PC truffé de virus

Donlarbe · le 27 septembre 2007

Salut,

J'ai entepris la désinfection proposée et ... suite à l'étape 2 : l'ordinateur ne cesse de redémarrer tout seul.

Impossible de redémarrer en mode sans échec, il est bloqué en redémarage perpétuel.

N'y aurait-il pas eu des choses à ne pas fixer qui l'ont été ?

Merci encore de prendre du temps pour moi.

Thanos · le 27 septembre 2007

re!

N'y aurait-il pas eu des choses à ne pas fixer qui l'ont été ?

Une erreur sur le fix... je te présente toutes mes excuses: un problème lors du copier/coller des instructions sur le forum Est ce que tu possèdes le cd de Windows xp (la manip est simple) ?

Thanos · le 27 septembre 2007

Donlarbe, je te renouvelle mes excuses

La solution est simple >

Si tu as le cd de Windows Xp, voilà comment procéder (ca prend 2 minutes! et il y a plusieurs méthodes pour récupérer le fichier ntdetect.com) >

1) Met le cd d'Xp dans le lecteur et redémarre le pc, puis suis les infos sur cette page afin d'accéder à la console de récupération de Windows > http://www.zebulon.fr/dossiers/61-3-demarr...cuperation.html

2) Quelques infos sur l'utilisation de la console de récupération (répond au questions qui te sont posées afin de la démarrer) > http://www.zebulon.fr/dossiers/61-4-utilis...cuperation.html

3) Une fois dans la console, tape ceci > fixboot c: puis clique sur la touche [Entrée]

A la demande de confirmation, répond O

En image ici > http://www.zebulon.fr/dossiers/61-6-repare...cteur-boot.html

Une fois ceci fait, redémarre le pc : le problème doit être rêglé.

Si ca fonctionne, tu peux continuer la procédure avec l'étape 3 et poster les rapports.

Dis moi ce qu'il en est stp

Donlarbe · le 28 septembre 2007

Donlarbe, je te renouvelle mes excuses
La solution est simple >

Si tu as le cd de Windows Xp, voilà comment procéder (ca prend 2 minutes! et il y a plusieurs méthodes pour récupérer le fichier ntdetect.com) >

1) Met le cd d'Xp dans le lecteur et redémarre le pc, puis suis les infos sur cette page afin d'accéder à la console de récupération de Windows > http://www.zebulon.fr/dossiers/61-3-demarr...cuperation.html

2) Quelques infos sur l'utilisation de la console de récupération (répond au questions qui te sont posées afin de la démarrer) > http://www.zebulon.fr/dossiers/61-4-utilis...cuperation.html

3) Une fois dans la console, tape ceci > fixboot c: puis clique sur la touche [Entrée]

A la demande de confirmation, répond O

En image ici > http://www.zebulon.fr/dossiers/61-6-repare...cteur-boot.html

Une fois ceci fait, redémarre le pc : le problème doit être rêglé.

Si ca fonctionne, tu peux continuer la procédure avec l'étape 3 et poster les rapports.

Dis moi ce qu'il en est stp

Salut,

Merci pour les méthodes de redémarrage normal ; fixboot n'a pas fonctionné, il a fallu réinstallé ntldr et ntdetect.

J'ai donc pu procéder à l'étape 3, mais SDfix fait redémarrer tout seul le PC, probablement avant la fin de son processus.

Lorque je recherche le fichier texte "report", il n'y en a pas dans le dossier Sdfix créé à la racine de C:

Par contre, il y a deux autres fichiers textes :

- un nommé "Stopped" qui est totalement vide

- un autre nommé "kill" dans lequel est écrit :

Command Line Process Viewer/killer/suspender for Windows NT/2000/XP v2.03

Error, cannot find a process with a image name of wupdmgr.exe

Voilà,

Encore merci.

Thanos · le 28 septembre 2007

salut

Content que tu ais pû redémarrer le pc

C'est pas grave pour SDFix: poste juste, stp, le rapport généré par WinPFind3u ( c'est un rapport qui a pour nom la date du jour\mois\année\heure) > il se trouve dans le dossier du même nom.

relance ensuite le scan avec WinPFind3U comme précédemment et poste le rapport. >

Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.

Sous le groupe Files Created Within sélectionne 60 days

Sous le groupe Files Modified Within sélectionne 60 days

Sous le groupe String Search sélectionne Non-Microsoft

Sous le groupe Additional Scans coche les cases >
Reg- Security Settings
Reg- Software Policy Settings
Reg- Uninstall List
Reg- Additional Folder Scans

A présent clique sur le bouton Run Scan dans la barre d'outils

Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.

Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.

Copie/Colle le contenu du rapport dans ta prochaine réponse.

Modifié le 28 septembre 2007 par charles ingals

Donlarbe · le 28 septembre 2007

salut

Content que tu ais pû redémarrer le pc

C'est pas grave pour SDFix: poste juste, stp, le rapport généré par WinPFind3u ( c'est un rapport qui a pour nom la date du jour\mois\année\heure) > il se trouve dans le dossier du même nom.

relance ensuite le scan avec WinPFind3U comme précédemment et poste le rapport. >

Bonsoir,

Je n'ai pas bien compris s'il fallait en tout poster deux rapports ou un.

Je poste le seul rapport dont le nom correspond à une date, situé dans le dossier WinPFind3U.

Avant cela, il me faut avouer une initiative dont je ne connais pas la portée.

En effet, n'ayant pas pu lancer Sdfix normalement, j'ai choisi de " mettre un coup " de CClean, histoire de nettoyer un peut windows de fond en comble. Et j'ai supprimé manuellement tout un tas de fichiers (exécutables) situés à la racine de C:\ et dont les noms étaient plus qu'étranges!

Merci d'avance.

Ainsi donc :

[Win32 Services - Non-Microsoft Only]

Service gay stopped successfully.

Service gay deleted successfully.

File C:\WINDOWS\SYSTEM32\sdin.exe not found.

Unable to stop service Microsoft usnsvc Service .

Service Microsoft usnsvc Service deleted successfully.

C:\WINDOWS\usnsvc.exe moved successfully.

[Registry - Non-Microsoft Only]

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\\DisableRegistryTools deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\\DisableRegistryTools deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.

[Registry - Additional Scans - Non-Microsoft Only]

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\System32\yrdlvxlle.exe deleted successfully.

File C:\WINDOWS\System32\yrdlvxlle.exe:*:Enabled:Log System not found.

Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\System32\ukrzhrlgf.exe deleted successfully.

File C:\WINDOWS\System32\ukrzhrlgf.exe:*:Enabled:Microsoft OCX not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BBB1528C-2F8C-4526-9C8E-699F17AF21CA} not found.

[Files/Folders - Created Within 60 days]

File C:\aczzdozkf.exe not found!

File C:\afohiionc.exe not found!

File C:\augwzwwch.exe not found!

File C:\cad.exe not found!

File C:\dvqcrrcnb.exe not found!

File C:\fefoehcst.exe not found!

File C:\flbahdsgh.exe not found!

File C:\grmdnguak.exe not found!

File C:\ijcbudhzr.exe not found!

File C:\jaawtjelh.exe not found!

File C:\jeaefljpe.exe not found!

File C:\jjkgqewxw.exe not found!

File C:\jveebidtz.exe not found!

File C:\jzwlhhqof.exe not found!

File C:\mipxeuqwp.exe not found!

File C:\nltnuwsge.exe not found!

File C:\olzixhjuf.exe not found!

File C:\qkxmamnpw.exe not found!

File C:\qzxnwtndr.exe not found!

File C:\recxadbxb.exe not found!

C:\SDFix\backups moved successfully.

C:\SDFix\backupreg moved successfully.

C:\SDFix\apps\Replace\xp moved successfully.

C:\SDFix\apps\Replace\w2k moved successfully.

C:\SDFix\apps\Replace moved successfully.

C:\SDFix\apps moved successfully.

C:\SDFix moved successfully.

File C:\umqvmqbff.exe not found!

File C:\vlvgcweqr.exe not found!

C:\VundoFix Backups moved successfully.

File C:\vwilmjrgb.exe not found!

File C:\ycjorcbgo.exe not found!

File C:\yhuslowtx.exe not found!

File C:\ykgkamnrp.exe not found!

File C:\yqxkcwesg.exe not found!

C:\WINDOWS\b122.exe moved successfully.

C:\WINDOWS\b128.exe.bin moved successfully.

C:\WINDOWS\b143.exe.bin moved successfully.

C:\WINDOWS\b147.exe.bin moved successfully.

C:\WINDOWS\DUMP2710.tmp moved successfully.

C:\WINDOWS\DUMP2aa9.tmp moved successfully.

C:\WINDOWS\DUMP2cad.tmp moved successfully.

C:\WINDOWS\DUMP2d1a.tmp moved successfully.

C:\WINDOWS\DUMP2d3b.tmp moved successfully.

C:\WINDOWS\DUMP2d5a.tmp moved successfully.

C:\WINDOWS\DUMP2d5b.tmp moved successfully.

C:\WINDOWS\DUMP2d79.tmp moved successfully.

C:\WINDOWS\DUMP2d89.tmp moved successfully.

C:\WINDOWS\DUMP2d8a.tmp moved successfully.

C:\WINDOWS\DUMP2d8b.tmp moved successfully.

C:\WINDOWS\DUMP2d8c.tmp moved successfully.

C:\WINDOWS\DUMP2d98.tmp moved successfully.

C:\WINDOWS\DUMP2d99.tmp moved successfully.

C:\WINDOWS\DUMP2d9a.tmp moved successfully.

C:\WINDOWS\DUMP2daa.tmp moved successfully.

C:\WINDOWS\DUMP2dab.tmp moved successfully.

C:\WINDOWS\DUMP2dac.tmp moved successfully.

C:\WINDOWS\DUMP2db8.tmp moved successfully.

C:\WINDOWS\DUMP2db9.tmp moved successfully.

C:\WINDOWS\DUMP2dba.tmp moved successfully.

C:\WINDOWS\DUMP2dbb.tmp moved successfully.

C:\WINDOWS\DUMP2dc7.tmp moved successfully.

C:\WINDOWS\DUMP2dc8.tmp moved successfully.

C:\WINDOWS\DUMP2dc9.tmp moved successfully.

C:\WINDOWS\DUMP2dca.tmp moved successfully.

C:\WINDOWS\DUMP2dcb.tmp moved successfully.

C:\WINDOWS\DUMP2dcc.tmp moved successfully.

C:\WINDOWS\DUMP2dd8.tmp moved successfully.

C:\WINDOWS\DUMP2dd9.tmp moved successfully.

C:\WINDOWS\DUMP2dda.tmp moved successfully.

C:\WINDOWS\DUMP2de7.tmp moved successfully.

C:\WINDOWS\DUMP2df5.tmp moved successfully.

C:\WINDOWS\DUMP2df6.tmp moved successfully.

C:\WINDOWS\DUMP2e05.tmp moved successfully.

C:\WINDOWS\DUMP2e15.tmp moved successfully.

C:\WINDOWS\DUMP2e16.tmp moved successfully.

C:\WINDOWS\DUMP2e17.tmp moved successfully.

C:\WINDOWS\DUMP2e18.tmp moved successfully.

C:\WINDOWS\DUMP2e19.tmp moved successfully.

C:\WINDOWS\DUMP2e26.tmp moved successfully.

C:\WINDOWS\DUMP2e27.tmp moved successfully.

C:\WINDOWS\DUMP2e34.tmp moved successfully.

C:\WINDOWS\DUMP2e35.tmp moved successfully.

C:\WINDOWS\DUMP2e43.tmp moved successfully.

C:\WINDOWS\DUMP2e44.tmp moved successfully.

C:\WINDOWS\DUMP2e45.tmp moved successfully.

C:\WINDOWS\DUMP2e46.tmp moved successfully.

C:\WINDOWS\DUMP2e53.tmp moved successfully.

C:\WINDOWS\DUMP2e54.tmp moved successfully.

C:\WINDOWS\DUMP2e63.tmp moved successfully.

C:\WINDOWS\DUMP2e64.tmp moved successfully.

C:\WINDOWS\DUMP2e65.tmp moved successfully.

C:\WINDOWS\DUMP2e72.tmp moved successfully.

C:\WINDOWS\DUMP2e83.tmp moved successfully.

C:\WINDOWS\DUMP2e91.tmp moved successfully.

C:\WINDOWS\DUMP2ea2.tmp moved successfully.

C:\WINDOWS\DUMP2ea3.tmp moved successfully.

C:\WINDOWS\SYSTEM32\cwicnohfx.exe moved successfully.

C:\WINDOWS\SYSTEM32\delFSF.bat moved successfully.

File move failed. C:\WINDOWS\SYSTEM32\xpdx.sys scheduled to be moved on reboot.

C:\Documents and Settings\jean pierre\Bureau\SDFix.exe moved successfully.

C:\Documents and Settings\jean pierre\Bureau\SmitfraudFix moved successfully.

C:\Documents and Settings\jean pierre\Bureau\SmitfraudFix.exe moved successfully.

C:\Documents and Settings\jean pierre\Bureau\VirtumundoBeGone.exe moved successfully.

C:\Documents and Settings\jean pierre\Bureau\vundofix_vundofix_6.5.4_anglais_25107.exe moved successfully.

[Files/Folders - Modified Within 60 days]

File C:\aczzdozkf.exe not found!

File C:\afohiionc.exe not found!

File C:\augwzwwch.exe not found!

File C:\cad.exe not found!

File C:\dvqcrrcnb.exe not found!

File C:\fefoehcst.exe not found!

File C:\flbahdsgh.exe not found!

File C:\grmdnguak.exe not found!

File C:\ijcbudhzr.exe not found!

File C:\jaawtjelh.exe not found!

File C:\jeaefljpe.exe not found!

File C:\jjkgqewxw.exe not found!

File C:\jveebidtz.exe not found!

File C:\jzwlhhqof.exe not found!

File C:\mipxeuqwp.exe not found!

File C:\nltnuwsge.exe not found!

C:\ntdetect.com moved successfully.

File C:\olzixhjuf.exe not found!

File C:\qkxmamnpw.exe not found!

File C:\qzxnwtndr.exe not found!

File C:\recxadbxb.exe not found!

File C:\umqvmqbff.exe not found!

File C:\vlvgcweqr.exe not found!

File C:\VundoFix Backups not found!

File C:\vwilmjrgb.exe not found!

File C:\ycjorcbgo.exe not found!

File C:\yhuslowtx.exe not found!

File C:\ykgkamnrp.exe not found!

File C:\yqxkcwesg.exe not found!

File C:\WINDOWS\b122.exe not found!

File C:\WINDOWS\b128.exe.bin not found!

File C:\WINDOWS\b143.exe.bin not found!

File C:\WINDOWS\b147.exe.bin not found!

File C:\WINDOWS\DUMP2710.tmp not found!

C:\WINDOWS\DUMP29de.tmp moved successfully.

File C:\WINDOWS\DUMP2aa9.tmp not found!

C:\WINDOWS\DUMP2b65.tmp moved successfully.

File C:\WINDOWS\DUMP2cad.tmp not found!

C:\WINDOWS\DUMP2ccc.tmp moved successfully.

C:\WINDOWS\DUMP2cec.tmp moved successfully.

File C:\WINDOWS\DUMP2d1a.tmp not found!

C:\WINDOWS\DUMP2d2a.tmp moved successfully.

C:\WINDOWS\DUMP2d2b.tmp moved successfully.

C:\WINDOWS\DUMP2d3a.tmp moved successfully.

File C:\WINDOWS\DUMP2d3b.tmp not found!

C:\WINDOWS\DUMP2d49.tmp moved successfully.

C:\WINDOWS\DUMP2d59.tmp moved successfully.

File C:\WINDOWS\DUMP2d5a.tmp not found!

File C:\WINDOWS\DUMP2d5b.tmp not found!

C:\WINDOWS\DUMP2d78.tmp moved successfully.

File C:\WINDOWS\DUMP2d79.tmp not found!

C:\WINDOWS\DUMP2d88.tmp moved successfully.

File C:\WINDOWS\DUMP2d89.tmp not found!

File C:\WINDOWS\DUMP2d8a.tmp not found!

File C:\WINDOWS\DUMP2d8b.tmp not found!

File C:\WINDOWS\DUMP2d8c.tmp not found!

C:\WINDOWS\DUMP2d97.tmp moved successfully.

File C:\WINDOWS\DUMP2d98.tmp not found!

File C:\WINDOWS\DUMP2d99.tmp not found!

File C:\WINDOWS\DUMP2d9a.tmp not found!

C:\WINDOWS\DUMP2da7.tmp moved successfully.

C:\WINDOWS\DUMP2da8.tmp moved successfully.

C:\WINDOWS\DUMP2da9.tmp moved successfully.

File C:\WINDOWS\DUMP2daa.tmp not found!

File C:\WINDOWS\DUMP2dab.tmp not found!

File C:\WINDOWS\DUMP2dac.tmp not found!

C:\WINDOWS\DUMP2db7.tmp moved successfully.

File C:\WINDOWS\DUMP2db8.tmp not found!

File C:\WINDOWS\DUMP2db9.tmp not found!

File C:\WINDOWS\DUMP2dba.tmp not found!

File C:\WINDOWS\DUMP2dbb.tmp not found!

C:\WINDOWS\DUMP2dc6.tmp moved successfully.

File C:\WINDOWS\DUMP2dc7.tmp not found!

File C:\WINDOWS\DUMP2dc8.tmp not found!

File C:\WINDOWS\DUMP2dc9.tmp not found!

File C:\WINDOWS\DUMP2dca.tmp not found!

File C:\WINDOWS\DUMP2dcb.tmp not found!

File C:\WINDOWS\DUMP2dcc.tmp not found!

C:\WINDOWS\DUMP2dd6.tmp moved successfully.

C:\WINDOWS\DUMP2dd7.tmp moved successfully.

File C:\WINDOWS\DUMP2dd8.tmp not found!

File C:\WINDOWS\DUMP2dd9.tmp not found!

File C:\WINDOWS\DUMP2dda.tmp not found!

C:\WINDOWS\DUMP2de6.tmp moved successfully.

File C:\WINDOWS\DUMP2de7.tmp not found!

File C:\WINDOWS\DUMP2df5.tmp not found!

File C:\WINDOWS\DUMP2df6.tmp not found!

File C:\WINDOWS\DUMP2e05.tmp not found!

C:\WINDOWS\DUMP2e14.tmp moved successfully.

File C:\WINDOWS\DUMP2e15.tmp not found!

File C:\WINDOWS\DUMP2e16.tmp not found!

File C:\WINDOWS\DUMP2e17.tmp not found!

File C:\WINDOWS\DUMP2e18.tmp not found!

File C:\WINDOWS\DUMP2e19.tmp not found!

C:\WINDOWS\DUMP2e24.tmp moved successfully.

C:\WINDOWS\DUMP2e25.tmp moved successfully.

File C:\WINDOWS\DUMP2e26.tmp not found!

File C:\WINDOWS\DUMP2e27.tmp not found!

File C:\WINDOWS\DUMP2e34.tmp not found!

File C:\WINDOWS\DUMP2e35.tmp not found!

File C:\WINDOWS\DUMP2e43.tmp not found!

File C:\WINDOWS\DUMP2e44.tmp not found!

File C:\WINDOWS\DUMP2e45.tmp not found!

File C:\WINDOWS\DUMP2e46.tmp not found!

File C:\WINDOWS\DUMP2e53.tmp not found!

File C:\WINDOWS\DUMP2e54.tmp not found!

File C:\WINDOWS\DUMP2e63.tmp not found!

File C:\WINDOWS\DUMP2e64.tmp not found!

File C:\WINDOWS\DUMP2e65.tmp not found!

File C:\WINDOWS\DUMP2e72.tmp not found!

C:\WINDOWS\DUMP2e82.tmp moved successfully.

File C:\WINDOWS\DUMP2e83.tmp not found!

File C:\WINDOWS\DUMP2e91.tmp not found!

C:\WINDOWS\DUMP2ea1.tmp moved successfully.

File C:\WINDOWS\DUMP2ea2.tmp not found!

File C:\WINDOWS\DUMP2ea3.tmp not found!

C:\WINDOWS\DUMP2ee0.tmp moved successfully.

C:\WINDOWS\DUMP2f6c.tmp moved successfully.

File C:\WINDOWS\usnsvc.exe not found!

File C:\WINDOWS\SYSTEM32\cwicnohfx.exe not found!

File C:\WINDOWS\SYSTEM32\delFSF.bat not found!

File move failed. C:\WINDOWS\SYSTEM32\xpdx.sys scheduled to be moved on reboot.

File C:\Documents and Settings\jean pierre\Bureau\SDFix.exe not found!

File C:\Documents and Settings\jean pierre\Bureau\SmitfraudFix not found!

File C:\Documents and Settings\jean pierre\Bureau\SmitfraudFix.exe not found!

File C:\Documents and Settings\jean pierre\Bureau\VirtumundoBeGone.exe not found!

File C:\Documents and Settings\jean pierre\Bureau\vundofix_vundofix_6.5.4_anglais_25107.exe not found!

< End of log >

Created on 09-27-2007 21:49:17

Thanos · le 28 septembre 2007

salut

Avant cela, il me faut avouer une initiative dont je ne connais pas la portée.
En effet, n'ayant pas pu lancer Sdfix normalement, j'ai choisi de " mettre un coup " de CClean, histoire de nettoyer un peut windows de fond en comble. Et j'ai supprimé manuellement tout un tas de fichiers (exécutables) situés à la racine de C:\ et dont les noms étaient plus qu'étranges!

Tu as supprimé ces fichiers dans C:\ avant de lancer le script WinPFind3U ? poste stp un nouveau rapport mais comme ceci pour voir si tous les fichiers ont bien disparu >

Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.
Sous le groupe Files Created Within sélectionne 60 days
Sous le groupe Files Modified Within sélectionne 60 days
Sous le groupe String Search sélectionne Non-Microsoft
Sous le groupe Additional Scans coche les cases >
Reg- Security Settings
Reg- Software Policy Settings
Reg- Uninstall List
Reg- Additional Folder Scans
A présent clique sur le bouton Run Scan dans la barre d'outils
Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.
Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.
Copie/Colle le contenu du rapport dans ta prochaine réponse.

@+

Donlarbe · le 28 septembre 2007

salut
Tu as supprimé ces fichiers dans C:\ avant de lancer le script WinPFind3U ? poste stp un nouveau rapport mais comme ceci pour voir si tous les fichiers ont bien disparu >

Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.

Sous le groupe Files Created Within sélectionne 60 days

Sous le groupe Files Modified Within sélectionne 60 days

Sous le groupe String Search sélectionne Non-Microsoft

Sous le groupe Additional Scans coche les cases >
Reg- Security Settings

Reg- Software Policy Settings

Reg- Uninstall List

Reg- Additional Folder Scans

A présent clique sur le bouton Run Scan dans la barre d'outils

Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.

Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.

Copie/Colle le contenu du rapport dans ta prochaine réponse.

@+

Bonsoir,

Très franchement je ne me souviens plus.

Je crois que j'ai fait WinPFind3U, puis j'ai essayé SDFix et devant l'échec j'ai tenté effacement manuel des exe sur C:\ et ensuite CCleaner.

J'ai récupéré un haut débit, les mises à jours automatiques restent désormais activées même après reboot par contre, impossible de graver (avec Record Now) les media vierges que j'insère ne sont pas détectés !

Je viens à l'instant de refaire WinPFind3U et en voici le rapport :

WinPFind3 logfile created on: 2007-09-28 21:31:48

WinPFind3U by OldTimer - Version 1.0.42 Folder = C:\Documents and Settings\jean pierre\Bureau\WinPFind3u\

Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)

Internet Explorer (Version = 6.0.2900.2180)

511.48 Mb Total Physical Memory | 249.17 Mb Available Physical Memory | 48.71% Memory free

1.22 Gb Paging File | 0.94 Gb Available in Paging File | 77.11% Paging File free

Paging file location(s): C:\pagefile.sys 766 766;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 107.78 Gb Total Space | 29.82 Gb Free Space | 27.67% Space Free

Drive D: | 65.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Computer Name: BELL

Current User Name: jean pierre

Logged in as Administrator.

Current Boot Mode: Normal

[Processes - Non-Microsoft Only]

a2service.exe -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.345 | Size = 217208 bytes | Modified Date = 2007-08-31 20:24:24 | Attr = ]

aboard.exe -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 2003-05-02 12:31:50 | Attr = ]

aosd.exe -> %SystemDrive%\APPS\ABoard\AOSD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 69632 bytes | Modified Date = 2003-05-02 12:31:38 | Attr = ]

atiptaxx.exe -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 2003-09-12 22:10:00 | Attr = ]

avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2007-06-11 11:25:42 | Attr = ]

avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.0.123 | Size = 218376 bytes | Modified Date = 2007-06-20 13:04:00 | Attr = ]

gcasdtserv.exe -> %ProgramFiles%\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe -> GIANT Company Software inc. [Ver = 1.00.0411 | Size = 737280 bytes | Modified Date = 2004-11-28 11:30:30 | Attr = ]

gcasnotice.exe -> %ProgramFiles%\GIANT Company Software\GIANT AntiSpyware\gcasNotice.exe -> GIANT Company Software inc. [Ver = 1.00.0005 | Size = 102400 bytes | Modified Date = 2004-11-19 11:55:54 | Attr = ]

guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-30 14:31:10 | Attr = ]

jusched.exe -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 2005-11-10 13:03:52 | Attr = ]

qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 2006-06-29 12:01:42 | Attr = ]

realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 2004-01-21 19:04:16 | Attr = ]

slserv.exe -> %System32%\slserv.exe -> Smart Link [Ver = 3.80.01MC15 | Size = 73796 bytes | Modified Date = 2004-08-20 01:10:02 | Attr = ]

soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.09 | Size = 57344 bytes | Modified Date = 2003-08-05 14:59:54 | Attr = ]

vcsplay.exe -> %ProgramFiles%\Virtual CD v4 SDK\System\vcsplay.exe -> H+H Software GmbH [Ver = 4, 5, 0, 6 | Size = 299008 bytes | Modified Date = 2003-08-13 11:33:32 | Attr = ]

vcssecs.exe -> %ProgramFiles%\Virtual CD v4 SDK\System\vcssecs.exe -> H+H Software GmbH [Ver = 4, 3, 0, 1 | Size = 139264 bytes | Modified Date = 2002-05-16 12:17:32 | Attr = ]

wanmpsvc.exe -> %SystemRoot%\wanmpsvc.exe -> America Online, Inc. [Ver = 7, 0, 0, 2 | Size = 65536 bytes | Modified Date = 2003-08-04 12:22:08 | Attr = ]

winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 2007-09-04 10:47:26 | Attr = ]

[Win32 Services - Non-Microsoft Only]

(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 2004-08-20 01:09:52 | Attr = ]

[Registry - Non-Microsoft Only]

< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2007-06-11 11:25:42 | Attr = ]

ACTIVBOARD -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 2003-05-02 12:31:50 | Attr = ]

ATIModeChange -> %System32%\Ati2mdxx.exe -> ATI Technologies, Inc. [Ver = 4.13.3 | Size = 28672 bytes | Modified Date = 2001-09-04 17:24:26 | Attr = ]

ATIPTA -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 2003-09-12 22:10:00 | Attr = ]

AVP -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> Kaspersky Lab [Ver = 7.0.0.123 | Size = 218376 bytes | Modified Date = 2007-06-20 13:04:00 | Attr = ]

CheckMedi8or -> %ProgramFiles%\Mediator 7 Pro\CheckNewUser.exe -> [Ver = | Size = 36864 bytes | Modified Date = 2002-10-29 17:00:26 | Attr = ]

gcasServ -> %ProgramFiles%\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe -> GIANT Company Software inc. [Ver = 1.00.0349 | Size = 462848 bytes | Modified Date = 2004-11-28 13:06:02 | Attr = ]

KernelFaultCheck -> -> File not found

QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 2006-06-29 12:01:42 | Attr = ]

SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.09 | Size = 57344 bytes | Modified Date = 2003-08-05 14:59:54 | Attr = ]

SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 2005-11-10 13:03:52 | Attr = ]

TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 2004-01-21 19:04:16 | Attr = ]

VCSPlayer -> %ProgramFiles%\Virtual CD v4 SDK\System\vcsplay.exe -> H+H Software GmbH [Ver = 4, 5, 0, 6 | Size = 299008 bytes | Modified Date = 2003-08-13 11:33:32 | Attr = ]

< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->

IMAIL -> Installed = 1 ->

MAPI -> Installed = 1 ->

MSFS -> Installed = 1 ->

< Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->

%AllUsersStartup%\Lancement rapide d'Adobe Reader.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 2005-09-23 22:05:26 | Attr = ]

< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->

*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->

C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll -> Kaspersky Lab [Ver = 7.0.0.123 | Size = 91400 bytes | Modified Date = 2007-06-20 13:04:06 | Attr = ]

< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->

{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 2007-05-30 14:29:58 | Attr = ]

{9EF34FF2-3396-4527-9D27-04C8C1C67806} [HKLM] -> %ProgramFiles%\GIANT Company Software\GIANT AntiSpyware\gcasServHook.dll [GIANT AntiSpyware Service Hook] -> GIANT Company Software inc. [Ver = 1.00.0052 | Size = 61440 bytes | Modified Date = 2004-11-19 11:48:26 | Attr = ]

< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->

< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->

klogon -> %System32%\klogon.dll -> Kaspersky Lab [Ver = 7.0.0.123 | Size = 206088 bytes | Modified Date = 2007-06-20 13:04:12 | Attr = ]

< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 57344 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->

< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->

< HOSTS File > (183665 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->

< Internet Explorer Settings > -> ->

HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->

HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Local Page -> C:\windows\system32\blank.htm ->

HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->

HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->

HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->

HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Local Page -> C:\windows\system32\blank.htm ->

HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Start Page -> http://www.free.fr/ ->

HKCU: URLSearchHooks\\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

HKCU: ProxyEnable -> 0 ->

< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

msn.com [ - ] -> ->

< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 2006-12-18 04:16:42 | Attr = ]

{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 2005-11-10 13:22:12 | Attr = ]

< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->

{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->

WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\npjpi150_06.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 2005-11-10 13:22:12 | Attr = ]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 2005-11-10 13:22:12 | Attr = ]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} -> Reg Data - Value does not exist [buttonText: Statistiques d’Anti-Virus Internet] -> File not found

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [buttonText: Recherche] -> File not found

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [buttonText: Real.com] -> File not found

< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->

&Search -> -> File not found

Ajouter à Kaspersky Anti-Bannière -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm -> [Ver = | Size = 1317 bytes | Modified Date = 2007-06-20 12:52:56 | Attr = ]

E&xporter vers Microsoft Excel -> -> File not found

< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->

SIMBAR Enabled -> ->

SIMBAR={A14C11FE-C9ED-40d3-B483-17CFBE138885} -> ->

SIMBAR=0 -> ->

SV1 -> ->

< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->

{C73E93B0-26A4-4DA5-B5DC-1A360C596DB6} -> (Carte réseau 1394) ->

{CB356C62-694E-485E-862E-A65BBD4A01ED} -> () ->

{CB5E3F15-5998-472A-81CA-8C557FEACF0F} -> () ->

{F4B731B3-8F47-4E76-9CBB-15ABC352CC88} -> () ->

{F9096451-6F47-434D-A53C-09C0620D43AE} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->

< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->

ipp -> Reg Data - Key not found -> File not found

msdaipp -> Reg Data - Key not found -> File not found

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->

{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://webscanner.kaspersky.fr/kavwebscan_unicode.cab ->

{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->

{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab ->

DirectAnimation Java Classes -> - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab ->

Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->

[Registry - Additional Scans - Non-Microsoft Only]

< Security Settings > -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\DisableMonitoring -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\System32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> Rpcss; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des fichiers en tâche de fond en utilisant la bande passante du réseau lors de ses périodes d'inactivité. Si le service est arrêté, des fonctionnalités telles que Windows Update et MSN Explorer ne pourront plus télécharger automatiquement des programmes et d'autres informations. Si ce service est désactivé, tous les services qui en dépendent explicitement peuvent présenter des problèmes de transfert de fichiers s'ils ne disposent pas d'un mécanisme sûr de remplacement pour transférer les fichier ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\System32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 129 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{F9096451-6F47-434D-A53C-09C0620D43AE} -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{CB5E3F15-5998-472A-81CA-8C557FEACF0F} -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{C73E93B0-26A4-4DA5-B5DC-1A360C596DB6} -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{E32B0B57-9DF7-4CDE-BE2E-0B8FEC666B36} -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{90292144-749B-46B5-A12F-F73500995EDC} -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{8838417F-18CB-419A-BB6A-5108E8BE7829} -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation de mises à jour Windows critiques. Si le service est désactivé, le système d'exploitation peut être mis à jour manuellement sur le site Web de Windows Update. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\System32\wuauserv.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

< Software Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventAutoRun -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\MRT\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\DisableServerCheck -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\LegacyPresence -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\CertificatePolicy\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\PortRange\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\RTC\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\RTC\CertificatePolicy\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\RTC\PortRange\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes -> ADE;ADP;BAS;BAT;CHM;CMD;COM;CPL;CRT;EXE;HLP;HTA;INF;INS;ISP;LNK;MDB;MDE;MSC;MSI;MSP;MST;OCX;PCD;PIF;REG;SCR;SHS;URL;VB;WSC; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> ^«0O•zI‰j

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize -> ; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> g°Ô‹4:?Ó¼éÜdgó” ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize -> ; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> 2xÜþøÈ“ÜŠ°Ý„} ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize -> –; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> ½š*ÛBëØV%Mø/g ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize -> å; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> 8k_„ìöiÓk•j"À€ ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize -> r; ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\\DoNotAllowXPSP2 -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\DomainProfile\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\DomainProfile\\EnableFirewall -> 0 ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\StandardProfile\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\StandardProfile\\EnableFirewall -> 0 ->

< Software Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\policies\ ->

HKEY_CURRENT_USER\Software\Policies\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Conferencing\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Word\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Word\DisabledCmdBarItemsCheckBoxes\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Word\DisabledCmdBarItemsCheckBoxes\\HelpRepair -> 3774 ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\AppCompat\ -> ->

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\ -> ->

< Uninstall List > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->

{07A1C2E1-76DD-11D6-9922-009027E9C183} -> Packard Bell InfoCentre ->

{09B44E78-A988-4BC0-962F-63ECD3333708} -> Packard Bell Companion ->

{22B3CC30-77B8-419C-AA4B-F571FDF5D66D} -> Windows Live Sign-in Assistant ->

{22D0716E-FCF8-452F-94B5-7E2C3C31D50D} -> ACDSee for Pentax 2.0 ->

{30BB4D60-81DB-11D5-BB77-00400536ABAC} -> OLYMPUS CAMEDIA Master 4.1 ->

{3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6 ->

{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP ->

{3C8C9FB3-5FDF-40B4-B314-EAD722728C76} -> Macromedia Extension Manager ->

{53EF6570-21A4-47ED-A40A-E6470A5677A3} -> Studio 8 ->

{5827C8C9-A3C6-4E7C-AA70-F6AFAB52F981} -> Macrogaming SweetIM 1.2a ->

{5C29CB8B-AC1E-4114-8D68-9CD080140D4A} -> Sony USB Driver ->

{5FD788ED-1A37-4496-9BDD-463F493B27FA} -> Macromedia Dreamweaver 8 ->

{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} -> PartitionMagic ->

{77F09242-A107-4CB6-A295-D8656C2C3795} -> Samsung USB Driver (MCCI 4.24) ->

{9011040C-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003 ->

{9541FED0-327F-4DF0-8B96-EF57EF622F19} -> Sonic RecordNow! ->

{A19B094A-42EB-4D3F-A57E-0CDE052A1D80} -> DV 5700 ->

{AC76BA86-7AD7-1036-7B44-A70900000002} -> Adobe Reader 7.0.9 - Français ->

{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy ->

{C04E32E0-0416-434D-AFB9-6969D703A9EF} -> MSXML 4.0 SP2 (KB936181) ->

{C774410D-3EF9-4DE7-AC01-332613163ECF} -> Kaspersky Internet Security 7.0 ->

{C797EAF2-707A-4239-BDF3-F2672314A734} -> First Step Guide ->

{CA0AD1D2-E6DB-4920-B54E-19C48E832C66}_is1 -> MyPixmania Online Printing ->

{D48C9BFC-FBCF-4F29-B97D-822ED6D497FE} -> SAMSUNG PC Studio 2.0.9 ->

{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} -> Windows Live Messenger ->

{F8A8931E-5962-438E-AB09-AB94C5B63F84} -> GIANT AntiSpyware ->

{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538} -> ImageMixer VCD2 ->

a-squared Free_is1 -> a-squared Free 3.0 ->

AVGantiRootkit -> AVG Anti-Rootkit Free ->

AVGAntiSpyware75 -> AVG Anti-Spyware 7.5 ->

BSPlayer1 -> BSplayer ->

Cartoonist_is1 -> Cartoonist 1.1 ->

CCleaner -> CCleaner (remove only) ->

ConvertMovie 3.0 Bluesquad -> ConvertMovie 3.0 ->

DivX Codec -> Remove DivX Codec ->

DivX Player -> DivX Player ->

ELLE, 2000 Fiches Cuisine -> ELLE, 2000 Fiches Cuisine ->

GSpot 2.21 Fr_is1 -> GSpot 2.21 Fr ->

HijackThis -> HijackThis 2.0.2 ->

Hollywood FX 4.6 -> Pinnacle Hollywood FX 4.6 ->

ImageResiZor_is1 -> ImageResiZor 2.1.7 ->

InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} -> PowerQuest PartitionMagic 8.0 ->

InstallShield_{77F09242-A107-4CB6-A295-D8656C2C3795} -> Samsung USB Driver (MCCI 4.24) ->

InstallShield_{D48C9BFC-FBCF-4F29-B97D-822ED6D497FE} -> SAMSUNG PC Studio 2.0.9 ->

InstallWIX_{C774410D-3EF9-4DE7-AC01-332613163ECF} -> Kaspersky Internet Security 7.0 ->

IZArc 3.4.1.5_is1 -> IZArc 3.4.1.5 ->

Kaspersky Online Scanner -> Kaspersky Online Scanner ->

KB873333 -> Correctif Windows XP - KB873333 ->

KB873339 -> Correctif Windows XP - KB873339 ->

KB885250 -> Correctif Windows XP - KB885250 ->

KB885492 -> Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations] ->

KB885835 -> Correctif Windows XP - KB885835 ->

KB885836 -> Correctif Windows XP - KB885836 ->

KB885884 -> Correctif Windows XP - KB885884 ->

KB886185 -> Correctif Windows XP - KB886185 ->

KB887472 -> Correctif Windows XP - KB887472 ->

KB888113 -> Correctif Windows XP - KB888113 ->

KB888162 -> Correctif Windows XP - KB888162 ->

KB888302 -> Correctif Windows XP - KB888302 ->

KB890046 -> Mise à jour de sécurité pour Windows XP (KB890046) ->

KB890047 -> Correctif Windows XP - KB890047 ->

KB890175 -> Correctif Windows XP - KB890175 ->

KB890859 -> Correctif Windows XP - KB890859 ->

KB891781 -> Correctif Windows XP - KB891781 ->

KB892130 -> Windows Genuine Advantage Validation Tool (KB892130) ->

KB893756 -> Mise à jour de sécurité pour Windows XP (KB893756) ->

KB893803v2 -> Windows Installer 3.1 (KB893803) ->

KB896358 -> Mise à jour de sécurité pour Windows XP (KB896358) ->

KB896422 -> Mise à jour de sécurité pour Windows XP (KB896422) ->

KB896423 -> Mise à jour de sécurité pour Windows XP (KB896423) ->

KB896424 -> Mise à jour de sécurité pour Windows XP (KB896424) ->

KB896428 -> Mise à jour de sécurité pour Windows XP (KB896428) ->

KB898458 -> Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) ->

KB898461 -> Mise à jour pour Windows XP (KB898461) ->

KB899587 -> Mise à jour de sécurité pour Windows XP (KB899587) ->

KB899591 -> Mise à jour de sécurité pour Windows XP (KB899591) ->

KB900485 -> Mise à jour pour Windows XP (KB900485) ->

KB900725 -> Mise à jour de sécurité pour Windows XP (KB900725) ->

KB901017 -> Mise à jour de sécurité pour Windows XP (KB901017) ->

KB901214 -> Mise à jour de sécurité pour Windows XP (KB901214) ->

KB902400 -> Mise à jour de sécurité pour Windows XP (KB902400) ->

KB904706 -> Mise à jour de sécurité pour Windows XP (KB904706) ->

KB905414 -> Mise à jour de sécurité pour Windows XP (KB905414) ->

KB905749 -> Mise à jour de sécurité pour Windows XP (KB905749) ->

KB908519 -> Mise à jour de sécurité pour Windows XP (KB908519) ->

KB908531 -> Mise à jour de sécurité pour Windows XP (KB908531) ->

KB910437 -> Mise à jour pour Windows XP (KB910437) ->

KB911280 -> Mise à jour de sécurité pour Windows XP (KB911280) ->

KB911562 -> Mise à jour de sécurité pour Windows XP (KB911562) ->

KB911564 -> Mise à jour de sécurité pour Lecteur Windows Media (KB911564) ->

KB911565 -> Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565) ->

KB911927 -> Mise à jour de sécurité pour Windows XP (KB911927) ->

KB912919 -> Mise à jour de sécurité pour Windows XP (KB912919) ->

KB913446 -> Mise à jour de sécurité pour Windows XP (KB913446) ->

KB913580 -> Mise à jour de sécurité pour Windows XP (KB913580) ->

KB914388 -> Mise à jour de sécurité pour Windows XP (KB914388) ->

KB914389 -> Mise à jour de sécurité pour Windows XP (KB914389) ->

KB916595 -> Mise à jour pour Windows XP (KB916595) ->

KB917159 -> Mise à jour de sécurité pour Windows XP (KB917159) ->

KB917344 -> Mise à jour de sécurité pour Windows XP (KB917344) ->

KB917422 -> Mise à jour de sécurité pour Windows XP (KB917422) ->

KB917734_WMP9 -> Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) ->

KB917953 -> Mise à jour de sécurité pour Windows XP (KB917953) ->

KB918118 -> Mise à jour de sécurité pour Windows XP (KB918118) ->

KB919007 -> Mise à jour de sécurité pour Windows XP (KB919007) ->

KB920213 -> Mise à jour de sécurité pour Windows XP (KB920213) ->

KB920670 -> Mise à jour de sécurité pour Windows XP (KB920670) ->

KB920683 -> Mise à jour de sécurité pour Windows XP (KB920683) ->

KB920685 -> Mise à jour de sécurité pour Windows XP (KB920685) ->

KB920872 -> Mise à jour pour Windows XP (KB920872) ->

KB921398 -> Mise à jour de sécurité pour Windows XP (KB921398) ->

KB921503 -> Mise à jour de sécurité pour Windows XP (KB921503) ->

KB921883 -> Mise à jour de sécurité pour Windows XP (KB921883) ->

KB922582 -> Mise à jour pour Windows XP (KB922582) ->

KB922616 -> Mise à jour de sécurité pour Windows XP (KB922616) ->

KB922819 -> Mise à jour de sécurité pour Windows XP (KB922819) ->

KB923191 -> Mise à jour de sécurité pour Windows XP (KB923191) ->

KB923414 -> Mise à jour de sécurité pour Windows XP (KB923414) ->

KB923689 -> Mise à jour de sécurité pour Windows XP (KB923689) ->

KB923723 -> Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) ->

KB923980 -> Mise à jour de sécurité pour Windows XP (KB923980) ->

KB924191 -> Mise à jour de sécurité pour Windows XP (KB924191) ->

KB924270 -> Mise à jour de sécurité pour Windows XP (KB924270) ->

KB924496 -> Mise à jour de sécurité pour Windows XP (KB924496) ->

KB924667 -> Mise à jour de sécurité pour Windows XP (KB924667) ->

KB925398_WMP64 -> Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) ->

KB925902 -> Mise à jour de sécurité pour Windows XP (KB925902) ->

KB926255 -> Mise à jour de sécurité pour Windows XP (KB926255) ->

KB926436 -> Mise à jour de sécurité pour Windows XP (KB926436) ->

KB927779 -> Mise à jour de sécurité pour Windows XP (KB927779) ->

KB927802 -> Mise à jour de sécurité pour Windows XP (KB927802) ->

KB927891 -> Mise à jour pour Windows XP (KB927891) ->

KB928255 -> Mise à jour de sécurité pour Windows XP (KB928255) ->

KB928843 -> Mise à jour de sécurité pour Windows XP (KB928843) ->

KB929123 -> Mise à jour de sécurité pour Windows XP (KB929123) ->

KB930178 -> Mise à jour de sécurité pour Windows XP (KB930178) ->

KB930916 -> Mise à jour pour Windows XP (KB930916) ->

KB931261 -> Mise à jour de sécurité pour Windows XP (KB931261) ->

KB931784 -> Mise à jour de sécurité pour Windows XP (KB931784) ->

KB932168 -> Mise à jour de sécurité pour Windows XP (KB932168) ->

KB933360 -> Mise à jour pour Windows XP (KB933360) ->

KB935839 -> Mise à jour de sécurité pour Windows XP (KB935839) ->

KB935840 -> Mise à jour de sécurité pour Windows XP (KB935840) ->

KB936021 -> Mise à jour de sécurité pour Windows XP (KB936021) ->

KB936357 -> Mise à jour pour Windows XP (KB936357) ->

KB936782_WMP9 -> Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) ->

KB937143 -> Mise à jour de sécurité pour Windows XP (KB937143) ->

KB938127 -> Mise à jour de sécurité pour Windows XP (KB938127) ->

KB938828 -> Mise à jour pour Windows XP (KB938828) ->

KB938829 -> Mise à jour de sécurité pour Windows XP (KB938829) ->

Macromedia Dreamweaver 2 -> Macromedia Dreamweaver 2 ->

MatchWare Mediator 7 Pro -> MatchWare Mediator 7 Pro ->

Mozilla Firefox (2.0.0.7) -> Mozilla Firefox (2.0.0.7) ->

MSN Toolbar -> Barre d'outils MSN ->

PENTAX Optio 60 Driver -> PENTAX Optio 60 Driver ->

PhotoFiltre -> PhotoFiltre ->

QuickTime -> QuickTime ->

Shareaza_is1 -> Shareaza version 2.2.5.0 ->

ShockwaveFlash -> Macromedia Flash Player 8 ->

Ulead PhotoImpact 5.0 Bundled Edition -> Ulead PhotoImpact 5 Bundled Edition ->

Video Cleaner -> River Past Video Cleaner ->

ViewpointMediaPlayer -> Viewpoint Media Player ->

WGA -> Windows Genuine Advantage Validation Tool (KB892130) ->

Windows XP Service Pack -> Windows XP Service Pack 2 ->

[Files/Folders - Created Within 60 days]

AUTORUN.INF -> %SystemDrive%\AUTORUN.INF -> [Ver = | Size = 135 bytes | Created Date = 2007-09-04 11:37:56 | Attr = H ]

ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 2007-09-26 06:10:26 | Attr = ]

hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536399872 bytes | Created Date = 1601-01-02 23:00:00 | Attr = HS]

qoobox -> %SystemDrive%\qoobox -> [Folder | Created Date = 2007-09-26 06:11:19 | Attr = ]

SDFix -> %SystemDrive%\SDFix -> [Folder | Created Date = 2007-09-28 04:31:11 | Attr = ]

$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Created Date = 2007-09-23 13:52:33 | Attr = H ]

$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Created Date = 2007-09-23 20:06:50 | Attr = H ]

$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Created Date = 2007-09-23 20:08:22 | Attr = H ]

$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Created Date = 2007-09-23 20:09:27 | Attr = H ]

$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Created Date = 2007-09-23 20:10:26 | Attr = H ]

$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Created Date = 2007-09-23 20:11:23 | Attr = H ]

$NtUninstallKB885884$ -> %SystemRoot%\$NtUninstallKB885884$ -> [Folder | Created Date = 2007-09-24 20:35:37 | Attr = H ]

$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Created Date = 2007-09-24 20:35:51 | Attr = H ]

$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Created Date = 2007-09-23 20:12:19 | Attr = H ]

$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 2007-09-23 20:13:14 | Attr = H ]

$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 2007-09-23 20:14:10 | Attr = H ]

$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Created Date = 2007-09-23 20:15:08 | Attr = H ]

$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Created Date = 2007-09-23 20:16:09 | Attr = H ]

$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Created Date = 2007-09-23 20:17:08 | Attr = H ]

$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Created Date = 2007-09-23 20:18:12 | Attr = H ]

$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Created Date = 2007-09-23 20:19:08 | Attr = H ]

$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Created Date = 2007-09-23 20:20:03 | Attr = H ]

$NtUninstallKB896422$ -> %SystemRoot%\$NtUninstallKB896422$ -> [Folder | Created Date = 2007-09-23 20:20:57 | Attr = H ]

$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Created Date = 2007-09-23 20:21:52 | Attr = H ]

$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Created Date = 2007-09-23 20:22:48 | Attr = H ]

$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 2007-09-23 20:23:49 | Attr = H ]

$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 2007-09-23 20:24:47 | Attr = H ]

$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 2007-09-23 20:25:42 | Attr = H ]

$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Created Date = 2007-09-24 20:36:14 | Attr = H ]

$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 2007-09-23 20:26:38 | Attr = H ]

$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 2007-09-23 20:27:52 | Attr = H ]

$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 2007-09-23 20:28:50 | Attr = H ]

$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 2007-09-23 20:29:48 | Attr = H ]

$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 2007-09-23 20:31:01 | Attr = H ]

$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 2007-09-23 20:32:09 | Attr = H ]

$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 2007-09-23 20:33:11 | Attr = H ]

$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 2007-09-23 20:34:08 | Attr = H ]

$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 2007-09-23 20:35:10 | Attr = H ]

$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 2007-09-23 20:36:09 | Attr = H ]

$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 2007-09-23 20:37:05 | Attr = H ]

$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 2007-09-23 20:38:03 | Attr = H ]

$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Created Date = 2007-09-23 20:39:03 | Attr = H ]

$NtUninstallKB913446$ -> %SystemRoot%\$NtUninstallKB913446$ -> [Folder | Created Date = 2007-09-23 20:40:03 | Attr = H ]

$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 2007-09-23 20:41:02 | Attr = H ]

$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 2007-09-23 20:42:07 | Attr = H ]

$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 2007-09-23 20:43:10 | Attr = H ]

$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Created Date = 2007-09-24 20:36:40 | Attr = H ]

$NtUninstallKB917159$ -> %SystemRoot%\$NtUninstallKB917159$ -> [Folder | Created Date = 2007-09-23 20:44:11 | Attr = H ]

$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 2007-09-23 20:45:12 | Attr = H ]

$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Created Date = 2007-09-23 20:46:10 | Attr = H ]

$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 2007-09-23 20:47:09 | Attr = H ]

$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Created Date = 2007-09-24 20:38:09 | Attr = H ]

$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 2007-09-23 20:48:06 | Attr = H ]

$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Created Date = 2007-09-26 13:47:51 | Attr = H ]

$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 2007-09-23 20:49:14 | Attr = H ]

$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 2007-09-23 20:50:14 | Attr = H ]

$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 2007-09-23 20:51:15 | Attr = H ]

$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Created Date = 2007-09-24 20:36:55 | Attr = H ]

$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Created Date = 2007-09-23 20:52:30 | Attr = H ]

$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 2007-09-26 13:50:08 | Attr = H ]

$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Created Date = 2007-09-23 20:54:25 | Attr = H ]

$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Created Date = 2007-09-24 20:36:28 | Attr = H ]

$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Created Date = 2007-09-23 20:55:29 | Attr = H ]

$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 2007-09-23 20:56:29 | Attr = H ]

$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 2007-09-23 20:57:29 | Attr = H ]

$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 2007-09-23 20:58:30 | Attr = H ]

$NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Created Date = 2007-09-26 13:52:48 | Attr = H ]

$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ -> [Folder | Created Date = 2007-09-26 13:48:17 | Attr = H ]

$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Created Date = 2007-09-24 20:37:12 | Attr = H ]

$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 2007-09-23 20:59:28 | Attr = H ]

$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Created Date = 2007-09-24 20:37:04 | Attr = H ]

$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 2007-09-23 21:00:30 | Attr = H ]

$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Created Date = 2007-09-24 20:37:52 | Attr = H ]

$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Created Date = 2007-09-26 13:49:40 | Attr = H ]

$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 2007-09-24 20:38:25 | Attr = H ]

$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Created Date = 2007-09-24 20:37:19 | Attr = H ]

$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Created Date = 2007-09-24 20:38:17 | Attr = H ]

$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Created Date = 2007-09-24 20:38:01 | Attr = H ]

$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Created Date = 2007-09-24 20:37:45 | Attr = H ]

$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Created Date = 2007-09-26 13:48:27 | Attr = H ]

$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Created Date = 2007-09-24 20:37:28 | Attr = H ]

$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Created Date = 2007-09-24 20:37:37 | Attr = H ]

$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 2007-09-26 13:48:40 | Attr = H ]

$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 2007-09-24 20:38:48 | Attr = H ]

$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 2007-09-26 13:48:01 | Attr = H ]

$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 2007-09-24 20:38:55 | Attr = H ]

$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 2007-09-24 20:38:36 | Attr = H ]

$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 2007-09-26 13:47:38 | Attr = H ]

$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Created Date = 2007-09-26 13:52:02 | Attr = H ]

$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 2007-09-26 13:48:59 | Attr = H ]

$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 2007-09-26 13:48:50 | Attr = H ]

$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 2007-09-26 13:52:09 | Attr = H ]

$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Created Date = 2007-09-26 13:49:49 | Attr = H ]

$NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Created Date = 2007-09-26 13:51:18 | Attr = H ]

$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Created Date = 2007-09-26 13:50:28 | Attr = H ]

$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Created Date = 2007-09-26 13:51:49 | Attr = H ]

$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 2007-09-26 13:49:58 | Attr = H ]

$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 2007-09-26 13:50:17 | Attr = H ]

catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Created Date = 2007-09-26 06:10:40 | Attr = ]

erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 2007-09-26 06:12:13 | Attr = ]

ERUNT -> %SystemRoot%\ERUNT -> [Folder | Created Date = 2007-09-26 07:32:30 | Attr = ]

NirCmd.exe -> %SystemRoot%\NirCmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 2007-09-26 06:10:40 | Attr = ]

peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 2007-09-23 19:50:10 | Attr = ]

Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 2007-09-23 21:06:34 | Attr = ]

provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 2007-09-23 19:50:04 | Attr = ]

Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 2007-09-25 20:24:56 | Attr = ]

moveex.exe -> %System32%\moveex.exe -> [Ver = | Size = 38400 bytes | Created Date = 2007-09-26 06:10:40 | Attr = ]

MRT.INI -> %System32%\MRT.INI -> [Ver = | Size = 118 bytes | Created Date = 2007-09-23 13:52:20 | Attr = ]

swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Created Date = 2007-09-26 06:10:40 | Attr = ]

swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 2007-09-26 06:10:39 | Attr = ]

swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 2007-09-26 06:10:39 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 3018 bytes | Created Date = 2007-09-23 08:47:21 | Attr = ]

VFind.exe -> %System32%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 2007-09-26 06:10:39 | Attr = ]

xpdx.sys -> %System32%\xpdx.sys -> [Ver = | Size = 55030 bytes | Created Date = 1601-01-02 23:00:00 | Attr = ]

AvgArCln.sys -> %System32%\drivers\AvgArCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 2007-09-24 19:13:32 | Attr = ]

AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 2007-09-23 07:09:56 | Attr = ]

fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 8460064 bytes | Created Date = 2007-09-19 08:59:52 | Attr = HS]

fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 115400 bytes | Created Date = 2007-09-19 08:59:52 | Attr = HS]

fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 268320 bytes | Created Date = 2007-09-19 08:59:52 | Attr = HS]

fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 28292 bytes | Created Date = 2007-09-19 08:59:52 | Attr = HS]

klick.dat -> %System32%\drivers\klick.dat -> [Ver = | Size = 82061 bytes | Created Date = 2007-09-19 09:00:42 | Attr = ]

klin.dat -> %System32%\drivers\klin.dat -> [Ver = | Size = 81549 bytes | Created Date = 2007-09-19 09:00:42 | Attr = ]

hosts.20070926-091600.backup -> %System32%\drivers\etc\hosts.20070926-091600.backup -> [Ver = | Size = 893 bytes | Created Date = 2007-09-26 08:16:00 | Attr = ]

hosts.20070926-122955.backup -> %System32%\drivers\etc\hosts.20070926-122955.backup -> [Ver = | Size = 183781 bytes | Created Date = 2007-09-26 11:29:55 | Attr = R ]

Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 2007-09-23 07:09:52 | Attr = ]

Kaspersky Lab -> %AllUsersAppData%\Kaspersky Lab -> [Folder | Created Date = 2007-09-19 08:59:55 | Attr = ]

Kaspersky Lab Setup Files -> %AllUsersAppData%\Kaspersky Lab Setup Files -> [Folder | Created Date = 2007-09-15 13:12:44 | Attr = ]

Prevx -> %AllUsersAppData%\Prevx -> [Folder | Created Date = 2007-09-23 08:31:47 | Attr = ]

Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 2007-09-23 07:10:05 | Attr = ]

IE7Pro -> %UserAppData%\IE7Pro -> [Folder | Created Date = 2007-09-23 13:36:49 | Attr = ]

a-squared -> %UserDocuments%\a-squared -> [Folder | Created Date = 2007-09-26 11:50:26 | Attr = ]

ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> %UserDocuments%\ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> [Ver = | Size = 19142000 bytes | Created Date = 2007-09-23 05:39:12 | Attr = ]

avg-anti-rootkit_avg_anti-rootkit_1.1.0.42_anglais_34515.exe -> %UserDocuments%\avg-anti-rootkit_avg_anti-rootkit_1.1.0.42_anglais_34515.exe -> [Ver = | Size = 423736 bytes | Created Date = 2007-09-23 05:46:51 | Attr = ]

avg-anti-spyware_avg_anti-spyware_7.5.1.36_francais_27645.exe -> %UserDocuments%\avg-anti-spyware_avg_anti-spyware_7.5.1.36_francais_27645.exe -> [Ver = | Size = 12413440 bytes | Created Date = 2007-09-23 05:41:19 | Attr = ]

cc_20070928_0655.reg -> %UserDocuments%\cc_20070928_0655.reg -> [Ver = | Size = 215464 bytes | Created Date = 2007-09-28 05:55:21 | Attr = ]

Rappport Kaspersky ON LIne.html -> %UserDocuments%\Rappport Kaspersky ON LIne.html -> [Ver = | Size = 43412 bytes | Created Date = 2007-09-25 22:30:37 | Attr = ]

a-squared Free.lnk -> %AllUsersDesktop%\a-squared Free.lnk -> [Ver = | Size = 651 bytes | Created Date = 2007-09-26 11:50:46 | Attr = ]

AVG Anti-Rootkit Free.lnk -> %AllUsersDesktop%\AVG Anti-Rootkit Free.lnk -> [Ver = | Size = 831 bytes | Created Date = 2007-09-24 19:13:32 | Attr = ]

AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 852 bytes | Created Date = 2007-09-23 07:10:00 | Attr = ]

2007été -> %UserDesktop%\2007été -> [Folder | Created Date = 2007-09-19 09:05:19 | Attr = ]

CCleaner.lnk -> %UserDesktop%\CCleaner.lnk -> [Ver = | Size = 1551 bytes | Created Date = 2007-09-28 05:44:24 | Attr = ]

ComboFix.exe -> %UserDesktop%\ComboFix.exe -> [Ver = | Size = 1486342 bytes | Created Date = 2007-09-26 19:33:20 | Attr = ]

HijackThis.lnk -> %UserDesktop%\HijackThis.lnk -> [Ver = | Size = 1737 bytes | Created Date = 2007-09-25 18:00:50 | Attr = ]

SDFix.exe -> %UserDesktop%\SDFix.exe -> [Ver = | Size = 1159146 bytes | Created Date = 2007-09-28 04:30:35 | Attr = ]

Spybot - Search & Destroy.lnk -> %UserDesktop%\Spybot - Search & Destroy.lnk -> [Ver = | Size = 936 bytes | Created Date = 2007-09-26 07:43:05 | Attr = ]

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 2007-09-26 21:20:45 | Attr = ]

[Files/Folders - Modified Within 60 days]

AUTORUN.INF -> %SystemDrive%\AUTORUN.INF -> [Ver = | Size = 135 bytes | Modified Date = 2007-09-19 15:45:28 | Attr = H ]

BOOT.INI -> %SystemDrive%\BOOT.INI -> [Ver = | Size = 291 bytes | Modified Date = 2007-09-24 20:20:16 | Attr = RHS]

ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 2007-09-26 21:18:58 | Attr = ]

Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 2007-09-23 08:14:00 | Attr = ]

hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 536399872 bytes | Modified Date = 2007-09-28 21:25:56 | Attr = HS]

Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2007-09-28 18:49:28 | Attr = ]

qoobox -> %SystemDrive%\qoobox -> [Folder | Modified Date = 2007-09-26 07:11:20 | Attr = ]

SDFix -> %SystemDrive%\SDFix -> [Folder | Modified Date = 2007-09-28 05:48:40 | Attr = ]

System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 2007-09-26 21:13:52 | Attr = HS]

WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2007-09-28 07:01:36 | Attr = ]

$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2007-09-26 14:48:26 | Attr = H ]

$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 2007-09-23 20:22:02 | Attr = H ]

$NtUninstallKB833407$ -> %SystemRoot%\$NtUninstallKB833407$ -> [Folder | Modified Date = 2007-09-23 20:07:08 | Attr = H ]

$NtUninstallKB873333$ -> %SystemRoot%\$NtUninstallKB873333$ -> [Folder | Modified Date = 2007-09-23 21:06:52 | Attr = H ]

$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 2007-09-23 21:08:24 | Attr = H ]

$NtUninstallKB885250$ -> %SystemRoot%\$NtUninstallKB885250$ -> [Folder | Modified Date = 2007-09-23 21:09:28 | Attr = H ]

$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 2007-09-23 21:10:28 | Attr = H ]

$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 2007-09-23 21:11:24 | Attr = H ]

$NtUninstallKB885884$ -> %SystemRoot%\$NtUninstallKB885884$ -> [Folder | Modified Date = 2007-09-24 21:35:38 | Attr = H ]

$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Modified Date = 2007-09-24 21:35:52 | Attr = H ]

$NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ -> [Folder | Modified Date = 2007-09-24 21:36:00 | Attr = H ]

$NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Modified Date = 2007-09-23 21:12:20 | Attr = H ]

$NtUninstallKB888162$ -> %SystemRoot%\$NtUninstallKB888162$ -> [Folder | Modified Date = 2007-09-23 20:06:22 | Attr = H ]

$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 2007-09-23 21:13:16 | Attr = H ]

$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 2007-09-23 21:14:14 | Attr = H ]

$NtUninstallKB890047$ -> %SystemRoot%\$NtUninstallKB890047$ -> [Folder | Modified Date = 2007-09-23 21:15:10 | Attr = H ]

$NtUninstallKB890175$ -> %SystemRoot%\$NtUninstallKB890175$ -> [Folder | Modified Date = 2007-09-23 21:16:10 | Attr = H ]

$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 2007-09-23 21:17:12 | Attr = H ]

$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 2007-09-23 21:18:14 | Attr = H ]

$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 2007-09-23 21:19:10 | Attr = H ]

$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 2007-09-23 21:20:06 | Attr = H ]

$NtUninstallKB896422$ -> %SystemRoot%\$NtUninstallKB896422$ -> [Folder | Modified Date = 2007-09-23 21:21:00 | Attr = H ]

$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 2007-09-23 21:21:54 | Attr = H ]

$NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Modified Date = 2007-09-23 21:22:50 | Attr = H ]

$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 2007-09-23 21:23:52 | Attr = H ]

$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 2007-09-23 21:24:50 | Attr = H ]

$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Modified Date = 2007-09-23 21:25:44 | Attr = H ]

$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Modified Date = 2007-09-24 21:36:16 | Attr = H ]

$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Modified Date = 2007-09-23 21:26:42 | Attr = H ]

$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Modified Date = 2007-09-23 21:27:54 | Attr = H ]

$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Modified Date = 2007-09-23 21:28:52 | Attr = H ]

$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Modified Date = 2007-09-23 21:29:52 | Attr = H ]

$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Modified Date = 2007-09-23 21:31:04 | Attr = H ]

$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Modified Date = 2007-09-23 21:32:12 | Attr = H ]

$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Modified Date = 2007-09-23 21:33:14 | Attr = H ]

$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Modified Date = 2007-09-23 21:34:10 | Attr = H ]

$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Modified Date = 2007-09-23 21:35:12 | Attr = H ]

$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Modified Date = 2007-09-23 21:36:12 | Attr = H ]

$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Modified Date = 2007-09-23 21:37:08 | Attr = H ]

$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Modified Date = 2007-09-23 21:38:06 | Attr = H ]

$NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Modified Date = 2007-09-23 21:39:06 | Attr = H ]

$NtUninstallKB913446$ -> %SystemRoot%\$NtUninstallKB913446$ -> [Folder | Modified Date = 2007-09-23 21:40:06 | Attr = H ]

$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Modified Date = 2007-09-23 21:41:06 | Attr = H ]

$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Modified Date = 2007-09-23 21:42:10 | Attr = H ]

$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Modified Date = 2007-09-23 21:43:14 | Attr = H ]

$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Modified Date = 2007-09-24 21:36:42 | Attr = H ]

$NtUninstallKB917159$ -> %SystemRoot%\$NtUninstallKB917159$ -> [Folder | Modified Date = 2007-09-23 21:44:14 | Attr = H ]

$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Modified Date = 2007-09-23 21:45:14 | Attr = H ]

$NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Modified Date = 2007-09-23 21:46:12 | Attr = H ]

$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Modified Date = 2007-09-23 21:47:12 | Attr = H ]

$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Modified Date = 2007-09-24 21:38:12 | Attr = H ]

$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Modified Date = 2007-09-23 21:48:08 | Attr = H ]

$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Modified Date = 2007-09-26 14:47:54 | Attr = H ]

$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Modified Date = 2007-09-23 21:49:16 | Attr = H ]

$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Modified Date = 2007-09-23 21:50:16 | Attr = H ]

$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Modified Date = 2007-09-23 21:51:18 | Attr = H ]

$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Modified Date = 2007-09-24 21:36:58 | Attr = H ]

$NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Modified Date = 2007-09-23 21:52:32 | Attr = H ]

$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 2007-09-26 14:50:10 | Attr = H ]

$NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Modified Date = 2007-09-23 21:54:28 | Attr = H ]

$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Modified Date = 2007-09-24 21:36:30 | Attr = H ]

$NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Modified Date = 2007-09-23 21:55:32 | Attr = H ]

$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Modified Date = 2007-09-23 21:56:32 | Attr = H ]

$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Modified Date = 2007-09-23 21:57:32 | Attr = H ]

$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Modified Date = 2007-09-23 21:58:32 | Attr = H ]

$NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Modified Date = 2007-09-26 14:52:50 | Attr = H ]

$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ -> [Folder | Modified Date = 2007-09-26 14:48:20 | Attr = H ]

$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Modified Date = 2007-09-24 21:37:14 | Attr = H ]

$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Modified Date = 2007-09-23 21:59:30 | Attr = H ]

$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Modified Date = 2007-09-24 21:37:06 | Attr = H ]

$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Modified Date = 2007-09-23 22:00:32 | Attr = H ]

$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Modified Date = 2007-09-24 21:37:54 | Attr = H ]

$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Modified Date = 2007-09-26 14:49:44 | Attr = H ]

$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 2007-09-24 21:38:28 | Attr = H ]

$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Modified Date = 2007-09-24 21:37:22 | Attr = H ]

$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Modified Date = 2007-09-24 21:38:20 | Attr = H ]

$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Modified Date = 2007-09-24 21:38:04 | Attr = H ]

$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Modified Date = 2007-09-24 21:37:48 | Attr = H ]

$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Modified Date = 2007-09-26 14:48:30 | Attr = H ]

$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Modified Date = 2007-09-24 21:37:30 | Attr = H ]

$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Modified Date = 2007-09-24 21:37:40 | Attr = H ]

$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 2007-09-26 14:48:42 | Attr = H ]

$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 2007-09-24 21:38:50 | Attr = H ]

$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 2007-09-26 14:48:04 | Attr = H ]

$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 2007-09-24 21:38:58 | Attr = H ]

$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 2007-09-24 21:38:40 | Attr = H ]

$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 2007-09-26 14:47:40 | Attr = H ]

$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Modified Date = 2007-09-26 14:52:04 | Attr = H ]

$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 2007-09-26 14:49:02 | Attr = H ]

$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 2007-09-26 14:48:54 | Attr = H ]

$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 2007-09-26 14:52:12 | Attr = H ]

$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Modified Date = 2007-09-26 14:49:52 | Attr = H ]

$NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Modified Date = 2007-09-26 14:51:20 | Attr = H ]

$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Modified Date = 2007-09-26 14:50:34 | Attr = H ]

$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Modified Date = 2007-09-26 14:51:52 | Attr = H ]

$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 2007-09-26 14:50:00 | Attr = H ]

$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 2007-09-26 14:50:20 | Attr = H ]

ACD Wallpaper.bmp -> %SystemRoot%\ACD Wallpaper.bmp -> [Ver = | Size = 2359350 bytes | Modified Date = 2007-09-05 18:01:50 | Attr = ]

AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 2007-09-23 22:05:48 | Attr = ]

bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2007-09-28 21:26:00 | Attr = S]

Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 2007-09-28 06:51:46 | Attr = ]

Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2007-09-25 21:24:58 | Attr = S]

EHome -> %SystemRoot%\EHome -> [Folder | Modified Date = 2007-09-23 20:11:52 | Attr = ]

erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 2007-09-26 07:12:14 | Attr = ]

ERUNT -> %SystemRoot%\ERUNT -> [Folder | Modified Date = 2007-09-26 08:32:32 | Attr = ]

Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2007-09-23 22:05:46 | Attr = R S]

Help -> %SystemRoot%\Help -> [Folder | Modified Date = 2007-09-23 20:51:14 | Attr = ]

ime -> %SystemRoot%\ime -> [Folder | Modified Date = 2007-09-23 20:51:06 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2007-09-26 14:52:54 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2007-09-27 21:27:48 | Attr = HS]

Media -> %SystemRoot%\Media -> [Folder | Modified Date = 2007-09-23 20:50:06 | Attr = ]

Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 2007-09-28 06:51:44 | Attr = ]

msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 2007-09-26 19:54:40 | Attr = ]

peernet -> %SystemRoot%\peernet -> [Folder | Modified Date = 2007-09-23 20:50:12 | Attr = ]

Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2007-09-28 19:29:36 | Attr = ]

provisioning -> %SystemRoot%\provisioning -> [Folder | Modified Date = 2007-09-23 20:50:06 | Attr = ]

security -> %SystemRoot%\security -> [Folder | Modified Date = 2007-09-23 22:30:18 | Attr = ]

setupapi.log.1.old -> %SystemRoot%\setupapi.log.1.old -> [Ver = | Size = 1086100 bytes | Modified Date = 2007-09-23 21:06:24 | Attr = ]

srchasst -> %SystemRoot%\srchasst -> [Folder | Modified Date = 2007-09-23 20:39:00 | Attr = ]

SxsCaPendDel -> %SystemRoot%\SxsCaPendDel -> [Folder | Modified Date = 2007-09-23 10:35:14 | Attr = ]

system -> %SystemRoot%\system -> [Folder | Modified Date = 2007-09-23 20:36:24 | Attr = ]

system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 620 bytes | Modified Date = 2007-09-24 20:20:16 | Attr = ]

system32 -> %System32% -> [Folder | Modified Date = 2007-09-27 21:49:16 | Attr = ]

Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2007-09-28 21:31:56 | Attr = ]

Web -> %SystemRoot%\Web -> [Folder | Modified Date = 2007-09-23 20:30:06 | Attr = R ]

win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 896 bytes | Modified Date = 2007-09-24 20:20:16 | Attr = ]

WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 2007-09-26 14:51:36 | Attr = ]

WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 2007-09-23 22:11:30 | Attr = ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2007-09-28 21:26:06 | Attr = H ]

CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 2007-09-25 06:47:18 | Attr = ]

CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 2007-09-28 21:28:20 | Attr = ]

Com -> %System32%\Com -> [Folder | Modified Date = 2007-09-23 21:30:24 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Modified Date = 2007-09-26 19:54:40 | Attr = RHS]

drivers -> %System32%\drivers -> [Folder | Modified Date = 2007-09-26 21:17:08 | Attr = ]

FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 487496 bytes | Modified Date = 2007-09-24 22:41:14 | Attr = ]

Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 2007-09-25 21:24:58 | Attr = ]

MRT.INI -> %System32%\MRT.INI -> [Ver = | Size = 118 bytes | Modified Date = 2007-09-23 14:52:22 | Attr = ]

mui -> %System32%\mui -> [Folder | Modified Date = 2007-09-23 20:51:06 | Attr = ]

npp -> %System32%\npp -> [Folder | Modified Date = 2007-09-23 20:39:04 | Attr = ]

oobe -> %System32%\oobe -> [Folder | Modified Date = 2007-09-23 20:51:10 | Attr = ]

perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 40836 bytes | Modified Date = 2007-09-24 22:45:56 | Attr = ]

perfc00C.dat -> %System32%\perfc00C.dat -> [Ver = | Size = 49494 bytes | Modified Date = 2007-09-24 22:45:56 | Attr = ]

perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 314508 bytes | Modified Date = 2007-09-24 22:45:56 | Attr = ]

perfh00C.dat -> %System32%\perfh00C.dat -> [Ver = | Size = 370414 bytes | Modified Date = 2007-09-24 22:45:56 | Attr = ]

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 782748 bytes | Modified Date = 2007-09-24 22:45:56 | Attr = ]

QTJava.zip -> %System32%\QTJava.zip -> [Ver = | Size = 1051565 bytes | Modified Date = 2007-09-04 13:18:06 | Attr = ]

ReinstallBackups -> %System32%\ReinstallBackups -> [Folder | Modified Date = 2007-09-23 20:22:36 | Attr = ]

Restore -> %System32%\Restore -> [Folder | Modified Date = 2007-09-26 21:13:52 | Attr = ]

Setup -> %System32%\Setup -> [Folder | Modified Date = 2007-09-23 20:51:08 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 3018 bytes | Modified Date = 2007-09-24 23:08:06 | Attr = ]

usmt -> %System32%\usmt -> [Folder | Modified Date = 2007-09-23 20:36:44 | Attr = ]

wbem -> %System32%\wbem -> [Folder | Modified Date = 2007-09-24 20:45:50 | Attr = ]

wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1170 bytes | Modified Date = 2007-09-26 21:44:18 | Attr = ]

xpdx.sys -> %System32%\xpdx.sys -> [Ver = | Size = 55030 bytes | Modified Date = 2007-09-25 18:59:58 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Modified Date = 2007-09-26 12:29:56 | Attr = ]

fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 8460064 bytes | Modified Date = 2007-09-28 21:26:34 | Attr = HS]

fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 115400 bytes | Modified Date = 2007-09-28 19:35:38 | Attr = HS]

fidbox2.dat -> %System32%\drivers\fidbox2.dat -> [Ver = | Size = 268320 bytes | Modified Date = 2007-09-28 21:26:04 | Attr = HS]

fidbox2.idx -> %System32%\drivers\fidbox2.idx -> [Ver = | Size = 28292 bytes | Modified Date = 2007-09-28 19:35:38 | Attr = HS]

klick.dat -> %System32%\drivers\klick.dat -> [Ver = | Size = 82061 bytes | Modified Date = 2007-09-19 10:55:04 | Attr = ]

klif.sys -> %System32%\drivers\klif.sys -> Kaspersky Lab [Ver = 6.12.10.299 | Size = 186640 bytes | Modified Date = 2007-09-19 10:55:12 | Attr = ]

klin.dat -> %System32%\drivers\klin.dat -> [Ver = | Size = 81549 bytes | Modified Date = 2007-09-19 10:55:04 | Attr = ]

hosts.20070926-091600.backup -> %System32%\drivers\etc\hosts.20070926-091600.backup -> [Ver = | Size = 893 bytes | Modified Date = 2007-09-24 19:25:40 | Attr = ]

hosts.20070926-122955.backup -> %System32%\drivers\etc\hosts.20070926-122955.backup -> [Ver = | Size = 183781 bytes | Modified Date = 2007-09-26 09:16:02 | Attr = R ]

Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Modified Date = 2007-09-23 08:09:54 | Attr = ]

Kaspersky Lab -> %AllUsersAppData%\Kaspersky Lab -> [Folder | Modified Date = 2007-09-28 21:28:20 | Attr = ]

Kaspersky Lab Setup Files -> %AllUsersAppData%\Kaspersky Lab Setup Files -> [Folder | Modified Date = 2007-09-15 14:12:46 | Attr = ]

Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 2007-09-23 12:53:04 | Attr = S]

Prevx -> %AllUsersAppData%\Prevx -> [Folder | Modified Date = 2007-09-23 10:34:00 | Attr = ]

Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 2007-09-26 12:32:24 | Attr = ]

Grisoft -> %UserAppData%\Grisoft -> [Folder | Modified Date = 2007-09-23 08:10:06 | Attr = ]

IE7Pro -> %UserAppData%\IE7Pro -> [Folder | Modified Date = 2007-09-23 14:37:00 | Attr = ]

Lavasoft -> %UserAppData%\Lavasoft -> [Folder | Modified Date = 2007-09-23 12:53:06 | Attr = ]

Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 2007-09-24 20:31:18 | Attr = S]

DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 84480 bytes | Modified Date = 2007-09-26 20:15:44 | Attr = ]

GDIPFONTCACHEV1.DAT -> %LocalAppData%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 110968 bytes | Modified Date = 2007-09-25 06:42:10 | Attr = ]

IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 2660694 bytes | Modified Date = 2007-09-22 06:46:24 | Attr = H ]

Microsoft -> %LocalAppData%\Microsoft -> [Folder | Modified Date = 2007-09-25 21:50:52 | Attr = ]

a-squared -> %UserDocuments%\a-squared -> [Folder | Modified Date = 2007-09-26 13:05:06 | Attr = ]

ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> %UserDocuments%\ad-aware_ad-aware_2007_7.0.2.2_anglais_12797.exe -> [Ver = | Size = 19142000 bytes | Modified Date = 2007-09-23 06:40:22 | Attr = ]

anti virus -> %UserDocuments%\anti virus -> [Folder | Modified Date = 2007-09-06 15:47:28 | Attr = ]

avg-anti-rootkit_avg_anti-rootkit_1.1.0.42_anglais_34515.exe -> %UserDocuments%\avg-anti-rootkit_avg_anti-rootkit_1.1.0.42_anglais_34515.exe -> [Ver = | Size = 423736 bytes | Modified Date = 2007-09-23 06:46:48 | Attr = ]

avg-anti-spyware_avg_anti-spyware_7.5.1.36_francais_27645.exe -> %UserDocuments%\avg-anti-spyware_avg_anti-spyware_7.5.1.36_francais_27645.exe -> [Ver = | Size = 12413440 bytes | Modified Date = 2007-09-23 06:42:20 | Attr = ]

cc_20070928_0655.reg -> %UserDocuments%\cc_20070928_0655.reg -> [Ver = | Size = 215464 bytes | Modified Date = 2007-09-28 06:55:38 | Attr = ]

desktop.ini -> %UserDocuments%\desktop.ini -> [Ver = | Size = 119 bytes | Modified Date = 2007-09-23 22:12:28 | Attr = HS]

famille CONTE -> %UserDocuments%\famille CONTE -> [Folder | Modified Date = 2007-09-24 22:45:22 | Attr = ]

La Baule -> %UserDocuments%\La Baule -> [Folder | Modified Date = 2007-09-09 16:42:58 | Attr = ]

logiciels -> %UserDocuments%\logiciels -> [Folder | Modified Date = 2007-09-04 13:12:56 | Attr = ]

Ma musique -> %UserDocuments%\Ma musique -> [Folder | Modified Date = 2007-09-23 22:12:28 | Attr = R ]

Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 2007-09-24 22:46:52 | Attr = R ]

Rappport Kaspersky ON LIne.html -> %UserDocuments%\Rappport Kaspersky ON LIne.html -> [Ver = | Size = 43412 bytes | Modified Date = 2007-09-25 23:30:38 | Attr = ]

a-squared Free.lnk -> %AllUsersDesktop%\a-squared Free.lnk -> [Ver = | Size = 651 bytes | Modified Date = 2007-09-26 12:50:48 | Attr = ]

AVG Anti-Rootkit Free.lnk -> %AllUsersDesktop%\AVG Anti-Rootkit Free.lnk -> [Ver = | Size = 831 bytes | Modified Date = 2007-09-24 20:13:34 | Attr = ]

AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 852 bytes | Modified Date = 2007-09-23 08:10:02 | Attr = ]

2007été -> %UserDesktop%\2007été -> [Folder | Modified Date = 2007-09-24 23:25:40 | Attr = ]

CCleaner.lnk -> %UserDesktop%\CCleaner.lnk -> [Ver = | Size = 1551 bytes | Modified Date = 2007-09-28 06:44:26 | Attr = ]

classe de neige 2007 -> %UserDesktop%\classe de neige 2007 -> [Folder | Modified Date = 2007-09-26 20:15:14 | Attr = ]

ComboFix.exe -> %UserDesktop%\ComboFix.exe -> [Ver = | Size = 1486342 bytes | Modified Date = 2007-09-26 06:39:54 | Attr = ]

HijackThis.lnk -> %UserDesktop%\HijackThis.lnk -> [Ver = | Size = 1737 bytes | Modified Date = 2007-09-25 19:00:52 | Attr = ]

Larbi -> %UserDesktop%\Larbi -> [Folder | Modified Date = 2007-09-24 23:40:14 | Attr = ]

Mopti-Ségou BOULAB -> %UserDesktop%\Mopti-Ségou BOULAB -> [Folder | Modified Date = 2007-09-24 23:31:56 | Attr = ]

Nouveau dossier -> %UserDesktop%\Nouveau dossier -> [Folder | Modified Date = 2007-09-24 23:31:42 | Attr = ]

Photos Aurianne -> %UserDesktop%\Photos Aurianne -> [Folder | Modified Date = 2007-09-26 20:15:24 | Attr = ]

photos cheval ml -> %UserDesktop%\photos cheval ml -> [Folder | Modified Date = 2007-09-24 23:36:40 | Attr = ]

Photos Mopti-Ségou -> %UserDesktop%\Photos Mopti-Ségou -> [Folder | Modified Date = 2007-09-24 23:44:28 | Attr = ]

photos papier -> %UserDesktop%\photos papier -> [Folder | Modified Date = 2007-09-24 23:44:08 | Attr = ]

SDFix.exe -> %UserDesktop%\SDFix.exe -> [Ver = | Size = 1159146 bytes | Modified Date = 2007-09-26 06:38:38 | Attr = ]

Spybot - Search & Destroy.lnk -> %UserDesktop%\Spybot - Search & Destroy.lnk -> [Ver = | Size = 936 bytes | Modified Date = 2007-09-26 08:43:06 | Attr = ]

WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 2007-09-27 21:49:18 | Attr = ]

System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 2007-09-26 14:48:44 | Attr = ]

[File String Scan - Non-Microsoft Only]

WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.01 | Size = 10433024 bytes | Modified Date = 2003-08-05 16:51:00 | Attr = ]

PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 2002-08-30 14:00:00 | Attr = ]

FSG! , -> %System32%\divxdec.ax -> DivXNetworks, Inc. [Ver = 5.1.1.1031 | Size = 236544 bytes | Modified Date = 2003-12-10 16:36:10 | Attr = ]

UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 2007-07-22 18:39:28 | Attr = ]

winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 2002-08-30 14:00:00 | Attr = ]

WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 2002-08-30 14:00:00 | Attr = ]

PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 2004-08-04 07:41:38 | Attr = ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts -> [Ver = | Size = 183665 bytes | Modified Date = 2007-09-26 12:29:56 | Attr = R ]

abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %System32%\drivers\etc\hosts.20070926-122955.backup -> [Ver = | Size = 183781 bytes | Modified Date = 2007-09-26 09:16:02 | Attr = R ]

File scan skipped for file %UserDocuments%\film jp 69 70.mpg -> File size too big (312803428 bytes) ->

File scan skipped for file %UserDocuments%\film jp fin.mpg -> File size too big (432549852 bytes) ->

File scan skipped for file %UserDocuments%\film jp 67 68.mpg -> File size too big (226801484 bytes) ->

File scan skipped for file %UserDocuments%\film jp 68 69.mpg -> File size too big (385944356 bytes) ->

UPX! , UPX0 , -> %UserDesktop%\ComboFix.exe -> [Ver = | Size = 1486342 bytes | Modified Date = 2007-09-26 06:39:54 | Attr = ]

WSUD , -> %UserDesktop%\convertmovie_3_0_bluesquad_fr.exe -> [Ver = | Size = 13115171 bytes | Modified Date = 2007-03-28 15:14:42 | Attr = ]

Thawte Consulting , -> %UserDesktop%\videocleaner_wmf_setup.exe -> [Ver = | Size = 6624984 bytes | Modified Date = 2007-03-28 15:45:56 | Attr = ]

WSUD , -> %UserDesktop%\zvcd2000.exe -> ZillaSoft [Ver = | Size = 14671730 bytes | Modified Date = 2007-03-28 15:05:54 | Attr = ]

< End of report >

Merci

Thanos · le 28 septembre 2007

C'est beaucoup mieux une infection à éliminer par contre (WinPFind3U n'y est pas parvenu)>

1) Télécharge rustbfix (par ejvindh) de l'un de ces deux liens :

http://www.uploads.ejvindh.net/rustbfix.exe

http://uploads.ejvindh.andymanchesta.com/Rustbfix.exe

...et sauvegarde-le sur ton Bureau.

Double clique rustbfix.exe afin de lancer l'outil.

Si une infection Rustock.b est détectée, une invite t'indiquera qu'il est nécessaire de redémarrer l'ordi. Ce redémarrage pourrait être plus long que d'habitude, et il est possible que deux redémarrages soient requis. Tout cela se fera automatiquement.

Suite au(x) redémarrage(s), deux rapports s'ouvriront : (%root%\avenger.txt & %root%\rustbfix\pelog.txt).

Poste (Copie/Colle) le contenu de ces deux rapports, ainsi qu'un nouveau log HijackThis dans ta prochaine réponse.

2) Fais un scan en ligne avec Panda :

http://www.pandasoftware.fr/Activescan/Activescan.html .

Et poste le rapport qu'il t'affichera à la fin, pour cela, assure toi que IE est correctement configuré pour le scan en ligne comme indiqué ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId898809 .

Si tu n'y arrives pas, le tuto est : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId237368

Tu n'es pas obligé de donner ton email, tu peux utiliser une adresse jetable si tu le souhaites : http://www.jetable.org/fr/index

donlarbe, je pars bosser! je lirai ta réponse dès mon retour

Donlarbe · le 28 septembre 2007

C'est beaucoup mieux une infection à éliminer par contre (WinPFind3U n'y est pas parvenu)>

1) Télécharge rustbfix (par ejvindh) de l'un de ces deux liens :

http://www.uploads.ejvindh.net/rustbfix.exe

http://uploads.ejvindh.andymanchesta.com/Rustbfix.exe

...et sauvegarde-le sur ton Bureau.

Double clique rustbfix.exe afin de lancer l'outil.

Si une infection Rustock.b est détectée, une invite t'indiquera qu'il est nécessaire de redémarrer l'ordi. Ce redémarrage pourrait être plus long que d'habitude, et il est possible que deux redémarrages soient requis. Tout cela se fera automatiquement.

Suite au(x) redémarrage(s), deux rapports s'ouvriront : (%root%\avenger.txt & %root%\rustbfix\pelog.txt).

Poste (Copie/Colle) le contenu de ces deux rapports, ainsi qu'un nouveau log HijackThis dans ta prochaine réponse.

2) Fais un scan en ligne avec Panda :

http://www.pandasoftware.fr/Activescan/Activescan.html .

Et poste le rapport qu'il t'affichera à la fin, pour cela, assure toi que IE est correctement configuré pour le scan en ligne comme indiqué ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId898809 .

Si tu n'y arrives pas, le tuto est : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId237368

Tu n'es pas obligé de donner ton email, tu peux utiliser une adresse jetable si tu le souhaites : http://www.jetable.org/fr/index

donlarbe, je pars bosser! je lirai ta réponse dès mon retour

Salut,

Voici les 2 rapports de Rustbfix ainsi que celui de HijackThis.

Pour ce qui concerne celui de Panda, je vais essayer mais je voudrais d'abord vérifier que Kasperky on line ne posera pas de problème.

************************* Rustock.b-fix v. 1.01 -- By ejvindh *************************

2007-09-28 23:18:02.62

******************* Pre-run Status of system *******************

Rootkit driver xpdx is found. Starting the unload-procedure....

Rustock.b-ADS attached to the System32-folder:

No streams found.

Looking for Rustock.b-files in the System32-folder:

system32\xpdx.sys FOUND!

attempting to delete xpdx.sys from system32-folder

******************* Post-run Status of system *******************

Rustock.b-driver on the system: NONE!

Rustock.b-ADS attached to the System32-folder:

No System32-ADS found.

Looking for Rustock.b-files in the System32-folder:

No Rustock.b-files found in system32

******************************* End of Logfile ********************************

Logfile of The Avenger version 1, by Swandog46

Running from registry key:

\Registry\Machine\System\CurrentControlSet\Services\qmbtwvmj

*******************

Script file located at: \??\C:\WINDOWS\eaexnjve.txt

Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Driver xpdx unloaded successfully.

Program C:\Rustbfix\2run.bat successfully set up to run once on reboot.

Completed script processing.

*******************

Finished! Terminate.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:26, on 2007-09-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\a-squared Free\a2service.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\notepad.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\apps\ABoard\ABoard.exe

C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

C:\apps\ABoard\AOSD.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll

O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe

O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [CheckMedi8or] C:\Program Files\Mediator 7 Pro\CheckNewUser.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Search - ?p=ZCfox000

O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--

End of file - 6682 bytes

Merci

Connexion

Pas encore inscrit ?

PC truffé de virus

Messages recommandés

Donlarbe

Thanos

Thanos

Donlarbe

Thanos

Donlarbe

Thanos

Donlarbe

Thanos

Donlarbe

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer