.200.3 support.microsoft.com -> ->

192.168.200.3 symantec.com -> ->

192.168.200.3 trendmicro.com -> ->

192.168.200.3 update.symantec.com -> ->

192.168.200.3 updates.symantec.com -> ->

192.168.200.3 updates1.kaspersky-labs.com -> ->

192.168.200.3 updates2.kaspersky-labs.com -> ->

192.168.200.3 updates3.kaspersky-labs.com -> ->

192.168.200.3 updates4.kaspersky-labs.com -> ->

192.168.200.3 updates5.kaspersky-labs.com -> ->

192.168.200.3 us.mcafee.com -> ->

192.168.200.3 vil.nai.com -> ->

192.168.200.3 viruslist.com -> ->

192.168.200.3 viruslist.ru -> ->

192.168.200.3 virusscan.jotti.org -> ->

192.168.200.3 virustotal.com -> ->

192.168.200.3 windowsupdate.microsoft.com -> ->

192.168.200.3 www.avp.ch -> ->

192.168.200.3 www.avp.com -> ->

192.168.200.3 www.avp.ru -> ->

192.168.200.3 www.awaps.net -> ->

192.168.200.3 www.ca.com -> ->

192.168.200.3 www.f-secure.com -> ->

192.168.200.3 www.fastclick.net -> ->

192.168.200.3 www.grisoft.com -> ->

192.168.200.3 www.kaspersky-labs.com -> ->

192.168.200.3 www.kaspersky.com -> ->

192.168.200.3 www.kaspersky.ru -> ->

192.168.200.3 www.mcafee.com -> ->

192.168.200.3 www.microsoft.com -> ->

192.168.200.3 www.my-etrust.com -> ->

192.168.200.3 www.nai.com -> ->

192.168.200.3 www.networkassociates.com -> ->

192.168.200.3 www.pandasoftware.com -> ->

192.168.200.3 www.sophos.com -> ->

192.168.200.3 www.symantec.com -> ->

192.168.200.3 www.trendmicro.com -> ->

192.168.200.3 www.viruslist.com -> ->

192.168.200.3 www.viruslist.ru -> ->

192.168.200.3 www.virustotal.com -> ->

192.168.200.3 www3.ca.com -> ->

< Internet Explorer Settings > -> ->

HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->

HKLM: Main\\Default_Search_URL -> http://www.google.com/ie ->

HKLM: Local Page -> C:\windows\system32\blank.htm ->

HKLM: Search Page -> http://www.google.com ->

HKLM: Start Page -> http://www.google.com ->

HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->

HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->

HKCU: Default_Page_URL -> http://www.dell.fr/myway ->

HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->

HKCU: Search Bar -> http://www.google.com/ie ->

HKCU: Search Page -> http://www.google.com ->

HKCU: Start Page -> http://www.google.fr/ ->

HKCU: URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

HKCU: ProxyEnable -> 0 ->

< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

msn.com [ - ] -> ->

< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->

{FE54FA40-D68C-11D2-98FA-00C0F0318AFE} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->

ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Data - Key not found [MenuText: Console Java (Sun)] -> File not found

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [buttonText: Recherche] -> File not found

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found

< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->

E&xporter vers Microsoft Excel -> -> File not found

< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->

SV1 -> ->

< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->

{4F24856B-E7B5-42FA-8898-F1B5156B6552} -> (ATMEL USB FastVNET (505A)) ->

{7A0DB3F8-E7A9-4D6E-BC8E-A3FDC4AD2558} -> (ATMEL USB FastVNET (505A)) ->

{FFA92BA0-7FD5-4866-B39D-58FC128F4843} -> (Intel® PRO/100 VE Network Connection) ->

< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->

cetihpz -> %ProgramFiles%\HP\hpcoretech\comp\hpuiprot.dll -> Hewlett-Packard Company [Ver = 2.1.5 | Size = 81920 bytes | Modified Date = 12/05/2004 15:18:56 | Attr = ]

ipp -> Reg Data - Key not found -> File not found

msdaipp -> Reg Data - Key not found -> File not found

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->

{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.4.2_03 - CodeBase = http://java.sun.com/products/plugin/autodl...indows-i586.cab ->

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_03 - CodeBase = http://java.sun.com/products/plugin/autodl...indows-i586.cab ->

{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab ->

[Registry - Additional Scans - Non-Microsoft Only]

< Security Settings > -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center not found. -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> RpcSs; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 59553 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\winav.exe -> %windir%\system32\winav.exe:*:Enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\boss\Application Data\Color_Server_Client_Tools\JRE\JRE1.4.2\bin\DEX_IC-304V1.EXE -> C:\Documents and Settings\boss\Application Data\Color_Server_Client_Tools\JRE\JRE1.4.2\bin\DEX_IC-304V1.EXE:*:Enabled:DEX_IC-304V1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Outlook Express\msimn.exe -> C:\Program Files\Outlook Express\msimn.exe:*:Enabled:Outlook Express ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\winav.exe -> %windir%\system32\winav.exe:*:Enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

< Software Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventAutoRun -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes -> ADE;ADP;BAS;BAT;CHM;CMD;COM;CPL;CRT;EXE;HLP;HTA;INF;INS;ISP;LNK;MDB;MDE;MSC;MSI;MSP;MST;OCX;PCD;PIF;REG;SCR;SHS;URL;VB;WSC; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> ^«0O•zI‰j

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize -> ; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> g°Ô‹4:?Ó¼éÜdgó” ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize -> ; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> 2xÜþøÈ“ÜŠ°Ý„} ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize -> –; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> ½š*ÛBëØV%Mø/g ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize -> å; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> 8k_„ìöiÓk•j"À€ ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize -> r; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> ->

< Software Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\policies\ ->

HKEY_CURRENT_USER\Software\Policies\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->

< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->

{0228e555-4f9c-4e35-a3ec-b109a192b4c2} -> Google Gmail Notifier ->

{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7} -> PhotoGallery ->

{075473F5-846A-448B-BCB3-104AA1760205} -> Sonic RecordNow Data ->

{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3} -> Destinations ->

{0BD820A5-767A-40F5-8A8A-DAFCC62F36A7} -> Graphiplus 10.3 ->

{0BEDBD4E-2D34-47B5-9973-57E62B29307C} -> Panneau de contrôle ATI ->

{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -> Sonic DLA ->

{15EE79F4-4ED1-4267-9B0F-351009325D7D} -> HP Software Update ->

{17E27BFB-BD58-11d2-AFC1-00C04F72FB3E} -> VBA (2720. ->

{1D3C662A-F6C6-4767-A788-7AA43A9A1317} -> ARTEuro ->

{1F63ED0B-EDD2-4037-B6AB-1358C624AF48} -> Scan ->

{21657574-BD54-48A2-9450-EB03B2C7FC29} -> Sonic MyDVD LE ->

{21DB3D90-D816-4092-A260-CA3F6B55A6DD} -> Sonic_PrimoSDK ->

{23A7B376-BBEC-4e76-BBD7-0F155E70D74B} -> CP_Panorama1Config ->

{2405665A-16C9-4D3A-B70E-F006220E1472} -> Overland ->

{267868CE-6DFF-40F7-9C58-C01119B7B117} -> Fax ->

{2BBC9458-07CA-4843-848B-5C8146E5EFA8} -> CreativeProjects ->

{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C} -> Unload ->

{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Sonic Update Manager ->

{30C19FF2-7FBA-4d09-B9DE-1659977F64F6} -> TrayApp ->

{32BDCCB8-9DC8-496d-9DB1-F77510775BDB} -> InstantShareDevices ->

{34A59AC3-6C5C-4A09-A7F5-369A37176C8A} -> AiOSoftware ->

{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP ->

{35BDEFF1-A610-4956-A00D-15453C116395} -> Internet Explorer Default Page ->

{36BD0774-6CD6-4FF9-A148-83CA09AC123E} -> Intel® PROSafe for Wired Connections ->

{36E47DA1-10E1-45d9-8B19-14D19607CDCF} -> CP_CalendarTemplates1 ->

{37477865-A3F1-4772-AD43-AAFC6BCFF99F} -> MSXML 4.0 SP2 (KB927978) ->

{3AE681E0-4E8D-453F-950A-48534D3C0724} -> Copy ->

{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF} -> HPSystemDiagnostics ->

{403EF592-953B-4794-BCEF-ECAB835C2095} -> Intel® PROSafe for Wired Connections ->

{4192EAC0-6B36-4723-B216-D0E86E7757AC} -> Jasc Paint Shop Photo Album 5 ->

{419805D6-75A0-4981-BC8F-9FF97EC6B03A} -> OpenOffice.org 2.2 ->

{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C} -> FullDPAppQFolder ->

{56EE8B17-8274-418d-89AC-C057C5DB251E} -> RandMap ->

{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE} -> WebReg ->

{5905F42D-3F5F-4916-ADA6-94A3646AEE76} -> Dell Driver Reset Tool ->

{597D73A8-5FDB-4bc1-9893-40B54459F1BC} -> ProductContext ->

{5A01C58E-B0EC-49b9-AD71-7C0468688087} -> CP_Package_Basic1 ->

{5B622B7A-60FB-4630-B11D-F121D20BCCD6} -> MarketResearch ->

{5F26311C-B135-4F7F-B11E-8E650F83651E} -> DeviceFunctionQFolder ->

{64D114CE-4234-45C2-B60A-2B07D5A48F72} -> Microsoft Works 7.0 ->

{66BA8C26-AFE4-4408-807B-43E76B57EF53} -> SkinsHP1 ->

{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8} -> eSupportQFolder ->

{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD 5.5 ->

{6BD4B0B5-3359-4932-BF94-C805EE83E710} -> 2350_Help ->

{6CD27A25-D4A5-4e25-86B1-36EBBA2BA279} -> 2350Trb ->

{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15} -> CustomerResearchQFolder ->

{7148F0A8-6813-11D6-A77B-00B0D0142030} -> Java 2 Runtime Environment, SE v1.4.2_03 ->

{74F7662C-B1DB-489E-A8AC-07A06B24978B} -> Dell System Restore ->

{78C496B9-5A6B-4692-8C2E-AFFFC34E4961} -> Jasc Paint Shop Pro Studio, Dell Editon ->

{791CAF6C-90A3-11D4-8306-00D0B72E1DB9} -> Sentinel System Driver ->

{79546A5F-AE7C-4693-8670-A3401B43ABD2} -> HP Deskjet 5900 series ->

{7E27304E-BAA2-4d90-A34E-76641FAFABB4} -> CP_AtenaShokunin1Config ->

{7F2AC7B5-3DA8-45d3-B5E5-F36DCD9FDC6A} -> 2350 ->

{8234A27D-C5A4-4F84-8718-3BF34BCFC89F} -> JourneySoftwarePromo ->

{8777AC6D-89F9-4793-8266-DE406F343E89} -> QFolder ->

{88C02750-7811-11D3-B83B-00C04F58D527} -> Bordures et arrière-plans ->

{88C02752-7811-11D3-B83B-00C04F58D527} -> Légendes et liens ->

{88C02753-7811-11D3-B83B-00C04F58D527} -> Images clipart et symboles ->

{88C02758-7811-11D3-B83B-00C04F58D527} -> Assistant Rapport de propriétés ->

{88C02759-7811-11D3-B83B-00C04F58D527} -> Enregistrer sous HTML ->

{88C0275D-7811-11D3-B83B-00C04F58D527} -> Aide sur les fichiers programme ->

{88C0275E-7811-11D3-B83B-00C04F58D527} -> Diagrammes de blocs ->

{88C0275F-7811-11D3-B83B-00C04F58D527} -> Diagrammes de flux ->

{88C02760-7811-11D3-B83B-00C04F58D527} -> Formulaires et graphiques ->

{88C02763-7811-11D3-B83B-00C04F58D527} -> Diagrammes réseau ->

{88C02765-7811-11D3-B83B-00C04F58D527} -> Organigrammes ->

{88C02766-7811-11D3-B83B-00C04F58D527} -> Plannings de projet ->

{88C02929-7811-11D3-B83B-00C04F58D527} -> Aide sur les diagrammes de flux ->

{8DF66342-77E4-11D3-B83B-00C04F58D527} -> Vérificateur d'orthographe ->

{8DF66343-77E4-11D3-B83B-00C04F58D527} -> Solutions ->

{8DF66345-77E4-11D3-B83B-00C04F58D527} -> Notes sur cette version ->

{8DF6634B-77E4-11D3-B83B-00C04F58D527} -> Programmes complémentaires ->

{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} -> Intel Matrix Storage Manager ->

{91CA040C-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Small Business Edition 2003 ->

{9A394342-4A68-4EBA-85A6-55B559F4E700} -> Microsoft .NET Framework 1.1 French Language Pack ->

{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B} -> QuickProjects ->

{9DA5448B-4127-11D3-8F79-00C04F8DD7E3} -> Aide sur les images clipart et les symboles ->

{9DA5448D-4127-11D3-8F79-00C04F8DD7E3} -> Aide sur les legendes et les liens ->

{9DA5448F-4127-11D3-8F79-00C04F8DD7E3} -> Aide sur les bordures et les arrière-plans ->

{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3} -> PrintScreen ->

{A1062847-0846-427A-92A1-BB8251A91E91} -> HP PSC & OfficeJet 4.2 ->

{A2500497-FD32-493e-B8E5-28D6728DBEF5} -> Readme ->

{A3B215CF-7A43-11D3-B83B-00C04F58D527} -> Aide sur les diagrammes de blocs ->

{A3B21615-7A43-11D3-B83B-00C04F58D527} -> Aide sur les formulaires et les graphiques ->

{A3B21686-7A43-11D3-B83B-00C04F58D527} -> Aide sur les diagrammes réseau ->

{A4EA3AB4-E78C-4286-96DF-26035507CE55} -> AiO_Scan ->

{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D} -> Apple Software Update ->

{A5222E5A-13CB-4C98-9F5C-21CF6896A25C} -> HPDeskjet5900Series ->

{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D} -> CueTour ->

{A890218A-2B99-4EF5-AE53-51FF4D305866} -> Micro Application - Faire-part MC ->

{AB5D51AE-EBC3-438D-872C-705C7C2084B0} -> DeviceManagementQFolder ->

{AB708C9B-97C8-4AC9-899B-DBF226AC9382} -> Sonic RecordNow Audio ->

{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B} -> Dell Media Experience ->

{AC76BA86-0000-0000-0000-6028747ADE01} -> Adobe Acrobat - Reader 6.0.2 Update ->

{AC76BA86-7AD7-1036-7B44-A00000000001} -> Adobe Reader 6.0.1 - Français ->

{AF06CAE4-C134-44B1-B699-14FBDB63BD37} -> Dell Picture Studio v3.0 ->

{B12665F4-4E93-4AB4-B7FC-37053B524629} -> Sonic RecordNow Copy ->

{B2C7C466-408C-11D3-8F79-00C04F8DD7E3} -> Aide sur les plannings de projet ->

{B2C7C469-408C-11D3-8F79-00C04F8DD7E3} -> Aide sur les organigrammes ->

{B32C75F2-7495-4D01-9431-C11E97D66F8C} -> DocProc ->

{B45D9FEE-1AF4-46F3-9A83-2545F81547F5} -> CreativeProjectsTemplates ->

{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D} -> DocumentViewer ->

{B66F45DC-853B-11d3-83DE-00C04F3223C8} -> Visio 2000 (FR) ->

{B66F462A-853B-11d3-83DE-00C04F3223C8} -> Visio ->

{B66F464B-853B-11d3-83DE-00C04F3223C8} -> Aide de Visio 2000 (aide HTML) ->

{B66F4695-853B-11d3-83DE-00C04F3223C8} -> Fichiers de base Visio ->

{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC} -> BufferChm ->

{BCC992E5-5C81-4066-9B55-03DC10B24D21} -> InstantShare ->

{C04E32E0-0416-434D-AFB9-6969D703A9EF} -> MSXML 4.0 SP2 (KB936181) ->

{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 ->

{CDE4CC8B-134B-421E-943C-90799E56F664} -> Dell Media Experience Update ->

{D9B0CB2E-AC76-4687-AA41-2BEF8A934A81} -> 802.11 Wireless LAN PCMCIA Card ->

{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware 2007 ->

{E3F90083-80D4-4b5a-87C7-E97E12F5516D} -> HPProductAssistant ->

{E7559288-223B-453C-9F06-340E3BE21E39} -> MyWay Search Assistant ->

{E8814A8F-3B06-11D3-8CD7-00C04F72C04D} -> Microsoft Visual Studio Service Pack 3 ->

{EA103B64-C0E4-4C0E-A506-751590E1653D} -> SolutionCenter ->

{ED479ED4-A1C5-11d3-83E3-00C04F3223C8} -> Fichiers programme ->

{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} -> QuickTime ->

{F27E6293-F894-4562-B356-8726B89839FC} -> Filtres graphiques ->

{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4} -> Status ->

446227_R1 -> Micro Application - Aménagez Votre Intérieur 3D ->

AOL YGP Screensaver -> Ecran de veille AOL Photos ->

ATI Display Driver -> ATI Display Driver ->

avast! -> avast! Antivirus ->

CCleaner -> CCleaner (remove only) ->

Encyclopédie Hachette Multimédia -> Encyclopédie Hachette Multimédia ->

EVEREST Home Edition_is1 -> EVEREST Home Edition v2.20 ->

HijackThis -> HijackThis 2.0.0 ->

HP Imaging Device Functions -> HP Imaging Device Functions 5.0 ->

HP Photo & Imaging -> HP Image Zone 5.0 ->

HP Solution Center & Imaging Support Tools -> HP Solution Center & Imaging Support Tools 5.0 ->

HPExtendedCapabilities -> HP Extended Capabilities 5.0 ->

InstallShield_{D9B0CB2E-AC76-4687-AA41-2BEF8A934A81} -> 802.11 Wireless LAN PCMCIA Card Setup ->

KB835221WXP -> High Definition Audio Driver Package - KB835221 ->

KB873339 -> Correctif Windows XP - KB873339 ->

KB885250 -> Correctif Windows XP - KB885250 ->

KB885835 -> Correctif Windows XP - KB885835 ->

KB885836 -> Correctif Windows XP - KB885836 ->

KB886185 -> Correctif Windows XP - KB886185 ->

KB887472 -> Correctif Windows XP - KB887472 ->

KB888113 -> Correctif Windows XP - KB888113 ->

KB888302 -> Correctif Windows XP - KB888302 ->

KB888310 -> Correctif Windows XP - KB888310 ->

KB890046 -> Mise à jour de sécurité pour Windows XP (KB890046) ->

KB890175 -> Correctif Windows XP - KB890175 ->

KB890859 -> Correctif Windows XP - KB890859 ->

KB891781 -> Correctif Windows XP - KB891781 ->

KB893756 -> Mise à jour de sécurité pour Windows XP (KB893756) ->

KB893803v2 -> Windows Installer 3.1 (KB893803) ->

KB894391 -> Mise à jour pour Windows XP (KB894391) ->

KB896358 -> Mise à jour de sécurité pour Windows XP (KB896358) ->

KB896422 -> Mise à jour de sécurité pour Windows XP (KB896422) ->

KB896423 -> Mise à jour de sécurité pour Windows XP (KB896423) ->

KB896424 -> Mise à jour de sécurité pour Windows XP (KB896424) ->

KB896428 -> Mise à jour de sécurité pour Windows XP (KB896428) ->

KB896727 -> Mise à jour pour Windows XP (KB896727) ->

KB898458 -> Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) ->

KB898461 -> Mise à jour pour Windows XP (KB898461) ->

KB899587 -> Mise à jour de sécurité pour Windows XP (KB899587) ->

KB899591 -> Mise à jour de sécurité pour Windows XP (KB899591) ->

KB900485 -> Mise à jour pour Windows XP (KB900485) ->

KB900725 -> Mise à jour de sécurité pour Windows XP (KB900725) ->

KB901017 -> Mise à jour de sécurité pour Windows XP (KB901017) ->

KB901214 -> Mise à jour de sécurité pour Windows XP (KB901214) ->

KB902400 -> Mise à jour de sécurité pour Windows XP (KB902400) ->

KB904706 -> Mise à jour de sécurité pour Windows XP (KB904706) ->

KB905414 -> Mise à jour de sécurité pour Windows XP (KB905414) ->

KB905749 -> Mise à jour de sécurité pour Windows XP (KB905749) ->

KB908519 -> Mise à jour de sécurité pour Windows XP (KB908519) ->

KB908531 -> Mise à jour pour Windows XP (KB908531) ->

KB910437 -> Mise à jour pour Windows XP (KB910437) ->

KB911280 -> Mise à jour pour Windows XP (KB911280) ->

KB911562 -> Mise à jour de sécurité pour Windows XP (KB911562) ->

KB911564 -> Mise à jour de sécurité pour Lecteur Windows Media (KB911564) ->

KB911565 -> Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) ->

KB911567 -> Mise à jour de sécurité pour Windows XP (KB911567) ->

KB911927 -> Mise à jour de sécurité pour Windows XP (KB911927) ->

KB912919 -> Mise à jour de sécurité pour Windows XP (KB912919) ->

KB913580 -> Mise à jour de sécurité pour Windows XP (KB913580) ->

KB914388 -> Mise à jour de sécurité pour Windows XP (KB914388) ->

KB914389 -> Mise à jour de sécurité pour Windows XP (KB914389) ->

KB916595 -> Mise à jour pour Windows XP (KB916595) ->

KB917159 -> Mise à jour de sécurité pour Windows XP (KB917159) ->

KB917344 -> Mise à jour de sécurité pour Windows XP (KB917344) ->

KB917422 -> Mise à jour de sécurité pour Windows XP (KB917422) ->

KB917734_WMP10 -> Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) ->

KB917734_WMP9 -> Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) ->

KB917953 -> Mise à jour de sécurité pour Windows XP (KB917953) ->

KB918118 -> Mise à jour de sécurité pour Windows XP (KB918118) ->

KB918439 -> Mise à jour de sécurité pour Windows XP (KB918439) ->

KB918899 -> Mise à jour de sécurité pour Windows XP (KB918899) ->

KB919007 -> Mise à jour de sécurité pour Windows XP (KB919007) ->

KB920213 -> Mise à jour de sécurité pour Windows XP (KB920213) ->

KB920214 -> Mise à jour de sécurité pour Windows XP (KB920214) ->

KB920670 -> Mise à jour de sécurité pour Windows XP (KB920670) ->

KB920683 -> Mise à jour de sécurité pour Windows XP (KB920683) ->

KB920685 -> Mise à jour de sécurité pour Windows XP (KB920685) ->

KB920872 -> Mise à jour pour Windows XP (KB920872) ->

KB921398 -> Mise à jour de sécurité pour Windows XP (KB921398) ->

KB921503 -> Mise à jour de sécurité pour Windows XP (KB921503) ->

KB921883 -> Mise à jour de sécurité pour Windows XP (KB921883) ->

KB922582 -> Mise à jour pour Windows XP (KB922582) ->

KB922616 -> Mise à jour de sécurité pour Windows XP (KB922616) ->

KB922760 -> Mise à jour de sécurité pour Windows XP (KB922760) ->

KB922819 -> Mise à jour de sécurité pour Windows XP (KB922819) ->

KB923191 -> Mise à jour de sécurité pour Windows XP (KB923191) ->

KB923414 -> Mise à jour de sécurité pour Windows XP (KB923414) ->

KB923694 -> Mise à jour de sécurité pour Windows XP (KB923694) ->

KB923723 -> Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) ->

KB923980 -> Mise à jour de sécurité pour Windows XP (KB923980) ->

KB924191 -> Mise à jour de sécurité pour Windows XP (KB924191) ->

KB924270 -> Mise à jour de sécurité pour Windows XP (KB924270) ->

KB924496 -> Mise à jour de sécurité pour Windows XP (KB924496) ->

KB924667 -> Mise à jour de sécurité pour Windows XP (KB924667) ->

KB925398_WMP64 -> Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) ->

KB925454 -> Mise à jour de sécurité pour Windows XP (KB925454) ->

KB925486 -> Mise à jour de sécurité pour Windows XP (KB925486) ->

KB925902 -> Mise à jour de sécurité pour Windows XP (KB925902) ->

KB926239 -> Hotfix for Windows XP (KB926239) ->

KB926255 -> Mise à jour de sécurité pour Windows XP (KB926255) ->

KB926436 -> Mise à jour de sécurité pour Windows XP (KB926436) ->

KB927779 -> Mise à jour de sécurité pour Windows XP (KB927779) ->

KB927802 -> Mise à jour de sécurité pour Windows XP (KB927802) ->

KB927891 -> Mise à jour pour Windows XP (KB927891) ->

KB928090 -> Mise à jour de sécurité pour Windows XP (KB928090) ->

KB928255 -> Mise à jour de sécurité pour Windows XP (KB928255) ->

KB928843 -> Mise à jour de sécurité pour Windows XP (KB928843) ->

KB929123 -> Mise à jour de sécurité pour Windows XP (KB929123) ->

KB929338 -> Mise à jour pour Windows XP (KB929338) ->

KB929399 -> Hotfix for Windows Media Format 11 SDK (KB929399) ->

KB929969 -> Mise à jour de sécurité pour Windows XP (KB929969) ->

KB930178 -> Mise à jour de sécurité pour Windows XP (KB930178) ->

KB930916 -> Mise à jour pour Windows XP (KB930916) ->

KB931261 -> Mise à jour de sécurité pour Windows XP (KB931261) ->

KB931768 -> Mise à jour de sécurité pour Windows XP (KB931768) ->

KB931784 -> Mise à jour de sécurité pour Windows XP (KB931784) ->

KB931836 -> Mise à jour pour Windows XP (KB931836) ->

KB932168 -> Mise à jour de sécurité pour Windows XP (KB932168) ->

KB933360 -> Mise à jour pour Windows XP (KB933360) ->

KB933566 -> Mise à jour de sécurité pour Windows XP (KB933566) ->

KB935839 -> Mise à jour de sécurité pour Windows XP (KB935839) ->

KB935840 -> Mise à jour de sécurité pour Windows XP (KB935840) ->

KB936021 -> Mise à jour de sécurité pour Windows XP (KB936021) ->

KB936357 -> Mise à jour pour Windows XP (KB936357) ->

KB936782_WMP11 -> Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) ->

KB937143 -> Mise à jour de sécurité pour Windows XP (KB937143) ->

KB938127 -> Mise à jour de sécurité pour Windows XP (KB938127) ->

KB938828 -> Mise à jour pour Windows XP (KB938828) ->

KB938829 -> Mise à jour de sécurité pour Windows XP (KB938829) ->

KB939683 -> Correctif pour Lecteur Windows Media 11 (KB939683) ->

M928366 -> Microsoft .NET Framework 1.1 Hotfix (KB928366) ->

Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 ->

MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP ->

MSNINST -> MSN ->

my360 Classic -> my360 Classic Screen Saver ->

my360 Psyche -> my360 Psyche Screen Saver ->

PornoPlayer -> PornoPlayer ->

PROSetDX -> Logiciel des cartes réseau Intel® PRO v9.2.4.11 ->

Rainbow Sentinel Driver -> Sentinel System Driver ->

ShockwaveFlash -> Adobe Flash Player 9 ActiveX ->

Spyware Doctor -> Spyware Doctor 5.0 ->

StreetPlugin -> Learn2 Player (Uninstall Only) ->

ViewpointMediaPlayer -> Viewpoint Media Player ->

WgaNotify -> Windows Genuine Advantage Notifications (KB905474) ->

Windows Media Format Runtime -> Windows Media Format 11 runtime ->

Windows Media Player -> Lecteur Windows Media 11 ->

WMFDist11 -> Windows Media Format 11 runtime ->

wmp11 -> Windows Media Player 11 ->

Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 ->

[Files/Folders - Created Within 60 days]

dnsbak.reg -> %SystemDrive%\dnsbak.reg -> [Ver = | Size = 7661 bytes | Created Date = 30/08/2007 15:41:56 | Attr = ]

fixwareout -> %SystemDrive%\fixwareout -> [Folder | Created Date = 30/08/2007 15:41:40 | Attr = ]

hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 534941696 bytes | Created Date = 02/01/1601 23:00:00 | Attr = HS]

rapport.txt -> %SystemDrive%\rapport.txt -> [Ver = | Size = 4605 bytes | Created Date = 29/08/2007 14:44:41 | Attr = ]

WA7PV -> %SystemDrive%\WA7PV -> [Folder | Created Date = 28/08/2007 07:16:53 | Attr = HS]

$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 20/08/2007 02:02:18 | Attr = H ]

$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Created Date = 03/09/2007 02:00:31 | Attr = H ]

$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 20/08/2007 02:02:27 | Attr = H ]

$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Created Date = 13/07/2007 18:04:03 | Attr = H ]

$NtUninstallKB936782_WMP11$ -> %SystemRoot%\$NtUninstallKB936782_WMP11$ -> [Folder | Created Date = 20/08/2007 02:00:42 | Attr = H ]

$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Created Date = 20/08/2007 02:01:15 | Attr = H ]

$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Created Date = 20/08/2007 02:01:25 | Attr = H ]

$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 20/08/2007 02:02:23 | Attr = H ]

$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 20/08/2007 02:02:13 | Attr = H ]

$NtUninstallKB939683$ -> %SystemRoot%\$NtUninstallKB939683$ -> [Folder | Created Date = 03/09/2007 02:01:05 | Attr = H ]

0.log -> %SystemRoot%.log -> [Ver = | Size = 0 bytes | Created Date = 29/08/2007 15:28:42 | Attr = ]

3-wlancfg.log -> %SystemRoot%\3-wlancfg.log -> [Ver = | Size = 9414 bytes | Created Date = 29/08/2007 15:28:35 | Attr = ]

4-wlancfg.log -> %SystemRoot%\4-wlancfg.log -> [Ver = | Size = 14121 bytes | Created Date = 30/08/2007 15:41:40 | Attr = ]

comsetup.log -> %SystemRoot%\comsetup.log -> [Ver = | Size = 4023 bytes | Created Date = 03/09/2007 02:00:37 | Attr = ]

FaxSetup.log -> %SystemRoot%\FaxSetup.log -> [Ver = | Size = 12317 bytes | Created Date = 03/09/2007 02:00:34 | Attr = ]

IE4 Error Log.txt -> %SystemRoot%\IE4 Error Log.txt -> [Ver = | Size = 1528 bytes | Created Date = 01/09/2007 07:44:27 | Attr = ]

iis6.log -> %SystemRoot%\iis6.log -> [Ver = | Size = 1921 bytes | Created Date = 03/09/2007 02:00:36 | Attr = ]

imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Created Date = 03/09/2007 02:00:37 | Attr = ]

imsins.log -> %SystemRoot%\imsins.log -> [Ver = | Size = 1355 bytes | Created Date = 03/09/2007 02:00:37 | Attr = ]

KB933360.log -> %SystemRoot%\KB933360.log -> [Ver = | Size = 17400 bytes | Created Date = 03/09/2007 02:00:21 | Attr = ]

KB939683.log -> %SystemRoot%\KB939683.log -> [Ver = | Size = 10658 bytes | Created Date = 03/09/2007 02:00:39 | Attr = ]

LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 03/09/2007 02:00:23 | Attr = ]

MKDEMSG.LOG -> %SystemRoot%\MKDEMSG.LOG -> [Ver = | Size = 1360 bytes | Created Date = 29/08/2007 16:08:08 | Attr = ]

msgsocm.log -> %SystemRoot%\msgsocm.log -> [Ver = | Size = 618 bytes | Created Date = 03/09/2007 02:00:37 | Attr = ]

ntbtlog.txt -> %SystemRoot%\ntbtlog.txt -> [Ver = | Size = 805450 bytes | Created Date = 29/08/2007 15:08:00 | Attr = ]

ntdtcsetup.log -> %SystemRoot%\ntdtcsetup.log -> [Ver = | Size = 2440 bytes | Created Date = 03/09/2007 02:00:37 | Attr = ]

ocgen.log -> %SystemRoot%\ocgen.log -> [Ver = | Size = 5832 bytes | Created Date = 03/09/2007 02:00:34 | Attr = ]

ocmsn.log -> %SystemRoot%\ocmsn.log -> [Ver = | Size = 684 bytes | Created Date = 03/09/2007 02:00:38 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Created Date = 29/08/2007 15:50:58 | Attr = ]

setupact.log -> %SystemRoot%\setupact.log -> [Ver = | Size = 360 bytes | Created Date = 30/08/2007 15:36:14 | Attr = ]

setupapi.log -> %SystemRoot%\setupapi.log -> [Ver = | Size = 30671 bytes | Created Date = 03/09/2007 02:00:38 | Attr = ]

setuperr.log -> %SystemRoot%\setuperr.log -> [Ver = | Size = 0 bytes | Created Date = 30/08/2007 15:36:14 | Attr = ]

SpywareDoctor505Installation.log -> %SystemRoot%\SpywareDoctor505Installation.log -> [Ver = | Size = 213 bytes | Created Date = 29/08/2007 15:54:41 | Attr = ]

tsoc.log -> %SystemRoot%\tsoc.log -> [Ver = | Size = 4718 bytes | Created Date = 03/09/2007 02:00:37 | Attr = ]

dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 30/08/2007 06:45:49 | Attr = ]

msvcr80.dll -> %System32%\msvcr80.dll -> Microsoft Corporation [Ver = 8.00.50727.42 | Size = 626688 bytes | Created Date = 29/08/2007 15:54:41 | Attr = ]

msxml3a.dll -> %System32%\msxml3a.dll -> Microsoft Corporation [Ver = 8.10.8308.0 | Size = 24064 bytes | Created Date = 28/08/2007 07:15:57 | Attr = ]

my360 Classic dir -> %System32%\my360 Classic dir -> [Folder | Created Date = 31/08/2007 16:53:25 | Attr = ]

my360 Classic.scr -> %System32%\my360 Classic.scr -> ScreenTime Media [Ver = 3.2.2 | Size = 201728 bytes | Created Date = 31/08/2007 16:53:25 | Attr = ]

my360 Psyche dir -> %System32%\my360 Psyche dir -> [Folder | Created Date = 31/08/2007 16:53:14 | Attr = ]

my360 Psyche.scr -> %System32%\my360 Psyche.scr -> ScreenTime Media [Ver = 3.2.2 | Size = 201728 bytes | Created Date = 31/08/2007 16:53:14 | Attr = ]

printer.exe -> %System32%\printer.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Created Date = 30/08/2007 16:05:49 | Attr = ]

Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 30/08/2007 06:45:49 | Attr = ]

SpOrder.dll -> %System32%\SpOrder.dll -> Microsoft Corporation [Ver = 5.2.3663.0 (main.020715-1506) | Size = 8704 bytes | Created Date = 28/08/2007 07:15:57 | Attr = ]

SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 30/08/2007 06:45:49 | Attr = ]

stera.job -> %System32%\stera.job -> [Ver = | Size = 2 bytes | Created Date = 28/08/2007 07:16:52 | Attr = ]

swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 30/08/2007 06:45:49 | Attr = ]

swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 30/08/2007 06:45:49 | Attr = ]

swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 30/08/2007 06:45:49 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 3132 bytes | Created Date = 29/08/2007 14:44:54 | Attr = ]

tmp.txt -> %System32%\tmp.txt -> [Ver = | Size = 0 bytes | Created Date = 29/08/2007 14:44:54 | Attr = ]

WinAvXX.exe -> %System32%\WinAvXX.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Created Date = 30/08/2007 16:05:49 | Attr = ]

AWRTPD.sys -> %System32%\drivers\AWRTPD.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 6272 bytes | Created Date = 11/07/2007 13:37:26 | Attr = ]

AWRTRD.sys -> %System32%\drivers\AWRTRD.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 8320 bytes | Created Date = 07/08/2007 12:58:08 | Attr = ]

ikfilesec.sys -> %System32%\drivers\ikfilesec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1032 built by: WinDDK | Size = 40264 bytes | Created Date = 29/08/2007 15:55:00 | Attr = ]

iksysflt.sys -> %System32%\drivers\iksysflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1020 | Size = 57672 bytes | Created Date = 29/08/2007 15:55:00 | Attr = ]

iksyssec.sys -> %System32%\drivers\iksyssec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1021 | Size = 82248 bytes | Created Date = 29/08/2007 15:55:00 | Attr = ]

kcom.sys -> %System32%\drivers\kcom.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1008 | Size = 29000 bytes | Created Date = 29/08/2007 15:55:00 | Attr = ]

NSDriver.sys -> %System32%\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 9344 bytes | Created Date = 07/08/2007 12:56:58 | Attr = ]

Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Created Date = 28/08/2007 12:47:29 | Attr = ]

SalesMonitor -> %AllUsersAppData%\SalesMonitor -> [Folder | Created Date = 28/08/2007 07:16:08 | Attr = R ]

PC Tools -> %UserAppData%\PC Tools -> [Folder | Created Date = 29/08/2007 15:54:53 | Attr = ]

100MLT16 -> %UserDocuments%\100MLT16 -> [Folder | Created Date = 27/08/2007 07:31:40 | Attr = ]

antivirus francis -> %UserDocuments%\antivirus francis -> [Folder | Created Date = 29/08/2007 14:25:00 | Attr = ]

BASE FACT.ods -> %UserDocuments%\BASE FACT.ods -> [Ver = | Size = 69063 bytes | Created Date = 02/08/2007 13:08:46 | Attr = ]

cc_20070829_1601.reg -> %UserDocuments%\cc_20070829_1601.reg -> [Ver = | Size = 97121 bytes | Created Date = 29/08/2007 15:01:44 | Attr = ]

FACT -> %UserDocuments%\FACT -> [Folder | Created Date = 20/07/2007 11:10:42 | Attr = ]

FACTBASE.ods -> %UserDocuments%\FACTBASE.ods -> [Ver = | Size = 111783 bytes | Created Date = 03/09/2007 12:33:16 | Attr = ]

FACTSAUV AOUT07.ods -> %UserDocuments%\FACTSAUV AOUT07.ods -> [Ver = | Size = 112314 bytes | Created Date = 03/09/2007 13:56:50 | Attr = ]

FACTSAUV TRIE.ods -> %UserDocuments%\FACTSAUV TRIE.ods -> [Ver = | Size = 116588 bytes | Created Date = 03/09/2007 10:46:23 | Attr = ]

FACTSAUV TRIE.pdf -> %UserDocuments%\FACTSAUV TRIE.pdf -> [Ver = | Size = 202082 bytes | Created Date = 03/09/2007 10:46:48 | Attr = ]

FACTSAUV TRIE2.ods -> %UserDocuments%\FACTSAUV TRIE2.ods -> [Ver = | Size = 111731 bytes | Created Date = 03/09/2007 12:16:11 | Attr = ]

FACTSAUV TRIE2.pdf -> %UserDocuments%\FACTSAUV TRIE2.pdf -> [Ver = | Size = 197337 bytes | Created Date = 03/09/2007 12:16:54 | Attr = ]

FACTSAUVEGARDE.ods -> %UserDocuments%\FACTSAUVEGARDE.ods -> [Ver = | Size = 116895 bytes | Created Date = 20/07/2007 11:10:12 | Attr = ]

Nouvelle base de données.odb -> %UserDocuments%\Nouvelle base de données.odb -> [Ver = | Size = 2498 bytes | Created Date = 13/07/2007 13:26:52 | Attr = ]

Nouvelle base de données.odb.lck -> %UserDocuments%\Nouvelle base de données.odb.lck -> [Ver = | Size = 16 bytes | Created Date = 13/07/2007 13:26:57 | Attr = ]

Nouvelle base de données2.odb -> %UserDocuments%\Nouvelle base de données2.odb -> [Ver = | Size = 1381 bytes | Created Date = 13/07/2007 13:29:02 | Attr = ]

Thumbs.db -> %UserDocuments%\Thumbs.db -> [Ver = | Size = 28160 bytes | Created Date = 09/07/2007 13:50:11 | Attr = HS]

@Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable ->

Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1790 bytes | Created Date = 28/08/2007 12:47:35 | Attr = ]

Ad-Watch 2007.lnk -> %AllUsersDesktop%\Ad-Watch 2007.lnk -> [Ver = | Size = 1790 bytes | Created Date = 28/08/2007 12:47:35 | Attr = ]

Spyware Doctor.lnk -> %AllUsersDesktop%\Spyware Doctor.lnk -> [Ver = | Size = 768 bytes | Created Date = 29/08/2007 15:55:01 | Attr = ]

carte udlm.pdf -> %UserDesktop%\carte udlm.pdf -> [Ver = | Size = 80538 bytes | Created Date = 26/07/2007 05:26:12 | Attr = ]

JACQUET.pdf -> %UserDesktop%\JACQUET.pdf -> [Ver = | Size = 1308300 bytes | Created Date = 17/07/2007 16:06:40 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\JACQUET.pdf:Zone.Identifier ->

Jeux.url -> %UserDesktop%\Jeux.url -> [Ver = | Size = 386 bytes | Created Date = 29/08/2007 14:46:58 | Attr = ]

JUIN1.ods -> %UserDesktop%\JUIN1.ods -> [Ver = | Size = 34382 bytes | Created Date = 10/07/2007 06:33:25 | Attr = ]

SKMBT_C25207062808250 (1).pdf -> %UserDesktop%\SKMBT_C25207062808250 (1).pdf -> [Ver = | Size = 421093 bytes | Created Date = 10/07/2007 05:39:41 | Attr = ]

SmitfraudFix -> %UserDesktop%\SmitfraudFix -> [Folder | Created Date = 30/08/2007 06:45:45 | Attr = ]

Traducteur.url -> %UserDesktop%\Traducteur.url -> [Ver = | Size = 404 bytes | Created Date = 29/08/2007 14:46:58 | Attr = ]

Télécharger les programmes.url -> %UserDesktop%\Télécharger les programmes.url -> [Ver = | Size = 312 bytes | Created Date = 29/08/2007 14:46:58 | Attr = ]

Vidéos.url -> %UserDesktop%\Vidéos.url -> [Ver = | Size = 390 bytes | Created Date = 29/08/2007 14:46:58 | Attr = ]

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 04/09/2007 14:31:29 | Attr = ]

winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 355884 bytes | Created Date = 04/09/2007 14:31:15 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->

autorun.exe -> %AllUsersStartup%\autorun.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Created Date = 29/08/2007 15:53:21 | Attr = ]

system.exe -> %UserStartup%\system.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Created Date = 30/08/2007 16:05:49 | Attr = ]

Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 28/08/2007 12:46:59 | Attr = ]

[Files/Folders - Modified Within 60 days]

boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 216 bytes | Modified Date = 29/08/2007 16:54:26 | Attr = RHS]

Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 29/08/2007 16:02:26 | Attr = H ]

Devis10 -> %SystemDrive%\Devis10 -> [Folder | Modified Date = 04/09/2007 15:29:52 | Attr = ]

dnsbak.reg -> %SystemDrive%\dnsbak.reg -> [Ver = | Size = 7661 bytes | Modified Date = 30/08/2007 16:41:58 | Attr = ]

Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 28/08/2007 14:11:22 | Attr = ]

fixwareout -> %SystemDrive%\fixwareout -> [Folder | Modified Date = 30/08/2007 16:44:16 | Attr = ]

hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 534941696 bytes | Modified Date = 30/08/2007 17:05:42 | Attr = HS]

Program Files -> %ProgramFiles% -> [Folder | Modified Date = 30/08/2007 16:36:12 | Attr = R ]

rapport.txt -> %SystemDrive%\rapport.txt -> [Ver = | Size = 4605 bytes | Modified Date = 30/08/2007 17:02:30 | Attr = ]

RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 30/08/2007 16:36:58 | Attr = HS]

WA7PV -> %SystemDrive%\WA7PV -> [Folder | Modified Date = 28/08/2007 08:16:54 | Attr = HS]

WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 03/09/2007 03:01:10 | Attr = ]

$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 29/08/2007 13:00:58 | Attr = H ]

$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 20/08/2007 03:02:20 | Attr = H ]

$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Modified Date = 03/09/2007 03:00:34 | Attr = H ]

$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 20/08/2007 03:02:28 | Attr = H ]

$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Modified Date = 13/07/2007 19:04:04 | Attr = H ]

$NtUninstallKB936782_WMP11$ -> %SystemRoot%\$NtUninstallKB936782_WMP11$ -> [Folder | Modified Date = 20/08/2007 03:00:46 | Attr = H ]

$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Modified Date = 20/08/2007 03:01:18 | Attr = H ]

$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Modified Date = 20/08/2007 03:01:26 | Attr = H ]

$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 20/08/2007 03:02:24 | Attr = H ]

$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 20/08/2007 03:02:14 | Attr = H ]

$NtUninstallKB939683$ -> %SystemRoot%\$NtUninstallKB939683$ -> [Folder | Modified Date = 03/09/2007 03:01:08 | Attr = H ]

0.log -> %SystemRoot%.log -> [Ver = | Size = 0 bytes | Modified Date = 30/08/2007 17:06:06 | Attr = ]

3-wlancfg.log -> %SystemRoot%\3-wlancfg.log -> [Ver = | Size = 9414 bytes | Modified Date = 29/08/2007 16:53:42 | Attr = ]

4-wlancfg.log -> %SystemRoot%\4-wlancfg.log -> [Ver = | Size = 14121 bytes | Modified Date = 30/08/2007 17:06:04 | Attr = ]

bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 30/08/2007 17:05:44 | Attr = S]

comsetup.log -> %SystemRoot%\comsetup.log -> [Ver = | Size = 4023 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 29/08/2007 16:00:42 | Attr = ]

FaxSetup.log -> %SystemRoot%\FaxSetup.log -> [Ver = | Size = 12317 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

Help -> %SystemRoot%\Help -> [Folder | Modified Date = 21/08/2007 22:38:08 | Attr = ]

IE4 Error Log.txt -> %SystemRoot%\IE4 Error Log.txt -> [Ver = | Size = 1528 bytes | Modified Date = 01/09/2007 08:44:28 | Attr = ]

iis6.log -> %SystemRoot%\iis6.log -> [Ver = | Size = 1921 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 03/09/2007 03:00:40 | Attr = ]

imsins.log -> %SystemRoot%\imsins.log -> [Ver = | Size = 1355 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Modified Date = 03/09/2007 03:01:10 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 29/08/2007 16:02:28 | Attr = HS]

KB933360.log -> %SystemRoot%\KB933360.log -> [Ver = | Size = 17400 bytes | Modified Date = 03/09/2007 03:00:40 | Attr = ]

KB939683.log -> %SystemRoot%\KB939683.log -> [Ver = | Size = 10658 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 03/09/2007 03:00:24 | Attr = ]

Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 29/08/2007 16:00:42 | Attr = ]

MKDEMSG.LOG -> %SystemRoot%\MKDEMSG.LOG -> [Ver = | Size = 1360 bytes | Modified Date = 04/09/2007 15:30:22 | Attr = ]

MKDEWE.TRN -> %SystemRoot%\MKDEWE.TRN -> [Ver = | Size = 3072 bytes | Modified Date = 04/09/2007 15:01:20 | Attr = ]

msgsocm.log -> %SystemRoot%\msgsocm.log -> [Ver = | Size = 618 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

ntbtlog.txt -> %SystemRoot%\ntbtlog.txt -> [Ver = | Size = 805450 bytes | Modified Date = 30/08/2007 17:00:50 | Attr = ]

ntdtcsetup.log -> %SystemRoot%\ntdtcsetup.log -> [Ver = | Size = 2440 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

ocgen.log -> %SystemRoot%\ocgen.log -> [Ver = | Size = 5832 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

ocmsn.log -> %SystemRoot%\ocmsn.log -> [Ver = | Size = 684 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 04/09/2007 15:31:32 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Modified Date = 29/08/2007 16:52:08 | Attr = ]

SchedLgU.Txt -> %SystemRoot%\SchedLgU.Txt -> [Ver = | Size = 32536 bytes | Modified Date = 30/08/2007 16:50:16 | Attr = ]

setupact.log -> %SystemRoot%\setupact.log -> [Ver = | Size = 360 bytes | Modified Date = 30/08/2007 17:02:50 | Attr = ]

setupapi.log -> %SystemRoot%\setupapi.log -> [Ver = | Size = 30671 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

setuperr.log -> %SystemRoot%\setuperr.log -> [Ver = | Size = 0 bytes | Modified Date = 30/08/2007 16:36:16 | Attr = ]

SpywareDoctor505Installation.log -> %SystemRoot%\SpywareDoctor505Installation.log -> [Ver = | Size = 213 bytes | Modified Date = 29/08/2007 16:54:54 | Attr = ]

system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 243 bytes | Modified Date = 29/08/2007 16:54:26 | Attr = ]

system32 -> %System32% -> [Folder | Modified Date = 03/09/2007 03:00:34 | Attr = ]

Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 04/09/2007 13:30:10 | Attr = ]

tsoc.log -> %SystemRoot%\tsoc.log -> [Ver = | Size = 4718 bytes | Modified Date = 03/09/2007 03:01:10 | Attr = ]

wiadebug.log -> %SystemRoot%\wiadebug.log -> [Ver = | Size = 159 bytes | Modified Date = 30/08/2007 17:06:00 | Attr = ]

wiaservc.log -> %SystemRoot%\wiaservc.log -> [Ver = | Size = 50 bytes | Modified Date = 30/08/2007 17:05:58 | Attr = ]

win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 816 bytes | Modified Date = 29/08/2007 16:54:26 | Attr = ]

WindowsUpdate.log -> %SystemRoot%\WindowsUpdate.log -> [Ver = | Size = 1819918 bytes | Modified Date = 04/09/2007 05:59:24 | Attr = ]

WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 20/08/2007 03:01:04 | Attr = ]

AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 31/08/2007 10:23:02 | Attr = ]

HPpromotions journeysoftware.job -> %SystemRoot%\tasks\HPpromotions journeysoftware.job -> [Ver = | Size = 364 bytes | Modified Date = 04/09/2007 12:00:02 | Attr = ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 30/08/2007 17:05:50 | Attr = H ]

aswBoot.exe -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 783224 bytes | Modified Date = 28/07/2007 00:07:22 | Attr = ]

AVASTSS.scr -> %System32%\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 95608 bytes | Modified Date = 27/07/2007 23:57:50 | Attr = ]

CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 03/09/2007 03:00:24 | Attr = ]

cdm.dll -> %System32%\cdm.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 92504 bytes | Modified Date = 30/07/2007 19:19:20 | Attr = ]

CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3121 bytes | Modified Date = 28/08/2007 14:27:04 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Modified Date = 03/09/2007 03:01:08 | Attr = RHS]

drivers -> %System32%\drivers -> [Folder | Modified Date = 30/08/2007 16:43:40 | Attr = ]

MRT.exe -> %System32%\MRT.exe -> Microsoft Corporation [Ver = 1.32.2278.0 | Size = 16789464 bytes | Modified Date = 03/08/2007 06:34:10 | Attr = ]

my360 Classic dir -> %System32%\my360 Classic dir -> [Folder | Modified Date = 31/08/2007 18:43:04 | Attr = ]

my360 Classic.scr -> %System32%\my360 Classic.scr -> ScreenTime Media [Ver = 3.2.2 | Size = 201728 bytes | Modified Date = 31/08/2007 17:53:26 | Attr = ]

my360 Psyche dir -> %System32%\my360 Psyche dir -> [Folder | Modified Date = 31/08/2007 17:53:16 | Attr = ]

my360 Psyche.scr -> %System32%\my360 Psyche.scr -> ScreenTime Media [Ver = 3.2.2 | Size = 201728 bytes | Modified Date = 31/08/2007 17:53:16 | Attr = ]

perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 53436 bytes | Modified Date = 29/08/2007 16:56:08 | Attr = ]

perfc00C.dat -> %System32%\perfc00C.dat -> [Ver = | Size = 64484 bytes | Modified Date = 29/08/2007 16:56:08 | Attr = ]

perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 381692 bytes | Modified Date = 29/08/2007 16:56:08 | Attr = ]

perfh00C.dat -> %System32%\perfh00C.dat -> [Ver = | Size = 446566 bytes | Modified Date = 29/08/2007 16:56:08 | Attr = ]

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 956504 bytes | Modified Date = 29/08/2007 16:56:08 | Attr = ]

printer.exe -> %System32%\printer.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

stera.job -> %System32%\stera.job -> [Ver = | Size = 2 bytes | Modified Date = 28/08/2007 08:16:56 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 3132 bytes | Modified Date = 30/08/2007 17:02:12 | Attr = ]

tmp.txt -> %System32%\tmp.txt -> [Ver = | Size = 0 bytes | Modified Date = 30/08/2007 17:02:12 | Attr = ]

tzchange.exe -> %System32%\tzchange.exe -> Microsoft Corporation [Ver = 5.1.2600.3180 (xpsp_sp2_gdr.070718-1245) | Size = 60416 bytes | Modified Date = 18/07/2007 14:42:22 | Attr = ]

TZLog.log -> %System32%\TZLog.log -> [Ver = | Size = 249272 bytes | Modified Date = 03/09/2007 03:00:32 | Attr = ]

WinAvXX.exe -> %System32%\WinAvXX.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 30/08/2007 17:06:18 | Attr = ]

wuapi.dll -> %System32%\wuapi.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 549720 bytes | Modified Date = 30/07/2007 19:19:36 | Attr = ]

wuapi.dll.mui -> %System32%\wuapi.dll.mui -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 30040 bytes | Modified Date = 30/07/2007 19:19:52 | Attr = ]

wuauclt.exe -> %System32%\wuauclt.exe -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 53080 bytes | Modified Date = 30/07/2007 19:19:16 | Attr = ]

wuaucpl.cpl -> %System32%\wuaucpl.cpl -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 216408 bytes | Modified Date = 30/07/2007 19:19:28 | Attr = ]

wuaucpl.cpl.mui -> %System32%\wuaucpl.cpl.mui -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 30040 bytes | Modified Date = 30/07/2007 19:20:06 | Attr = ]

wuaueng.dll -> %System32%\wuaueng.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 1712984 bytes | Modified Date = 30/07/2007 19:19:42 | Attr = ]

wuaueng.dll.mui -> %System32%\wuaueng.dll.mui -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 21336 bytes | Modified Date = 30/07/2007 19:18:48 | Attr = ]

wucltui.dll -> %System32%\wucltui.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 325976 bytes | Modified Date = 30/07/2007 19:19:32 | Attr = ]

wucltui.dll.mui -> %System32%\wucltui.dll.mui -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 38232 bytes | Modified Date = 30/07/2007 19:19:04 | Attr = ]

wups.dll -> %System32%\wups.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 33624 bytes | Modified Date = 30/07/2007 19:18:40 | Attr = ]

wups2.dll -> %System32%\wups2.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 43352 bytes | Modified Date = 30/07/2007 19:19:12 | Attr = ]

wuweb.dll -> %System32%\wuweb.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 203096 bytes | Modified Date = 30/07/2007 19:19:28 | Attr = ]

cdm.dll -> %System32%\dllcache\cdm.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 92504 bytes | Modified Date = 30/07/2007 19:19:20 | Attr = ]

wuapi.dll -> %System32%\dllcache\wuapi.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 549720 bytes | Modified Date = 30/07/2007 19:19:36 | Attr = ]

wuauclt.exe -> %System32%\dllcache\wuauclt.exe -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 53080 bytes | Modified Date = 30/07/2007 19:19:16 | Attr = ]

wuaucpl.cpl -> %System32%\dllcache\wuaucpl.cpl -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 216408 bytes | Modified Date = 30/07/2007 19:19:28 | Attr = ]

wuaueng.dll -> %System32%\dllcache\wuaueng.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 1712984 bytes | Modified Date = 30/07/2007 19:19:42 | Attr = ]

wucltui.dll -> %System32%\dllcache\wucltui.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 325976 bytes | Modified Date = 30/07/2007 19:19:32 | Attr = ]

wups.dll -> %System32%\dllcache\wups.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 33624 bytes | Modified Date = 30/07/2007 19:18:40 | Attr = ]

wuweb.dll -> %System32%\dllcache\wuweb.dll -> Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 203096 bytes | Modified Date = 30/07/2007 19:19:28 | Attr = ]

aavmker4.sys -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 26624 bytes | Modified Date = 27/07/2007 23:58:36 | Attr = ]

aswmon.sys -> %System32%\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 92848 bytes | Modified Date = 28/07/2007 00:02:50 | Attr = ]

aswmon2.sys -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 94416 bytes | Modified Date = 28/07/2007 00:02:34 | Attr = ]

aswRdr.sys -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 23152 bytes | Modified Date = 28/07/2007 00:00:40 | Attr = ]

aswTdi.sys -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 42912 bytes | Modified Date = 27/07/2007 23:59:58 | Attr = ]

AWRTPD.sys -> %System32%\drivers\AWRTPD.sys -> Lavasoft AB [Ver = 1.0.0.134 | Size = 6272 bytes | Modified Date = 11/07/2007 14:37:26 | Attr = ]

AWRTRD.sys -> %System32%\drivers\AWRTRD.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 8320 bytes | Modified Date = 07/08/2007 13:58:08 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Modified Date = 04/09/2007 14:39:54 | Attr = ]

ikfilesec.sys -> %System32%\drivers\ikfilesec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1032 built by: WinDDK | Size = 40264 bytes | Modified Date = 14/08/2007 17:02:00 | Attr = ]

iksysflt.sys -> %System32%\drivers\iksysflt.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1020 | Size = 57672 bytes | Modified Date = 14/08/2007 17:02:02 | Attr = ]

iksyssec.sys -> %System32%\drivers\iksyssec.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1021 | Size = 82248 bytes | Modified Date = 14/08/2007 17:02:04 | Attr = ]

kcom.sys -> %System32%\drivers\kcom.sys -> PCTools Research Pty Ltd. [Ver = 5.0.2.1008 | Size = 29000 bytes | Modified Date = 14/08/2007 17:02:06 | Attr = ]

NSDriver.sys -> %System32%\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 9344 bytes | Modified Date = 07/08/2007 13:56:58 | Attr = ]

Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Modified Date = 28/08/2007 13:47:30 | Attr = ]

SalesMonitor -> %AllUsersAppData%\SalesMonitor -> [Folder | Modified Date = 28/08/2007 08:16:10 | Attr = R ]

OpenOffice.org2 -> %UserAppData%\OpenOffice.org2 -> [Folder | Modified Date = 30/08/2007 17:05:58 | Attr = ]

PC Tools -> %UserAppData%\PC Tools -> [Folder | Modified Date = 29/08/2007 16:54:54 | Attr = ]

ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Modified Date = 30/08/2007 17:05:54 | Attr = ]

IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 6408272 bytes | Modified Date = 30/08/2007 16:50:06 | Attr = H ]

100MLT16 -> %UserDocuments%\100MLT16 -> [Folder | Modified Date = 27/08/2007 08:36:44 | Attr = ]

antivirus francis -> %UserDocuments%\antivirus francis -> [Folder | Modified Date = 04/09/2007 14:47:54 | Attr = ]

ARTHEXT.doc -> %UserDocuments%\ARTHEXT.doc -> [Ver = | Size = 36864 bytes | Modified Date = 10/07/2007 17:56:54 | Attr = ]

BASE FACT.ods -> %UserDocuments%\BASE FACT.ods -> [Ver = | Size = 69063 bytes | Modified Date = 02/08/2007 14:08:58 | Attr = ]

cc_20070829_1601.reg -> %UserDocuments%\cc_20070829_1601.reg -> [Ver = | Size = 97121 bytes | Modified Date = 29/08/2007 16:01:52 | Attr = ]

demande de prix brun.doc -> %UserDocuments%\demande de prix brun.doc -> [Ver = | Size = 20992 bytes | Modified Date = 31/08/2007 13:19:26 | Attr = ]

FACT -> %UserDocuments%\FACT -> [Folder | Modified Date = 20/07/2007 12:12:10 | Attr = ]

FACTBASE.ods -> %UserDocuments%\FACTBASE.ods -> [Ver = | Size = 111783 bytes | Modified Date = 03/09/2007 13:33:26 | Attr = ]

FACTSAUV AOUT07.ods -> %UserDocuments%\FACTSAUV AOUT07.ods -> [Ver = | Size = 112314 bytes | Modified Date = 04/09/2007 11:55:00 | Attr = ]

FACTSAUV TRIE.ods -> %UserDocuments%\FACTSAUV TRIE.ods -> [Ver = | Size = 116588 bytes | Modified Date = 03/09/2007 11:46:34 | Attr = ]

FACTSAUV TRIE.pdf -> %UserDocuments%\FACTSAUV TRIE.pdf -> [Ver = | Size = 202082 bytes | Modified Date = 03/09/2007 11:46:52 | Attr = ]

FACTSAUV TRIE2.ods -> %UserDocuments%\FACTSAUV TRIE2.ods -> [Ver = | Size = 111731 bytes | Modified Date = 03/09/2007 13:16:22 | Attr = ]

FACTSAUV TRIE2.pdf -> %UserDocuments%\FACTSAUV TRIE2.pdf -> [Ver = | Size = 197337 bytes | Modified Date = 03/09/2007 13:16:56 | Attr = ]

FACTSAUVEGARDE.ods -> %UserDocuments%\FACTSAUVEGARDE.ods -> [Ver = | Size = 116895 bytes | Modified Date = 03/09/2007 11:44:56 | Attr = ]

Mises à jour de programme téléchargées -> %UserDocuments%\Mises à jour de programme téléchargées -> [Folder | Modified Date = 16/07/2007 05:11:00 | Attr = ]

Nouvelle base de données.odb -> %UserDocuments%\Nouvelle base de données.odb -> [Ver = | Size = 2498 bytes | Modified Date = 13/07/2007 14:28:50 | Attr = ]

Nouvelle base de données.odb.lck -> %UserDocuments%\Nouvelle base de données.odb.lck -> [Ver = | Size = 16 bytes | Modified Date = 13/07/2007 18:30:36 | Attr = ]

Nouvelle base de données2.odb -> %UserDocuments%\Nouvelle base de données2.odb -> [Ver = | Size = 1381 bytes | Modified Date = 13/07/2007 14:29:04 | Attr = ]

Thumbs.db -> %UserDocuments%\Thumbs.db -> [Ver = | Size = 28160 bytes | Modified Date = 10/07/2007 05:24:52 | Attr = HS]

@Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable ->

Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 28/08/2007 13:47:36 | Attr = ]

Ad-Watch 2007.lnk -> %AllUsersDesktop%\Ad-Watch 2007.lnk -> [Ver = | Size = 1790 bytes | Modified Date = 28/08/2007 13:47:36 | Attr = ]

Spyware Doctor.lnk -> %AllUsersDesktop%\Spyware Doctor.lnk -> [Ver = | Size = 768 bytes | Modified Date = 29/08/2007 16:55:02 | Attr = ]

carte udlm.pdf -> %UserDesktop%\carte udlm.pdf -> [Ver = | Size = 80538 bytes | Modified Date = 26/07/2007 06:26:14 | Attr = ]

JACQUET.pdf -> %UserDesktop%\JACQUET.pdf -> [Ver = | Size = 1308300 bytes | Modified Date = 17/07/2007 17:06:42 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\JACQUET.pdf:Zone.Identifier ->

Jeux.url -> %UserDesktop%\Jeux.url -> [Ver = | Size = 386 bytes | Modified Date = 29/08/2007 15:47:00 | Attr = ]

JUIN1.ods -> %UserDesktop%\JUIN1.ods -> [Ver = | Size = 34382 bytes | Modified Date = 10/07/2007 08:42:42 | Attr = ]

Microsoft Office Word 2003 (2).lnk -> %UserDesktop%\Microsoft Office Word 2003 (2).lnk -> [Ver = | Size = 2573 bytes | Modified Date = 16/07/2007 17:21:12 | Attr = ]

Raccourci vers data sur Mac OS X Server (10.32.235.18).lnk -> %UserDesktop%\Raccourci vers data sur Mac OS X Server (10.32.235.18).lnk -> [Ver = | Size = 486 bytes | Modified Date = 03/09/2007 11:47:06 | Attr = ]

SmitfraudFix -> %UserDesktop%\SmitfraudFix -> [Folder | Modified Date = 30/08/2007 07:46:34 | Attr = ]

Traducteur.url -> %UserDesktop%\Traducteur.url -> [Ver = | Size = 404 bytes | Modified Date = 29/08/2007 15:47:00 | Attr = ]

Télécharger les programmes.url -> %UserDesktop%\Télécharger les programmes.url -> [Ver = | Size = 312 bytes | Modified Date = 29/08/2007 15:47:00 | Attr = ]

Vidéos.url -> %UserDesktop%\Vidéos.url -> [Ver = | Size = 390 bytes | Modified Date = 29/08/2007 15:47:00 | Attr = ]

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 04/09/2007 15:31:30 | Attr = ]

winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 355884 bytes | Modified Date = 04/09/2007 15:31:24 | Attr = ]

@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->

autorun.exe -> %AllUsersStartup%\autorun.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

system.exe -> %UserStartup%\system.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 28/08/2007 13:47:00 | Attr = ]

[File String Scan - Non-Microsoft Only]

UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 783224 bytes | Modified Date = 28/07/2007 00:07:22 | Attr = ]

PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 05/08/2004 14:00:00 | Attr = ]

aspack , -> %System32%\my360 Classic.scr -> ScreenTime Media [Ver = 3.2.2 | Size = 201728 bytes | Modified Date = 31/08/2007 17:53:26 | Attr = ]

aspack , -> %System32%\my360 Psyche.scr -> ScreenTime Media [Ver = 3.2.2 | Size = 201728 bytes | Modified Date = 31/08/2007 17:53:16 | Attr = ]

UPX0 , -> %System32%\printer.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

UPX! , UPX0 , -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Modified Date = 27/04/2006 17:49:30 | Attr = ]

UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Modified Date = 29/08/2006 19:43:54 | Attr = ]

UPX! , UPX0 , -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Modified Date = 09/01/2006 10:36:06 | Attr = ]

UPX! , UPX0 , -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Modified Date = 01/12/2006 06:20:34 | Attr = ]

winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 05/08/2004 14:00:00 | Attr = ]

UPX0 , -> %System32%\WinAvXX.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

Thawte Consulting , -> %System32%\XceedFtp.dll -> Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 1.1.129.0 | Size = 279392 bytes | Modified Date = 14/01/2005 15:09:24 | Attr = ]

Thawte Consulting , -> %System32%\XceedZip.dll -> Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 5.0.115.0 | Size = 426848 bytes | Modified Date = 08/04/2004 13:50:04 | Attr = ]

@Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\JACQUET.pdf:Zone.Identifier ->

@Alternate Data Stream - 0 bytes -> %UserDesktop%\Thumbs.db:encryptable ->

@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->

UPX0 , -> %AllUsersStartup%\autorun.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

UPX0 , -> %UserStartup%\system.exe -> Microsoft Co [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 28/08/2007 06:29:00 | Attr = ]

< End of report >

Thanos · le 4 septembre 2007

salut,

A présent, on continue comme ceci >

1)Démarre WinPFind3U en double cliquant sur WinPFind3U.exe et copie/colle le texte ci dessous (ne copie pas le mot CODE) dans le Panneau Paste fix here , puis clique sur le bouton Run Fix.

[Unregister Dlls]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> WinAVX -> %System32%\WinAvXX.exe
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> WinAVX -> %System32%\WinAvXX.exe
< User Startup > -> C:\Documents and Settings\boss\Menu Démarrer\Programmes\Démarrage
YY ->  -> %UserStartup%\system.exe
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell
YY -> C:\WINDOWS\system32\printer.exe -> %System32%\printer.exe
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
YN -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel -> 1
YN -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 1
YN -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableTaskMgr -> 1
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoWindowsUpdate -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1
< HOSTS File > (3457 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
YN -> 192.168.200.3 ad.doubleclick.net -> 
YN -> 192.168.200.3 ad.fastclick.net -> 
YN -> 192.168.200.3 ads.fastclick.net -> 
YN -> 192.168.200.3 ar.atwola.com -> 
YN -> 192.168.200.3 atdmt.com -> 
YN -> 192.168.200.3 avp.ch -> 
YN -> 192.168.200.3 avp.com -> 
YN -> 192.168.200.3 avp.ru -> 
YN -> 192.168.200.3 awaps.net -> 
YN -> 192.168.200.3 banner.fastclick.net -> 
YN -> 192.168.200.3 banners.fastclick.net -> 
YN -> 192.168.200.3 ca.com -> 
YN -> 192.168.200.3 click.atdmt.com -> 
YN -> 192.168.200.3 clicks.atdmt.com -> 
YN -> 192.168.200.3 customer.symantec.com -> 
YN -> 192.168.200.3 dispatch.mcafee.com -> 
YN -> 192.168.200.3 download.mcafee.com -> 
YN -> 192.168.200.3 download.microsoft.com -> 
YN -> 192.168.200.3 downloads-us1.kaspersky-labs.com -> 
YN -> 192.168.200.3 downloads-us2.kaspersky-labs.com -> 
YN -> 192.168.200.3 downloads-us3.kaspersky-labs.com -> 
YN -> 192.168.200.3 downloads.microsoft.com -> 
YN -> 192.168.200.3 downloads1.kaspersky-labs.com -> 
YN -> 192.168.200.3 downloads2.kaspersky-labs.com -> 
YN -> 192.168.200.3 downloads3.kaspersky-labs.com -> 
YN -> 192.168.200.3 downloads4.kaspersky-labs.com -> 
YN -> 192.168.200.3 engine.awaps.net -> 
YN -> 192.168.200.3 f-secure.com -> 
YN -> 192.168.200.3 fastclick.net -> 
YN -> 192.168.200.3 ftp.avp.ch -> 
YN -> 192.168.200.3 ftp.downloads1.kaspersky-labs.com -> 
YN -> 192.168.200.3 ftp.downloads2.kaspersky-labs.com -> 
YN -> 192.168.200.3 ftp.downloads3.kaspersky-labs.com -> 
YN -> 192.168.200.3 ftp.f-secure.com -> 
YN -> 192.168.200.3 ftp.kasperskylab.ru -> 
YN -> 192.168.200.3 ftp.sophos.com -> 
YN -> 192.168.200.3 go.microsoft.com -> 
YN -> 192.168.200.3 ids.kaspersky-labs.com -> 
YN -> 192.168.200.3 kaspersky-labs.com -> 
YN -> 192.168.200.3 kaspersky.com -> 
YN -> 192.168.200.3 liveupdate.symantec.com -> 
YN -> 192.168.200.3 liveupdate.symantecliveupdate.com -> 
YN -> 192.168.200.3 mast.mcafee.com -> 
YN -> 192.168.200.3 mcafee.com -> 
YN -> 192.168.200.3 media.fastclick.net -> 
YN -> 192.168.200.3 microsoft.com -> 
YN -> 192.168.200.3 msdn.microsoft.com -> 
YN -> 192.168.200.3 my-etrust.com -> 
YN -> 192.168.200.3 nai.com -> 
YN -> 192.168.200.3 networkassociates.com -> 
YN -> 192.168.200.3 norton.com -> 
YN -> 192.168.200.3 office.microsoft.com -> 
YN -> 192.168.200.3 pandasoftware.com -> 
YN -> 192.168.200.3 phx.corporate-ir.net -> 
YN -> 192.168.200.3 rads.mcafee.com -> 
YN -> 192.168.200.3 secure.nai.com -> 
YN -> 192.168.200.3 securityresponse.symantec.com -> 
YN -> 192.168.200.3 service1.symantec.com -> 
YN -> 192.168.200.3 sophos.com -> 
YN -> 192.168.200.3 spd.atdmt.com -> 
YN -> 192.168.200.3 support.microsoft.com -> 
YN -> 192.168.200.3 symantec.com -> 
YN -> 192.168.200.3 trendmicro.com -> 
YN -> 192.168.200.3 update.symantec.com -> 
YN -> 192.168.200.3 updates.symantec.com -> 
YN -> 192.168.200.3 updates1.kaspersky-labs.com -> 
YN -> 192.168.200.3 updates2.kaspersky-labs.com -> 
YN -> 192.168.200.3 updates3.kaspersky-labs.com -> 
YN -> 192.168.200.3 updates4.kaspersky-labs.com -> 
YN -> 192.168.200.3 updates5.kaspersky-labs.com -> 
YN -> 192.168.200.3 us.mcafee.com -> 
YN -> 192.168.200.3 vil.nai.com -> 
YN -> 192.168.200.3 viruslist.com -> 
YN -> 192.168.200.3 viruslist.ru -> 
YN -> 192.168.200.3 virusscan.jotti.org -> 
YN -> 192.168.200.3 virustotal.com -> 
YN -> 192.168.200.3 windowsupdate.microsoft.com -> 
YN -> 192.168.200.3 www.avp.ch -> 
YN -> 192.168.200.3 www.avp.com -> 
YN -> 192.168.200.3 www.avp.ru -> 
YN -> 192.168.200.3 www.awaps.net -> 
YN -> 192.168.200.3 www.ca.com -> 
YN -> 192.168.200.3 www.f-secure.com -> 
YN -> 192.168.200.3 www.fastclick.net -> 
YN -> 192.168.200.3 www.grisoft.com -> 
YN -> 192.168.200.3 www.kaspersky-labs.com -> 
YN -> 192.168.200.3 www.kaspersky.com -> 
YN -> 192.168.200.3 www.kaspersky.ru -> 
YN -> 192.168.200.3 www.mcafee.com -> 
YN -> 192.168.200.3 www.microsoft.com -> 
YN -> 192.168.200.3 www.my-etrust.com -> 
YN -> 192.168.200.3 www.nai.com -> 
YN -> 192.168.200.3 www.networkassociates.com -> 
YN -> 192.168.200.3 www.pandasoftware.com -> 
YN -> 192.168.200.3 www.sophos.com -> 
YN -> 192.168.200.3 www.symantec.com -> 
YN -> 192.168.200.3 www.symantec.com -> 
YN -> 192.168.200.3 www.trendmicro.com -> 
YN -> 192.168.200.3 www.viruslist.com -> 
YN -> 192.168.200.3 www.viruslist.ru -> 
YN -> 192.168.200.3 www.virustotal.com -> 
YN -> 192.168.200.3 www3.ca.com -> 
< Internet Explorer Settings > -> 
YN -> HKCU: URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
[Registry - Additional Scans - Non-Microsoft Only]
< Security Settings > -> 
YY -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\winav.exe -> %windir%\system32\winav.exe:*:Enabled:@xpsp2res.dll,-22019
[Registry - Additional Scans - Non-Microsoft Only]
< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
YN -> PornoPlayer -> PornoPlayer
[Files/Folders - Created Within 60 days]
NY -> printer.exe -> %System32%\printer.exe
NY -> autorun.exe -> %AllUsersStartup%\autorun.exe
NY -> system.exe -> %UserStartup%\system.exe
[Files/Folders - Modified Within 60 days]
NY -> printer.exe -> %System32%\printer.exe
NY -> autorun.exe -> %AllUsersStartup%\autorun.exe
NY -> system.exe -> %UserStartup%\system.exe
[File String Scan - Non-Microsoft Only]
NY -> UPX0 , -> %System32%\printer.exe
NY -> UPX0 , -> %AllUsersStartup%\autorun.exe
NY -> UPX0 , -> %UserStartup%\system.exe
[ Extra Files ]
C:\WINDOWS\system32\hadjajr.ini 
C:\WINDOWS\system32\vtr???.dll 
C:\Documents and Settings\boss\Menu Démarrer\Programmes\PornoPlayer
C:\Documents and Settings\boss\Menu Démarrer\Programmes\Démarrage\system.exe
C:\Program Files\PornoPlayer
[Empty Temp Folders]

Le Fix va se faire rapidement, puis il te sera peut être demandé de redémarrer ton pc : accepte en cliquant sur Yes

2) Passe par Ajouter/Supprimer des programmes et désinstalle >

MyWay Search Assistant

Java 2 Runtime Environment, SE v1.4.2_03

Il faut télécharger et installer la dernière version de Java qui corrige des failles de sécurité!

Passe par cette page et installe Java Runtime Environment Version 6 Update 2> http://www.java.com/fr/download/windows_xp...st=www.java.com

3) Fais un scan en ligne avec Panda :

http://www.pandasoftware.fr/Activescan/Activescan.html .

Et poste le rapport qu'il t'affichera à la fin, pour cela, assure toi que IE est correctement configuré pour le scan en ligne comme indiqué ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId898809 .

Si tu n'y arrives pas, le tuto est : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId237368

Tu n'es pas obligé de donner ton email, tu peux utiliser une adresse jetable si tu le souhaites : http://www.jetable.org/fr/index

Attention!! Panda et Avast entrent en conflit, pour pouvoir télécharger le contrôle active x de Panda, il faut que tu désactives le bouclier web d'Avast le temps du scan.

Clique sur le bouton "Pause" >

Poste :

le rapport du scan avec Panda

le rapport qui se trouve dans le dossier WinPFind3u( c'est un rapport qui a pour nom la date du jour\mois\année\heure).

un nouveau rapport hijackthis.

allez courage, on touche au but

Modifié le 5 septembre 2007 par charles ingals

triton · le 4 septembre 2007

ok merci

quand je lance le fix il ne me rend pas la main !

Thanos · le 4 septembre 2007

salut

Est ce que tu peux essayer de lancer le fix en mode sans échec ?

Copie/colle le contenu du fix dans un fichier texte que tu enregistres sur le bureau, afin de pouvoir l'utiliser en mode sans échec, car tu n'auras pas accès à internet.

Redémarre le PC, impérativement en mode sans échec.

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, tapote par alternance les touches [F8] et [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionne "Mode sans échec" et appuie sur [Entrée].

Ensuite tu redémarres le pc et tu continues la procédure

Modifié le 4 septembre 2007 par charles ingals

triton · le 5 septembre 2007

bonjour

en mode sans échec même problème il bloque sur cette ligne :

NY -> WinAvXX.exe -> %System32%\WinAvXX.exe

Thanos · le 5 septembre 2007

salut

Ok, on va la retirer du fix, et tu vas faire la suppression manuellement (toujours en mode sans échec)

Je viens de modifier mon message ou le script est mis :

-redémarre en mode sans échec.

-élimine manuellement le fichier WinAvXX.exe qui se trouve dans C:\Windows\System32

Note: il est possible que tu ne puisse pas voir ce fichier.Si c'est le cas, il faut modifier les options d'affichage ainsi >

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Cocher la case : Afficher les fichiers et dossiers cachés

Décocher la case : Masquer les extensions des fichiers dont le type est connu

Décocher la case : Masquer les fichiers protégés du système d'exploitation

cliquer sur "Appliquer"

cliquer sur le bouton "Appliquer à tous les dossiers" / OK

-relance le fix comme précédemment, et continue la procédure : attention le fix a été modifié!! il faut donc que tu copies le nouveau (dans un fichier texte) pour pouvoir l'utiliser en mode sans échec.

triton · le 5 septembre 2007

on avance !

blocage là maintenant

NY -> system.exe -> %UserStartup%\system.exe

Connexion

Pas encore inscrit ?

windows antivirus encoore lui

Messages recommandés

triton

triton

Thanos

triton

Thanos

triton

Thanos

triton

Thanos

triton

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer