virus Résolu/Fermé

Question

Bonjour,
Alors voila gros problème de virus impossible de démarrer  les service de sécurité 

avira,spybot,,,,, ne démarre pas (n'est pas une aplication win32valide)

voila deux rapports :

1 : hijacktis



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:02:42, on 06/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32
etdde.exe
E:\WINDOWS\system32\dllhost.exe
E:\Program Files\CPUCooL\CooLSrv.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32
vsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32	lntsvr.exe
E:\WINDOWS\System32\TUProgSt.exe
E:\WINDOWS\System32\vssvc.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\NudgeMania\NudgeMania.exe
E:\Program Files\RALINK\Common\RaUI.exe
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sh3.tmp\NM.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
E:\WINDOWS\system32
otepad.exe
E:\Documents and Settings\hackeu\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Monitor] E:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MSConfig] E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NudgeMania] E:\Program Files\NudgeMania\NudgeMania.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = E:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - E:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - E:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32
vsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - E:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - E:\WINDOWS\System32\TUProgSt.exe

Destrio5 · Accepted Answer

Salut,

--> Désinstalle FindyKill.

--> Télécharge FindyKill (par Chiquitine29) sur ton Bureau.

--> Lance l'installation avec les paramètres par défaut.

--> Double-clique sur le raccourci FindyKill sur ton Bureau.

--> Au menu principal, choisis l'option 1 (Recherche).

--> Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

varfendell · Answer

salut,

essaye ceci:

malware:


télécharge malwarebytes-anti-malware sur cette page=>le tutoriel à été fait par VIRUS_KILLER
A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée. >>> clique sur "Terminer"
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur ok
Laisse les Mises à jour se télécharger
*** Referme le programme ***
redémarrer en mode sans échecs (regarder ici si vous ne savez pas comment faire)
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Exécuter un examen complet >>> Rechercher
Sélectionne ton disque dur >>> clic sur Lancer l'examen (scan complet)
Suppression des éléments détectés >>>> clique sur Supprimer la sélection
Colle le rapport de malwarebytes dans ta réponse
S'il t'es demandé de redémarrer >>> clique sur "Yes"

ccleaner:

télécharge ccleaner (tutoriel ici par VIRUS_KILLER ou en voici un autre)
passe un bon coup de balais sur ton ordi:
configure le comme suit:
		dans "options" puis "avancé" coche uniquement la case "cacher les messages d'avertissement"
		dans "options" "propriété" coche TOUTE les cases
		dans outils démarage, selectionne toute les lignes qui ne te disent rien et desactivent les (cela enleve le démarage automatique de programmes inutiles, donc ne pas desinstaller ton antivirus, le cas echéant msn, ...)
		dans registre faire une recherche des erreurs et supprimer toutes les erreurs trouvé, recommencer jusqu'a ce qu'il n'y en ai plus
		dans nettoyeur cocher toutes les cases (windows et application) et lancer une analyse, puis nettoyer. recommencer jusqu'a ce que l'analyse trouve moins de 1Mo


puis repost un rapport hijackthis pour verifier

chimay8 · Answer

varfendell,
tu dis n'importe quoi

destrio5 a 1000 fois raison

Utilisateur anonyme · Answer

merci de la réponse voila : 


((((((((((((((((( *** Recherche *** ))))))))))))))))))  
 
 
--------------- [ Processus actifs ] ----------------  
 

E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\SCardSvr.exe
E:\WINDOWS\system32
etdde.exe
E:\WINDOWS\system32\msdtc.exe
E:\WINDOWS\system32\dllhost.exe
E:\Program Files\CPUCooL\CooLSrv.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32
vsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32	lntsvr.exe
E:\WINDOWS\System32\TUProgSt.exe
E:\WINDOWS\system32\wdfmgr.exe
E:\WINDOWS\System32\vssvc.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\NudgeMania\NudgeMania.exe
E:\Program Files\RALINK\Common\RaUI.exe
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sh3.tmp\NM.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
E:\WINDOWS\system32
otepad.exe
E:\Documents and Settings\hackeu\Bureau\HiJackThis.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
 
--------------- [ Fichiers/Dossiers infectieux ] ----------------  
 
 
»»»» Presence des fichiers dans E: 
 
 
»»»» Presence des fichiers dans E:\WINDOWS 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\Prefetch 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\system32 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\system32\drivers 
 
 
»»»» Presence des fichiers dans E:\Documents and Settings\hackeu\Application Data 
 
 
»»»» Presence des fichiers dans E:\DOCUME~1\hackeu\LOCALS~1\Temp 
 
 
»»»» Presence des fichiers dans E:\Documents and Settings\hackeu\Local Settings\Temporary Internet Files\Content.IE5 
 
Found ! [28/12/2008 19:10] - E:\Program Files\Electronic Arts\Need for Speed Carbon\filelist.txt  
Found ! [16/10/2008 07:47] - E:\Program Files\ManyCam 2.3\FilesList.txt  
 
--------------- [ Registre / Startup ] ----------------  
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersionun]
   ctfmon.exe=E:\WINDOWS\system32\ctfmon.exe
   SpybotSD TeaTimer=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
   NudgeMania=E:\Program Files\NudgeMania\NudgeMania.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionun]
   !AVG Anti-Spyware="E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
   egui="E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe"
   avgnt="E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
   NvCplDaemon=RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
   SunJavaUpdateSched="E:\Program Files\Java\jre6\bin\jusched.exe"
   SkyTel=SkyTel.EXE
   RTHDCPL=RTHDCPL.EXE
   nwiz=nwiz.exe /install
   NvMediaCenter=RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
   Monitor=E:\WINDOWS\PixArt\PAC207\Monitor.exe
   Alcmtr=ALCMTR.EXE
   MSConfig=E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
   UnlockerAssistant="E:\Program Files\Unlocker\UnlockerAssistant.exe"
 
 
--------------- [ Registre / Clés infectieuses ] ----------------  
 
 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\drvsyskit 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\german.exe 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mule_st_key 
 
 
--------------- [ Etat / Services ] ---------------- 
 


+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ] 

Ndisuio - Type de démarrage = 3 
 
EapHost - Type de démarrage = 2 
 
Ip6Fw - Type de démarrage = 2 
 
SharedAccess - Type de démarrage = 2 
 
wuauserv - Type de démarrage = 2 
 
wscsvc - Type de démarrage = 2 
 
 
--------------- [ Recherche dans supports amovibles] ----------------  
 
 
+- Informations : 

C: - Lecteur fixe

E: - Lecteur fixe

I: - Lecteur amovible

J: - Lecteur amovible

 
+- presence des fichiers :  

 
 
--------------- [ Registre / Mountpoint2 ] ----------------  
 
 
-> Not found ! 
 
 
------------------- ! Fin du rapport ! --------------------

Destrio5 · Answer

Merci de mettre la totalité du rapport.

Utilisateur anonyme · Answer

varfendell merci mais tout les système de sécurité les plus connus sont bloqué par le(s) virus :  (

Utilisateur anonyme · Answer

----------------- FindyKill V4.711 ------------------

* User : hackeu - HACKEU-6B6D7251
* Emplacement : E:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 15:12:55 le 06/01/2009
* Windows XP - Internet Explorer 6.0.2900.5512
 
((((((((((((((((( *** Recherche *** ))))))))))))))))))  
 
 
--------------- [ Processus actifs ] ----------------  
 

E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\SCardSvr.exe
E:\WINDOWS\system32
etdde.exe
E:\WINDOWS\system32\msdtc.exe
E:\WINDOWS\system32\dllhost.exe
E:\Program Files\CPUCooL\CooLSrv.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32
vsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32	lntsvr.exe
E:\WINDOWS\System32\TUProgSt.exe
E:\WINDOWS\system32\wdfmgr.exe
E:\WINDOWS\System32\vssvc.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\NudgeMania\NudgeMania.exe
E:\Program Files\RALINK\Common\RaUI.exe
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sh3.tmp\NM.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
E:\WINDOWS\system32
otepad.exe
E:\Documents and Settings\hackeu\Bureau\HiJackThis.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
 
--------------- [ Fichiers/Dossiers infectieux ] ----------------  
 
 
»»»» Presence des fichiers dans E: 
 
 
»»»» Presence des fichiers dans E:\WINDOWS 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\Prefetch 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\system32 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\system32\drivers 
 
 
»»»» Presence des fichiers dans E:\Documents and Settings\hackeu\Application Data 
 
 
»»»» Presence des fichiers dans E:\DOCUME~1\hackeu\LOCALS~1\Temp 
 
 
»»»» Presence des fichiers dans E:\Documents and Settings\hackeu\Local Settings\Temporary Internet Files\Content.IE5 
 
Found ! [28/12/2008 19:10] - E:\Program Files\Electronic Arts\Need for Speed Carbon\filelist.txt  
Found ! [16/10/2008 07:47] - E:\Program Files\ManyCam 2.3\FilesList.txt  
 
--------------- [ Registre / Startup ] ----------------  
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersionun]
   ctfmon.exe=E:\WINDOWS\system32\ctfmon.exe
   SpybotSD TeaTimer=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
   NudgeMania=E:\Program Files\NudgeMania\NudgeMania.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionun]
   !AVG Anti-Spyware="E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
   egui="E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe"
   avgnt="E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
   NvCplDaemon=RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
   SunJavaUpdateSched="E:\Program Files\Java\jre6\bin\jusched.exe"
   SkyTel=SkyTel.EXE
   RTHDCPL=RTHDCPL.EXE
   nwiz=nwiz.exe /install
   NvMediaCenter=RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
   Monitor=E:\WINDOWS\PixArt\PAC207\Monitor.exe
   Alcmtr=ALCMTR.EXE
   MSConfig=E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
   UnlockerAssistant="E:\Program Files\Unlocker\UnlockerAssistant.exe"
 
 
--------------- [ Registre / Clés infectieuses ] ----------------  
 
 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\drvsyskit 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\german.exe 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mule_st_key 
 
 
--------------- [ Etat / Services ] ---------------- 
 


+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ] 

Ndisuio - Type de démarrage = 3 
 
EapHost - Type de démarrage = 2 
 
Ip6Fw - Type de démarrage = 2 
 
SharedAccess - Type de démarrage = 2 
 
wuauserv - Type de démarrage = 2 
 
wscsvc - Type de démarrage = 2 
 
 
--------------- [ Recherche dans supports amovibles] ----------------  
 
 
+- Informations : 

C: - Lecteur fixe

E: - Lecteur fixe

I: - Lecteur amovible

J: - Lecteur amovible

 
+- presence des fichiers :  

 
 
--------------- [ Registre / Mountpoint2 ] ----------------  
 
 
-> Not found ! 
 
 
------------------- ! Fin du rapport ! --------------------

Destrio5 · Answer

--> Supprime tes cracks et keygens.

--> Double-clique sur le raccourci FindyKill sur ton Bureau.

--> Au menu principal, choisis l'option 2 (Suppression).

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

--> Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Utilisateur anonyme · Answer

--> Supprime tes cracks et keygens.

Justement c'est de la que le problème viens je pense j'ai voulut téléchargé un script d'autosurf sur emule et me suis retrouvé avec un .exe et comme un *** j'ai ouvert et la disparu le fichier : (

mais je refait quand même la suite merci je reviens ^^

Utilisateur anonyme · Answer

voila : 



----------------- FindyKill V4.711 ------------------

* User : hackeu - HACKEU-6B6D7251
* Emplacement : E:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 15:42:30 le 06/01/2009
* Windows XP - Internet Explorer 6.0.2900.5512
 
((((((((((((((((( *** Recherche *** ))))))))))))))))))  
 
 
--------------- [ Processus actifs ] ----------------  
 

E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\SCardSvr.exe
E:\WINDOWS\system32
etdde.exe
E:\WINDOWS\system32\msdtc.exe
E:\WINDOWS\system32\dllhost.exe
E:\Program Files\CPUCooL\CooLSrv.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32
vsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32	lntsvr.exe
E:\WINDOWS\System32\TUProgSt.exe
E:\WINDOWS\system32\wdfmgr.exe
E:\WINDOWS\System32\vssvc.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\NudgeMania\NudgeMania.exe
E:\Program Files\RALINK\Common\RaUI.exe
E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NM.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\WINDOWS\system32\wuauclt.exe
 
--------------- [ Fichiers/Dossiers infectieux ] ----------------  
 
 
»»»» Presence des fichiers dans E: 
 
 
»»»» Presence des fichiers dans E:\WINDOWS 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\Prefetch 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\system32 
 
 
»»»» Presence des fichiers dans E:\WINDOWS\system32\drivers 
 
 
»»»» Presence des fichiers dans E:\Documents and Settings\hackeu\Application Data 
 
 
»»»» Presence des fichiers dans E:\DOCUME~1\hackeu\LOCALS~1\Temp 
 
 
»»»» Presence des fichiers dans E:\Documents and Settings\hackeu\Local Settings\Temporary Internet Files\Content.IE5 
 
Found ! [28/12/2008 19:10] - E:\Program Files\Electronic Arts\Need for Speed Carbon\filelist.txt  
Found ! [16/10/2008 07:47] - E:\Program Files\ManyCam 2.3\FilesList.txt  
 
--------------- [ Registre / Startup ] ----------------  
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersionun]
   ctfmon.exe=E:\WINDOWS\system32\ctfmon.exe
   SpybotSD TeaTimer=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
   NudgeMania=E:\Program Files\NudgeMania\NudgeMania.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionun]
   !AVG Anti-Spyware="E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
   egui="E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe"
   avgnt="E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
   NvCplDaemon=RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
   SunJavaUpdateSched="E:\Program Files\Java\jre6\bin\jusched.exe"
   SkyTel=SkyTel.EXE
   RTHDCPL=RTHDCPL.EXE
   nwiz=nwiz.exe /install
   NvMediaCenter=RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
   Monitor=E:\WINDOWS\PixArt\PAC207\Monitor.exe
   Alcmtr=ALCMTR.EXE
   MSConfig=E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
   UnlockerAssistant="E:\Program Files\Unlocker\UnlockerAssistant.exe"
 
 
--------------- [ Registre / Clés infectieuses ] ----------------  
 
 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\drvsyskit 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\german.exe 
Found ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mule_st_key 
 
 
--------------- [ Etat / Services ] ---------------- 
 


+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ] 

Ndisuio - Type de démarrage = 3 
 
EapHost - Type de démarrage = 2 
 
Ip6Fw - Type de démarrage = 2 
 
SharedAccess - Type de démarrage = 2 
 
wuauserv - Type de démarrage = 2 
 
wscsvc - Type de démarrage = 2 
 
 
--------------- [ Recherche dans supports amovibles] ----------------  
 
 
+- Informations : 

C: - Lecteur fixe

E: - Lecteur fixe

I: - Lecteur amovible

J: - Lecteur amovible

 
+- presence des fichiers :  

 
 
--------------- [ Registre / Mountpoint2 ] ----------------  
 
 
-> Not found ! 
 
 
------------------- ! Fin du rapport ! --------------------

Destrio5 · Answer

Ça, c'est l'option 1.

Utilisateur anonyme · Answer

j'ai fait l'option 2 sa a redémarrer et j'ai refais l'option 2

Destrio5 · Answer

---> Réinstalle les applications qui ont été infectées (Antivirus...)

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.

Utilisateur anonyme · Answer

il y a déjà un progrès avira voulez pas se réinstallé avant et j'ai eu la notification ( je sai plus le nom ) qui dit avira et périmé je continu se que tu a demandé :  ) déjà grand merci

Utilisateur anonyme · Answer

alors voila :  ) 

log.txt :

Logfile of random's system information tool 1.05 (written by random/random)
Run by hackeu at 2009-01-06 16:05:10
Microsoft Windows XP Professionnel Service Pack 3
System drive E: has 213 GB (70%) free of 305 GB
Total RAM: 3071 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:26, on 06/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32
etdde.exe
E:\WINDOWS\system32\dllhost.exe
E:\Program Files\CPUCooL\CooLSrv.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32
vsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32	lntsvr.exe
E:\WINDOWS\System32\TUProgSt.exe
E:\WINDOWS\System32\vssvc.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\NudgeMania\NudgeMania.exe
E:\Program Files\RALINK\Common\RaUI.exe
E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NM.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Windows NT\Accessoires\WORDPAD.EXE
C:\Documents and Settingsodrigue\Bureau\antivir_workstation_winu_fr_h.exe
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\setup.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Documents and Settings\hackeu\Bureau\RSIT.exe
E:\Documents and Settings\hackeu\Bureau\hackeu.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe"
O4 - HKLM\..\Run: [avgnt] "E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Monitor] E:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MSConfig] E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NudgeMania] E:\Program Files\NudgeMania\NudgeMania.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = E:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - E:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - E:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32
vsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - E:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - E:\WINDOWS\System32\TUProgSt.exe

Destrio5 · Answer

Le rapport ne passe pas entièrement.

---> Uploader un fichier sur Mediafire :
&#9679; Rends-toi sur ce lien : https://www.mediafire.com/
&#9679; Clique en haut sur Upload files To Media fire. Choisis ensuite I want to upload without an account.
&#9679; Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur ouvrir.
&#9679; Clique ensuite sur Upload.
&#9679; A droite de l'écran, choisis : upload to a new folder. Laisse le nom par défaut (= la date).
&#9679; Valide et laisse l'upload se faire.
&#9679; Clique sur View uploaded file et copie-moi l'url (= le lien) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.

Utilisateur anonyme · Answer

je pense que c'est sa (si je suis pas con XD) : 
https://www.mediafire.com/?sharekey=945fd3f6c75be15591b20cc0d07ba4d24a0077a9fc0ff947

Destrio5 · Answer

---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous : 





:processes
explorer.exe 

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mule_st_key]  
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\german.exe]     
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\drvsyskit]  

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Utilisateur anonyme · Answer

voila : 

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mule_st_key\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\german.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\drvsyskit\ deleted successfully.
========== COMMANDS ==========
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\mfc71u.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcp71.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcr71.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\setup.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\setup.exe scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NM.exe scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NotifyIcon.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\ShutdownAllow.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\MessengerCache\AXaJR6ajgYdaIcxoIzk2VLj7tCc= scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\MessengerCache\Rq2FTsAFyGJ3Y8zyw58JI+cMMiuM= scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\etilqs_SIX9wTEBSlPlC6ZFHmoE scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
sx2.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. E:\WINDOWS	emp\Perflib_Perfdata_3d8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
 
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01062009_162819

Files moved on Reboot...
LoadLibrary failed for E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\mfc71u.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\mfc71u.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\mfc71u.dll moved successfully.
LoadLibrary failed for E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcp71.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcp71.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcp71.dll moved successfully.
DllUnregisterServer procedure not found in E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcr71.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcr71.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\msvcr71.dll moved successfully.
DllUnregisterServer procedure not found in E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\setup.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\setup.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\setup.dll moved successfully.
E:\DOCUME~1\hackeu\LOCALS~1\Temp\RarSFX0\basic\setup.exe moved successfully.
E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NM.exe moved successfully.
DllUnregisterServer procedure not found in E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NotifyIcon.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NotifyIcon.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\NotifyIcon.dll moved successfully.
DllUnregisterServer procedure not found in E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\ShutdownAllow.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\ShutdownAllow.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp
si3.tmp\ShutdownAllow.dll moved successfully.
E:\DOCUME~1\hackeu\LOCALS~1\Temp\MessengerCache\AXaJR6ajgYdaIcxoIzk2VLj7tCc= moved successfully.
E:\DOCUME~1\hackeu\LOCALS~1\Temp\MessengerCache\Rq2FTsAFyGJ3Y8zyw58JI+cMMiuM= moved successfully.
File E:\DOCUME~1\hackeu\LOCALS~1\Temp\etilqs_SIX9wTEBSlPlC6ZFHmoE not found!
File E:\DOCUME~1\hackeu\LOCALS~1\Temp
sx2.tmp not found!
File move failed. E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File E:\WINDOWS	emp\Perflib_Perfdata_3d8.dat not found!
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_001_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_002_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_003_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_MAP_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\urlclassifier3.sqlite moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\XUL.mfl moved successfully.

Destrio5 · Answer

Tu as désinstallé NOD32 ?

Utilisateur anonyme · Answer

non =  $ 

j'avais installé tout se que jpouvé pour essayé de faire moi même ^_^ et j'ai oublié se chapitre : $ 

je le désinstalle et je fait quoi ?

Destrio5 · Answer

Il faut qu'un seul antivirus et vu que tu as Antivir.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Utilisateur anonyme · Answer

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1624
Windows 5.1.2600 Service Pack 3

06/01/2009 16:56:00
mbam-log-2009-01-06 (16-56-00).txt

Type de recherche: Examen rapide
Eléments examinés: 48011
Temps écoulé: 2 minute(s), 1 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Destrio5 · Answer

1/

---> Désinstalle FindyKill.

---> Télécharge ToolsCleaner2 sur ton Bureau.
* Double-clique sur ToolsCleaner2.exe pour le lancer.
* Clique sur Recherche et laisse le scan agir.
* Clique sur Suppression pour finaliser. 
* Tu peux, si tu le souhaites, te servir des Options Facultatives.
* Clique sur Quitter pour obtenir le rapport. 
* Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


2/

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.

Utilisateur anonyme · Answer

1

impossible de trouvé le rapport : TCleaner.txt j'ai cliqué sur la croix et pas sur quitter : $ 

mais tout a était supprimé

2

quand je lance RSIT.exe j'ai le message d'erreur E:\Documents and Settings\hackeu\Bureau\hackeu.exe n'est pas une application win32 valide

et après j'ai le log.txt qui s'ouvre 

Logfile of random's system information tool 1.05 (written by random/random)
Run by hackeu at 2009-01-06 17:09:47
Microsoft Windows XP Professionnel Service Pack 3
System drive E: has 216 GB (71%) free of 305 GB
Total RAM: 3071 MB (77% free)


======Scheduled tasks folder======

E:\WINDOWS	asks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files\Java\jre6\bin\ssv.dll [2008-12-28 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-28 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-28 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"=E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2008-12-02 13680640]
"SunJavaUpdateSched"=E:\Program Files\Java\jre6\bin\jusched.exe [2008-12-28 136600]
"SkyTel"=E:\WINDOWS\SkyTel.EXE [2007-04-04 1822720]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=E:\WINDOWS\system32\NvMcTray.dll [2008-12-02 86016]
"Monitor"=E:\WINDOWS\PixArt\PAC207\Monitor.exe [2009-01-06 319488]
"Alcmtr"=E:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"UnlockerAssistant"=E:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"avgnt"=E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-06 2156368]
"NudgeMania"=E:\Program Files\NudgeMania\NudgeMania.exe [2007-02-25 65821]
"msnmsgr"=E:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
E:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2006-01-07 864264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
E:\Program Files\ManyCam 2.3\ManyCam.exe [2008-10-14 1791272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
E:\Program Files\MAGIX\Video_deluxe_15_Version_a_telecharger\TrayServer.exe [2008-09-01 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2]
E:\WINDOWS\system32\winsys2.exe [2008-01-18 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^hackeu^Menu Démarrer^Programmes^Démarrage^RAR Password Cracker.lnk]
E:\PROGRA~1\RARPAS~1pc.exe [2004-04-25 157696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^hackeu^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
E:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [2005-06-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^hackeu^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
E:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [2006-05-21 180224]

E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Ralink Wireless Utility.lnk - E:\Program Files\RALINK\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ma-config.com\maconfservice.exe"="E:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"E:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe"="E:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe:*:Enabled:script-fu"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Windows Live\Messenger\wlcsdk.exe"="E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\Program Files\eMule\emule.exe"="E:\Program Files\eMule\emule.exe:*:Enabled:eMule"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Windows Live\Messenger\wlcsdk.exe"="E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.js - edit - "E:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2009-01-06 17:09:12 ----D---- E:sit
2009-01-06 16:59:58 ----D---- E:\Documents and Settings\All Users\Application Data\Avira
2009-01-06 16:52:56 ----D---- E:\Documents and Settings\hackeu\Application Data\Malwarebytes
2009-01-06 16:52:52 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2009-01-06 16:52:52 ----D---- E:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-06 15:06:52 ----D---- E:\Program Files\Unlocker
2009-01-06 15:06:52 ----D---- E:\Documents and Settings\hackeu\Application Data\Desktopicon
2009-01-06 08:18:02 ----D---- E:\Program Files\Spybot - Search & Destroy
2009-01-06 08:18:02 ----D---- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-06 08:17:14 ----D---- E:\Program Files\SpywareBlaster
2009-01-06 08:16:03 ----AD---- E:\Documents and Settings\All Users\Application Data\TEMP
2009-01-06 08:15:45 ----D---- E:\Program Files\Grisoft
2009-01-06 08:15:45 ----D---- E:\Documents and Settings\All Users\Application Data\Grisoft
2009-01-06 07:42:35 ----D---- E:\WINDOWS\system32\appmgmt
2009-01-06 07:37:20 ----D---- E:\Program Files\Trend Micro
2009-01-06 07:29:06 ----D---- E:\WINDOWS\pss
2009-01-06 05:12:40 ----A---- E:\WINDOWS\WORDPAD.INI
2009-01-05 23:50:12 ----D---- E:\Program Files\CamStudio
2009-01-05 23:29:46 ----D---- E:\Program Files\Fichiers communs\Autosurf Manager
2009-01-05 22:26:12 ----D---- E:\Program Files\eMule
2009-01-03 21:43:14 ----D---- E:\Program Files\Crystal Button 2008
2009-01-03 14:00:34 ----D---- E:\Documents and Settings\All Users\Application Data\ESET
2009-01-03 01:47:01 ----A---- E:\WINDOWS\system32\devil.dll
2009-01-03 01:47:01 ----A---- E:\WINDOWS\system32\avisynth.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\system32\yv12vfw.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\system32\i420vfw.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\system32\AVSredirect.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\MOTA113.exe
2009-01-03 01:46:59 ----A---- E:\WINDOWS\x2.64.exe
2009-01-03 01:46:59 ----A---- E:\WINDOWS\system32\x.264.exe
2009-01-03 01:46:59 ----A---- E:\WINDOWS\meta4.exe
2009-01-03 01:46:57 ----D---- E:\Program Files\AviSynth 2.5
2009-01-03 01:45:27 ----RSH---- E:\WINDOWS\system32
bDX.dll
2009-01-03 01:45:27 ----RSH---- E:\WINDOWS\system32\msfDX.dll
2009-01-03 01:45:27 ----RSH---- E:\WINDOWS\system32\flvDX.dll
2009-01-03 01:45:19 ----D---- E:\Program Files\eRightSoft
2009-01-03 01:42:28 ----D---- E:\Program Files\ManyCam 2.3
2009-01-03 01:30:04 ----D---- E:\WINDOWS\Minidump
2009-01-03 01:12:49 ----D---- E:\Documents and Settings\hackeu\Application Data\dvdcss
2009-01-02 16:59:25 ----D---- E:\Documents and Settings\hackeu\Application Data\FileZilla
2009-01-02 16:16:59 ----D---- E:\Program Files\Corel
2009-01-02 16:10:25 ----D---- E:\Program Files\Microsoft Works
2009-01-02 16:10:15 ----D---- E:\Program Files\Microsoft Visual Studio
2009-01-02 16:10:14 ----D---- E:\Program Files\Fichiers communs\DESIGNER
2009-01-02 16:09:28 ----D---- E:\Program Files\Microsoft Visual Studio 8
2009-01-02 16:07:48 ----D---- E:\Program Files\Microsoft Expression
2009-01-02 16:07:47 ----D---- E:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-02 16:07:33 ----RHD---- E:\MSOCache
2009-01-02 16:02:57 ----A---- E:\WINDOWS\ETAXP.ini
2009-01-02 03:00:20 ----D---- E:\Program Files\MSXML 4.0
2009-01-01 23:00:28 ----A---- E:\WINDOWS\system32\PnkBstrA.exe
2009-01-01 23:00:21 ----A---- E:\WINDOWS\system32\PnkBstrB.exe
2009-01-01 22:58:41 ----D---- E:\Documents and Settings\hackeu\Application Data\Leadertech
2009-01-01 22:58:28 ----D---- E:\WINDOWS\system32\LogFiles
2009-01-01 22:51:30 ----D---- E:\Program Files\EA Games
2009-01-01 17:55:36 ----D---- E:\Program Files\CPUCooL
2009-01-01 17:55:24 ----D---- E:\Program Files\Microsoft
2009-01-01 17:55:05 ----D---- E:\Program Files\Windows Live SkyDrive
2009-01-01 17:50:23 ----D---- E:\Program Files\Fichiers communs\Windows Live
2009-01-01 17:39:55 ----D---- E:\Documents and Settings\hackeu\Application Data\MAGIX
2009-01-01 17:38:35 ----D---- E:\Program Files\Fichiers communs\MAGIX Shared
2009-01-01 17:38:33 ----A---- E:\WINDOWS\system32\msxml4r.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\TTIC32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\TTI32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\STRING32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\MXRestore.exe
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\msxml4a.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\mgxcdr.txt
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLTPO32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLRES32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLRD32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPTL32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPRJ32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPRF32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPNT32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLMSC32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLIX.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLISO32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLIO32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLIMG32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLDRV32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLDIR32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLDEV32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLCPY32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLCDF32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLCDA32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLAV32.dll
2009-01-01 17:37:27 ----D---- E:\Documents and Settings\All Users\Application Data\MAGIX
2009-01-01 17:37:03 ----D---- E:\Program Files\MAGIX
2009-01-01 17:37:03 ----A---- E:\WINDOWS\system32\DLLDEV32i.dll
2009-01-01 17:36:46 ----D---- E:\WINDOWS\system32\MAGIX
2009-01-01 17:36:46 ----A---- E:\WINDOWS\system32\mgxoschk.dll
2009-01-01 17:36:46 ----A---- E:\WINDOWS\mgxoschk.ini
2009-01-01 16:58:04 ----D---- E:\Documents and Settings\hackeu\Application Data\MagicEffect Photo
2009-01-01 03:01:03 ----HDC---- E:\WINDOWS\$NtUninstallKB951978$
2009-01-01 03:00:56 ----HDC---- E:\WINDOWS\$NtUninstallKB941569$
2009-01-01 03:00:46 ----HDC---- E:\WINDOWS\$NtUninstallKB923689$
2009-01-01 03:00:36 ----HDC---- E:\WINDOWS\$NtUninstallKB954459$
2009-01-01 03:00:27 ----HDC---- E:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-12-31 12:22:33 ----D---- E:\Program Files\RAR Password Cracker
2008-12-31 03:08:17 ----D---- E:\WINDOWS\Prefetch
2008-12-30 15:10:22 ----A---- E:\WINDOWS\msicpl.ini
2008-12-30 05:20:04 ----D---- E:\WINDOWS\RegisteredPackages
2008-12-30 05:01:40 ----HDC---- E:\WINDOWS\$NtUninstallKB960714$
2008-12-30 05:01:33 ----HDC---- E:\WINDOWS\$NtUninstallKB958644$
2008-12-30 05:01:24 ----HDC---- E:\WINDOWS\$NtUninstallKB958215$
2008-12-30 05:01:17 ----HDC---- E:\WINDOWS\$NtUninstallKB957097$
2008-12-30 05:01:11 ----HDC---- E:\WINDOWS\$NtUninstallKB957095$
2008-12-30 05:01:04 ----HDC---- E:\WINDOWS\$NtUninstallKB956841$
2008-12-30 05:00:56 ----HDC---- E:\WINDOWS\$NtUninstallKB956803$
2008-12-30 05:00:51 ----HDC---- E:\WINDOWS\$NtUninstallKB956802$
2008-12-30 05:00:40 ----HDC---- E:\WINDOWS\$NtUninstallKB955069$
2008-12-30 05:00:33 ----HDC---- E:\WINDOWS\$NtUninstallKB954600$
2008-12-30 05:00:27 ----HDC---- E:\WINDOWS\$NtUninstallKB954211$
2008-12-30 05:00:20 ----HDC---- E:\WINDOWS\$NtUninstallKB952954$
2008-12-30 05:00:13 ----HDC---- E:\WINDOWS\$NtUninstallKB952287$
2008-12-30 05:00:08 ----HDC---- E:\WINDOWS\$NtUninstallKB951698$
2008-12-30 05:00:01 ----HDC---- E:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-30 04:59:54 ----HDC---- E:\WINDOWS\$NtUninstallKB951066$
2008-12-30 04:59:49 ----HDC---- E:\WINDOWS\$NtUninstallKB950974$
2008-12-30 04:59:43 ----HDC---- E:\WINDOWS\$NtUninstallKB950762$
2008-12-30 04:59:38 ----HDC---- E:\WINDOWS\$NtUninstallKB946648$
2008-12-30 04:59:34 ----HDC---- E:\WINDOWS\$NtUninstallKB938464$
2008-12-30 04:59:09 ----HD---- E:\WINDOWS\PIF
2008-12-30 04:56:56 ----D---- E:\WINDOWS\system32\fr-fr
2008-12-30 04:56:56 ----D---- E:\WINDOWS\system32\fr
2008-12-30 04:56:56 ----D---- E:\WINDOWS\l2schemas
2008-12-30 04:56:55 ----D---- E:\WINDOWS\system32\bits
2008-12-30 04:54:37 ----D---- E:\WINDOWS\ServicePackFiles
2008-12-30 04:51:10 ----D---- E:\WINDOWS
etwork diagnostic
2008-12-30 04:47:12 ----HDC---- E:\WINDOWS\$NtServicePackUninstall$
2008-12-30 04:32:20 ----D---- E:\Documents and Settings\hackeu\Application Data\Google
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\vxblock.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxwave.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxmas.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxhpinst.exe
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxdrv.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\px.dll
2008-12-30 04:07:19 ----D---- E:\WINDOWS\system32\IOSUBSYS
2008-12-30 04:07:13 ----D---- E:\Program Files\Google
2008-12-30 03:57:00 ----D---- E:\Program Files\Fichiers communs\Macromedia
2008-12-30 03:56:48 ----D---- E:\Program Files\Macromedia
2008-12-30 03:56:48 ----D---- E:\Documents and Settings\All Users\Application Data\Macromedia
2008-12-30 03:56:13 ----D---- E:\WINDOWS\Downloaded Installations
2008-12-29 20:14:21 ----D---- E:\Program Files\Fichiers communs\Adobe
2008-12-29 20:14:19 ----D---- E:\Program Files\Adobe
2008-12-29 20:14:11 ----A---- E:\WINDOWS\unin040c.exe
2008-12-29 19:47:37 ----D---- E:\Program Files\Sqirlz Morph
2008-12-29 19:47:37 ----A---- E:\WINDOWS\Sqirlz Morph Uninstaller.exe
2008-12-29 12:36:00 ----A---- E:\WINDOWS\system32
vunrm.exe
2008-12-29 05:16:46 ----A---- E:\WINDOWS\system32\wmpns.dll
2008-12-29 02:22:51 ----D---- E:\Program Files\PhotoFiltre
2008-12-28 20:48:35 ----D---- E:\Program Files\Rockstar Games
2008-12-28 20:41:02 ----A---- E:\WINDOWS\CoD.INI
2008-12-28 19:23:15 ----A---- E:\WINDOWS\system32\NCTWMAFile2.dll
2008-12-28 19:23:15 ----A---- E:\WINDOWS\system32\NCTAudioVisualization2.dll
2008-12-28 19:23:15 ----A---- E:\WINDOWS\system32\NCTAudioTransform2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioRecord2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioPlayer2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioInformation2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioFile2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioEditor2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioDisplay2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioDesign2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2008-12-28 19:23:08 ----A---- E:\WINDOWS\system32\NMSDVDXU.dll
2008-12-28 19:23:08 ----A---- E:\WINDOWS\system32\msvcr71d.dll
2008-12-28 19:23:08 ----A---- E:\WINDOWS\system32\msvcr70.dll
2008-12-28 19:23:07 ----D---- E:\Program Files\Audio Studio Gold
2008-12-28 18:54:42 ----D---- E:\Program Files\Electronic Arts
2008-12-28 16:06:59 ----D---- E:\Program Files\FileZilla FTP Client
2008-12-28 16:06:14 ----D---- E:\WINDOWS\Sun
2008-12-28 14:43:26 ----D---- E:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-28 14:35:59 ----N---- E:\WINDOWS\system32\spmsg.dll
2008-12-28 14:35:58 ----HDC---- E:\WINDOWS\$NtUninstallKB935448$
2008-12-28 10:16:11 ----N---- E:\WINDOWS\system32\xmllite.dll
2008-12-28 10:16:07 ----N---- E:\WINDOWS\system32\wmphoto.dll
2008-12-28 10:16:02 ----N---- E:\WINDOWS\system32\wlanapi.dll
2008-12-28 10:16:01 ----N---- E:\WINDOWS\system32\windowscodecsext.dll
2008-12-28 10:16:01 ----N---- E:\WINDOWS\system32\windowscodecs.dll
2008-12-28 10:15:58 ----N---- E:\WINDOWS\system32\verclsid.exe
2008-12-28 10:15:53 ----N---- E:\WINDOWS\system32	spkg.dll
2008-12-28 10:15:53 ----N---- E:\WINDOWS\system32	sgqec.dll
2008-12-28 10:15:46 ----N---- E:\WINDOWS\system32\spupdwxp.exe
2008-12-28 10:15:45 ----A---- E:\WINDOWS\system32\spdwnwxp.exe
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slserv.exe
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slrundll.exe
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slgen.dll
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slextspk.dll
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slcoinst.dll
2008-12-28 10:15:43 ----N---- E:\WINDOWS\slrundll.exe
2008-12-28 10:15:40 ----N---- E:\WINDOWS\system32\setupn.exe
2008-12-28 10:15:37 ----N---- E:\WINDOWS\system32\s3gnb.dll
2008-12-28 10:15:35 ----N---- E:\WINDOWS\system32httpaa.dll
2008-12-28 10:15:34 ----N---- E:\WINDOWS\system32asqec.dll
2008-12-28 10:15:33 ----N---- E:\WINDOWS\system32\qutil.dll
2008-12-28 10:15:32 ----N---- E:\WINDOWS\system32\qcliprov.dll
2008-12-28 10:15:32 ----N---- E:\WINDOWS\system32\qagentrt.dll
2008-12-28 10:15:32 ----N---- E:\WINDOWS\system32\qagent.dll
2008-12-28 10:15:30 ----N---- E:\WINDOWS\system32\photometadatahandler.dll
2008-12-28 10:15:26 ----N---- E:\WINDOWS\system32\onex.dll
2008-12-28 10:15:13 ----N---- E:\WINDOWS\system32
apstat.exe
2008-12-28 10:15:13 ----N---- E:\WINDOWS\system32
apmontr.dll
2008-12-28 10:15:13 ----N---- E:\WINDOWS\system32
apipsec.dll
2008-12-28 10:15:12 ----N---- E:\WINDOWS\system32\mtxparhd.dll
2008-12-28 10:15:11 ----N---- E:\WINDOWS\system32\msxml6r.dll
2008-12-28 10:15:11 ----N---- E:\WINDOWS\system32\msxml6.dll
2008-12-28 10:15:08 ----N---- E:\WINDOWS\system32\msshavmsg.dll
2008-12-28 10:15:08 ----N---- E:\WINDOWS\system32\mssha.dll
2008-12-28 10:14:48 ----N---- E:\WINDOWS\system32\mmcperf.exe
2008-12-28 10:14:48 ----N---- E:\WINDOWS\system32\mmcfxcommon.dll
2008-12-28 10:14:48 ----N---- E:\WINDOWS\system32\mmcex.dll
2008-12-28 10:14:47 ----N---- E:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-28 10:14:44 ----N---- E:\WINDOWS\system32\mdmxsdk.dll
2008-12-28 10:14:32 ----N---- E:\WINDOWS\system32\l2gpstore.dll
2008-12-28 10:14:30 ----N---- E:\WINDOWS\system32\kmsvc.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdpash.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdnepr.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdiultn.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdbhc.dll
2008-12-28 10:14:24 ----N---- E:\WINDOWS\system32\smtpapi.dll
2008-12-28 10:14:23 ----N---- E:\WINDOWS\system32wnh.dll
2008-12-28 10:14:21 ----N---- E:\WINDOWS\system32\comsdupd.exe
2008-12-28 10:14:13 ----N---- E:\WINDOWS\system32\hsfcisp2.dll
2008-12-28 10:14:04 ----A---- E:\WINDOWS\002751_.tmp
2008-12-28 10:14:03 ----N---- E:\WINDOWS\system32\faxpatch.exe
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapsvc.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapqec.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eappprxy.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapphost.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eappgnui.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eappcfg.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapp3hst.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapolqec.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3ui.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3svc.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3msm.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3gpclnt.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3dlg.dll
2008-12-28 10:13:55 ----N---- E:\WINDOWS\system32\dot3cfg.dll
2008-12-28 10:13:55 ----N---- E:\WINDOWS\system32\dot3api.dll
2008-12-28 10:13:53 ----N---- E:\WINDOWS\system32\dimsroam.dll
2008-12-28 10:13:53 ----N---- E:\WINDOWS\system32\dimsntfy.dll
2008-12-28 10:13:52 ----N---- E:\WINDOWS\system32\dhcpqec.dll
2008-12-28 10:13:47 ----N---- E:\WINDOWS\system32\credssp.dll
2008-12-28 10:13:38 ----N---- E:\WINDOWS\system32\bitsprx4.dll
2008-12-28 10:13:37 ----N---- E:\WINDOWS\system32\azroles.dll
2008-12-28 10:13:34 ----N---- E:\WINDOWS\system32\ativvaxx.dll
2008-12-28 10:13:34 ----N---- E:\WINDOWS\system32\ativtmxx.dll
2008-12-28 10:13:33 ----N---- E:\WINDOWS\system32\ati3duag.dll
2008-12-28 10:13:33 ----N---- E:\WINDOWS\system32\ati3d1ag.dll
2008-12-28 10:13:32 ----N---- E:\WINDOWS\system32\ati2dvag.dll
2008-12-28 10:13:32 ----N---- E:\WINDOWS\system32\ati2dvaa.dll
2008-12-28 10:13:32 ----N---- E:\WINDOWS\system32\ati2cqag.dll
2008-12-28 10:13:21 ----N---- E:\WINDOWS\system32\aaclient.dll
2008-12-28 09:58:26 ----A---- E:\WINDOWS\system32\muweb.dll
2008-12-28 09:58:26 ----A---- E:\WINDOWS\system32\mucltui.dll.mui
2008-12-28 09:58:26 ----A---- E:\WINDOWS\system32\mucltui.dll
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\javaws.exe
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\javaw.exe
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\java.exe
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\deploytk.dll
2008-12-28 04:06:27 ----D---- E:\Program Files\Java
2008-12-28 04:05:23 ----D---- E:\Documents and Settings\hackeu\Application Data\Sun
2008-12-28 02:08:45 ----D---- E:\Program Files\NudgeMania
2008-12-28 01:53:03 ----A---- E:\WINDOWS\system32	sccvid.dll
2008-12-28 01:53:02 ----D---- E:\WINDOWS\system32\QuickTime
2008-12-28 01:52:58 ----D---- E:\Documents and Settings\All Users\Application Data\TechSmith
2008-12-28 01:52:46 ----D---- E:\Program Files\Fichiers communs\TechSmith Shared
2008-12-28 01:52:43 ----D---- E:\Program Files\TechSmith
2008-12-28 01:46:28 ----D---- E:\Program Files\Avira
2008-12-28 01:40:04 ----D---- E:\Documents and Settings\hackeu\Application Data\ALLCapture
2008-12-28 00:29:05 ----D---- E:\Documents and Settings\hackeu\Application Data\vlc
2008-12-28 00:15:11 ----D---- E:\Program Files\VideoLAN
2008-12-27 23:04:51 ----D---- E:\Documents and Settings\All Users\Application Data
View_Profiles
2008-12-27 22:44:36 ----A---- E:\WINDOWS\system32\vfwwdm32.dll
2008-12-27 22:40:50 ----A---- E:\WINDOWS\BricoPackUninst.cmd
2008-12-27 22:39:43 ----A---- E:\WINDOWS\BricoPackUninst.txt
2008-12-27 22:39:43 ----A---- E:\WINDOWS\BricoPackFoldersDelete.cmd
2008-12-27 22:39:26 ----D---- E:\WINDOWS\BricoPacks
2008-12-27 22:28:30 ----A---- E:\WINDOWS\system32\TUProgSt.exe
2008-12-27 22:28:29 ----A---- E:\WINDOWS\system32\uxtuneup.dll
2008-12-27 22:28:28 ----A---- E:\WINDOWS\system32\TuneUpDefragService.exe
2008-12-27 22:28:27 ----D---- E:\Documents and Settings\hackeu\Application Data\TuneUp Software
2008-12-27 22:28:19 ----D---- E:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-12-27 22:28:18 ----D---- E:\Program Files\TuneUp Utilities 2009
2008-12-27 22:28:03 ----SHD---- E:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-27 21:40:25 ----D---- E:\Documents and Settings\hackeu\Application Data\gtk-2.0
2008-12-27 21:37:01 ----D---- E:\Program Files\GIMP-2.0
2008-12-27 21:17:12 ----A---- E:\WINDOWS\system32\Remover.ini
2008-12-27 21:17:12 ----A---- E:\WINDOWS\system32\Remove.exe
2008-12-27 21:17:10 ----D---- E:\WINDOWS\PixArt
2008-12-27 21:17:10 ----D---- E:\Program Files\PC Camera
2008-12-27 21:17:10 ----D---- E:\Program Files\Fichiers communs\PAC207
2008-12-27 21:13:21 ----D---- E:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-12-27 20:37:16 ----D---- E:\Program Files\Messenger Plus! Live
2008-12-27 20:20:18 ----SHDC---- E:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-12-27 20:20:00 ----D---- E:\Program Files\Windows Live
2008-12-27 20:19:51 ----D---- E:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-27 15:20:21 ----D---- E:\dowloads
2008-12-27 13:40:42 ----D---- E:\WINDOWS\system32\Lang
2008-12-27 13:37:49 ----R---- E:\WINDOWS\system32\ChCfg.exe
2008-12-27 13:37:27 ----D---- E:\WINDOWS\system32\RTCOM
2008-12-27 13:37:26 ----A---- E:\WINDOWS\system32\ksuser.dll
2008-12-27 13:36:58 ----HDC---- E:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-12-27 13:36:55 ----R---- E:\WINDOWS\SoundMan.exe
2008-12-27 13:36:55 ----R---- E:\WINDOWS\SkyTel.exe
2008-12-27 13:36:54 ----R---- E:\WINDOWS\RtlUpd.exe
2008-12-27 13:36:51 ----R---- E:\WINDOWS\RTLCPL.exe
2008-12-27 13:36:45 ----R---- E:\WINDOWS\RTHDCPL.exe
2008-12-27 13:36:44 ----R---- E:\WINDOWS\MicCal.exe
2008-12-27 13:36:42 ----R---- E:\WINDOWS\Alcmtr.exe
2008-12-27 13:36:41 ----R---- E:\WINDOWS\alcwzrd.exe
2008-12-27 13:36:40 ----D---- E:\Program Files\Realtek
2008-12-27 13:36:35 ----R---- E:\WINDOWS\RtlExUpd.dll
2008-12-27 13:36:35 ----A---- E:\WINDOWS\HideWin.exe
2008-12-27 13:36:08 ----A---- E:\WINDOWS\system32\XAudio2_1.dll
2008-12-27 13:36:08 ----A---- E:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\xactengine3_1.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\d3dx10_38.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-27 13:36:06 ----A---- E:\WINDOWS\system32\XAudio2_0.dll
2008-12-27 13:36:06 ----A---- E:\WINDOWS\system32\xactengine3_0.dll
2008-12-27 13:36:06 ----A---- E:\WINDOWS\system32\D3DX9_38.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\D3DX9_37.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\d3dx10_37.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-27 13:36:04 ----A---- E:\WINDOWS\system32\xactengine2_10.dll
2008-12-27 13:36:04 ----A---- E:\WINDOWS\system32\d3dx10_36.dll
2008-12-27 13:36:03 ----A---- E:\WINDOWS\system32\xactengine2_9.dll
2008-12-27 13:36:03 ----A---- E:\WINDOWS\system32\d3dx9_36.dll
2008-12-27 13:36:03 ----A---- E:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-27 13:36:02 ----A---- E:\WINDOWS\system32\d3dx9_35.dll
2008-12-27 13:36:02 ----A---- E:\WINDOWS\system32\d3dx10_35.dll
2008-12-27 13:36:02 ----A---- E:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\xactengine2_8.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\X3DAudio1_2.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\d3dx9_34.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\d3dx10_34.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\D3DCompiler_34.dll
2008-12-27 13:36:00 ----A---- E:\WINDOWS\system32\xinput1_3.dll
2008-12-27 13:36:00 ----A---- E:\WINDOWS\system32\xactengine2_7.dll
2008-12-27 13:35:59 ----A---- E:\WINDOWS\system32\d3dx10_33.dll
2008-12-27 13:35:59 ----A---- E:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\xactengine2_6.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\xactengine2_5.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\d3dx9_33.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\d3dx9_32.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xinput1_2.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xactengine2_4.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xactengine2_3.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xactengine2_2.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\x3daudio1_1.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\d3dx9_31.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\xinput1_1.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\xactengine2_1.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\xactengine2_0.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\x3daudio1_0.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\d3dx9_30.dll
2008-12-27 13:35:54 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2008-12-27 13:35:54 ----A---- E:\WINDOWS\system32\d3dx9_29.dll
2008-12-27 13:35:53 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2008-12-27 13:35:53 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2008-12-27 13:35:52 ----A---- E:\WINDOWS\system32\d3dx9_24.dll
2008-12-27 13:35:47 ----D---- E:\WINDOWS\Logs
2008-12-27 13:30:06 ----D---- E:\Program Files\Activision
2008-12-27 13:14:05 ----HDC---- E:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-27 13:13:40 ----SHD---- E:\WINDOWS\ftpcache
2008-12-27 13:12:16 ----HDC---- E:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-12-27 13:12:09 ----HDC---- E:\WINDOWS\$NtUninstallKB952954_0$
2008-12-27 13:12:03 ----HDC---- E:\WINDOWS\$NtUninstallKB946648_0$
2008-12-27 13:11:57 ----HDC---- E:\WINDOWS\$NtUninstallKB956803_0$
2008-12-27 13:11:50 ----HDC---- E:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-27 13:11:36 ----HDC---- E:\WINDOWS\$NtUninstallKB955839$
2008-12-27 13:11:30 ----HDC---- E:\WINDOWS\$NtUninstallKB956391$
2008-12-27 13:11:24 ----HDC---- E:\WINDOWS\$NtUninstallKB957095_0$
2008-12-27 13:11:02 ----HDC---- E:\WINDOWS\$NtUninstallKB958215_0$
2008-12-27 13:09:47 ----A---- E:\WINDOWS\system32\MRT.exe
2008-12-27 13:09:40 ----HDC---- E:\WINDOWS\$NtUninstallKB950974_0$
2008-12-27 13:09:34 ----HDC---- E:\WINDOWS\$NtUninstallKB951698_0$
2008-12-27 13:09:27 ----HDC---- E:\WINDOWS\$NtUninstallKB954211_0$
2008-12-27 13:09:15 ----HDC---- E:\WINDOWS\$NtUninstallKB956841_0$
2008-12-27 13:09:02 ----HDC---- E:\WINDOWS\$NtUninstallKB960714_0$
2008-12-27 13:08:56 ----HDC---- E:\WINDOWS\$NtUninstallKB950762_0$
2008-12-27 13:08:49 ----HDC---- E:\WINDOWS\$NtUninstallKB957097_0$
2008-12-27 13:08:42 ----HDC---- E:\WINDOWS\$NtUninstallKB952287_0$
2008-12-27 13:08:36 ----HDC---- E:\WINDOWS\$NtUninstallKB951066_0$
2008-12-27 13:08:29 ----HDC---- E:\WINDOWS\$NtUninstallKB938464_0$
2008-12-27 13:08:18 ----HDC---- E:\WINDOWS\$NtUninstallKB954600_0$
2008-12-27 13:08:12 ----HDC---- E:\WINDOWS\$NtUninstallKB958644_0$
2008-12-27 13:08:08 ----HDC---- E:\WINDOWS\$NtUninstallKB955069_0$
2008-12-27 13:08:04 ----HDC---- E:\WINDOWS\$NtUninstallKB956802_0$
2008-12-27 13:07:56 ----HDC---- E:\WINDOWS\$NtUninstallKB944338-v2$
2008-12-27 13:07:03 ----D---- E:\Program Files\Alcohol Soft
2008-12-27 12:47:26 ----D---- E:\Documents and Settings\hackeu\Application Data\WinRAR
2008-12-27 12:46:50 ----D---- E:\Program Files\WinRAR
2008-12-27 12:22:41 ----D---- E:\WINDOWS\system32\AGEIA
2008-12-27 12:22:41 ----D---- E:\Program Files\AGEIA Technologies
2008-12-27 12:22:36 ----D---- E:\Program Files\Fichiers communs\Wise Installation Wizard
2008-12-27 12:22:16 ----D---- E:\WINDOWS\system32\ReinstallBackups
2008-12-27 12:03:01 ----D---- E:\WINDOWS\system32\PreInstall
2008-12-27 12:03:01 ----A---- E:\WINDOWS\system32\spupdsvc.exe
2008-12-27 12:03:00 ----HDC---- E:\WINDOWS\$NtUninstallKB898461$
2008-12-27 12:03:00 ----HD---- E:\WINDOWS\$hf_mig$
2008-12-27 12:00:50 ----D---- E:\WINDOWS
view
2008-12-27 12:00:49 ----A---- E:\WINDOWS\system32
vudisp.exe
2008-12-27 12:00:48 ----RA---- E:\WINDOWS\system32\MadCHook.dll
2008-12-27 12:00:47 ----RA---- E:\WINDOWS\system32\smdll.dll
2008-12-27 12:00:46 ----A---- E:\WINDOWS\system32\d3dx9_28.dll
2008-12-27 12:00:45 ----RA---- E:\WINDOWS\system32\msvcr80.dll
2008-12-27 12:00:45 ----RA---- E:\WINDOWS\system32\Auxiliary.dll
2008-12-27 12:00:45 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2008-12-27 12:00:44 ----RA---- E:\WINDOWS\system32\WinSys2.exe
2008-12-27 12:00:44 ----RA---- E:\WINDOWS\system32\HookShield.dll
2008-12-27 12:00:44 ----RA---- E:\WINDOWS\system32\HookMAp.dll
2008-12-27 12:00:43 ----RA---- E:\WINDOWS\system32\msicpl.dll
2008-12-27 12:00:09 ----A---- E:\WINDOWS\system32\NVUNINST.EXE
2008-12-25 00:26:19 ----A---- E:\WINDOWS\system32\h323log.txt
2008-12-25 00:21:27 ----A---- E:\WINDOWS\system32\hidserv.dll
2008-12-25 00:20:23 ----A---- E:\WINDOWS\system32\usbui.dll
2008-12-25 00:19:21 ----A---- E:\WINDOWS\imsins.BAK
2008-12-25 00:19:19 ----SHD---- E:\WINDOWS\Installer
2008-12-25 00:19:19 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2008-12-25 00:19:18 ----D---- E:\Program Files\Fichiers communs\ODBC
2008-12-25 00:19:18 ----A---- E:\WINDOWS\ODBCINST.INI
2008-12-25 00:19:12 ----D---- E:\Program Files\Fichiers communs\SpeechEngines
2008-12-25 00:19:10 ----RD---- E:\Program Files
2008-12-25 00:19:10 ----D---- E:\Program Files\Fichiers communs\Microsoft Shared
2008-12-25 00:19:10 ----D---- E:\Program Files\Fichiers communs
2008-12-25 00:19:03 ----RA---- E:\WINDOWS\system32\kbdtuq.dll
2008-12-25 00:19:03 ----RA---- E:\WINDOWS\system32\kbdtuf.dll
2008-12-25 00:19:03 ----RA---- E:\WINDOWS\system32\kbdazel.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbduzb.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdtat.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdmon.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdkyr.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdkaz.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdaze.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdycc.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdur.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdru1.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdru.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdbu.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdblr.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhept.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhela3.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhela2.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhe319.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhe220.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhe.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdgkl.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlv1.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlv.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlt1.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlt.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdest.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdycl.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdsl1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdsl.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdro.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdpl1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdpl.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdhu1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdhu.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcz2.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcz1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcz.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcr.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\KBDAL.DLL
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\spxcoins.dll
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\irclass.dll
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\dgsetup.dll
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\dgrpsetu.dll
2008-12-25 00:18:50 ----A---- E:\WINDOWS\system32\EqnClass.Dll
2008-12-25 00:18:48 ----A---- E:\WINDOWS\TASKMAN.EXE
2008-12-25 00:18:47 ----N---- E:\WINDOWS\system32\CONFIG.TMP
2008-12-25 00:18:47 ----A---- E:\WINDOWS\system32\batt.dll
2008-12-25 00:18:46 ----A---- E:\WINDOWS\system32\storprop.dll
2008-12-25 00:18:46 ----A---- E:\WINDOWS
otepad.exe
2008-12-25 00:18:39 ----ASH---- E:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-25 00:16:57 ----RA---- E:\WINDOWS\SET8.tmp
2008-12-25 00:16:53 ----RA---- E:\WINDOWS\SET4.tmp
2008-12-25 00:16:52 ----RA---- E:\WINDOWS\SET3.tmp
2008-12-25 00:16:47 ----D---- E:\WINDOWS\system32\CatRoot2
2008-12-25 00:16:47 ----D---- E:\WINDOWS\system32\CatRoot
2008-12-25 00:16:42 ----SD---- E:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-25 00:16:27 ----A---- E:\WINDOWS\setuplog.txt
2008-12-25 00:16:24 ----SHD---- E:\System Volume Information
2008-12-25 00:16:24 ----D---- E:\Documents and Settings
2008-12-25 00:11:45 ----RSHDC---- E:\WINDOWS\system32\dllcache
2008-12-25 00:11:45 ----RSD---- E:\WINDOWS\Fonts
2008-12-25 00:11:45 ----RD---- E:\WINDOWS\Web
2008-12-25 00:11:45 ----HD---- E:\WINDOWS\inf
2008-12-25 00:11:45 ----D---- E:\WINDOWS\WinSxS
2008-12-25 00:11:45 ----D---- E:\WINDOWS	wain_32
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Temp
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\wins
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\wbem
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\usmt
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\spool
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\ShellExt
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\Setup
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32as
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\oobe
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32
pp
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\mui
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\inetsrv
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\IME
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\icsxml
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\ias
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\export
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\drivers
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\dhcp
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\config
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\3com_dmi
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\3076
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\2052
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1054
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1042
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1041
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1037
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1036
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1033
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1031
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1028
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1025
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system
2008-12-25 00:11:45 ----D---- E:\WINDOWS\security
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Resources
2008-12-25 00:11:45 ----D---- E:\WINDOWSepair
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Provisioning
2008-12-25 00:11:45 ----D---- E:\WINDOWS\PeerNet
2008-12-25 00:11:45 ----D---- E:\WINDOWS\pchealth
2008-12-25 00:11:45 ----D---- E:\WINDOWS\mui
2008-12-25 00:11:45 ----D---- E:\WINDOWS\msapps
2008-12-25 00:11:45 ----D---- E:\WINDOWS\msagent
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Media
2008-12-25 00:11:45 ----D---- E:\WINDOWS\java
2008-12-25 00:11:45 ----D---- E:\WINDOWS\ime
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Help
2008-12-25 00:11:45 ----D---- E:\WINDOWS\ehome
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Driver Cache
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Debug
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Cursors
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Connection Wizard
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Config
2008-12-25 00:11:45 ----D---- E:\WINDOWS\AppPatch
2008-12-25 00:11:45 ----D---- E:\WINDOWS\addins
2008-12-25 00:11:45 ----D---- E:\WINDOWS
2008-12-24 23:59:01 ----D---- E:\Program Files\ma-config.com
2008-12-24 23:59:01 ----D---- E:\Documents and Settings\All Users\Application Data\ma-config.com
2008-12-24 23:57:45 ----D---- E:\Documents and Settings\hackeu\Application Data\Mozilla
2008-12-24 23:57:40 ----D---- E:\Program Files\Mozilla Firefox
2008-12-24 23:56:58 ----SHD---- E:\RECYCLER
2008-12-24 23:52:08 ----D---- E:\Program Files\MSN Messenger
2008-12-24 23:45:14 ----D---- E:\Documents and Settings\hackeu\Application Data\Adobe
2008-12-24 23:45:02 ----D---- E:\Documents and Settings\hackeu\Application Data\Macromedia
2008-12-24 23:44:55 ----D---- E:\WINDOWS\system32\SoftwareDistribution
2008-12-24 23:41:47 ----DC---- E:\WINDOWS\system32\DRVSTORE
2008-12-24 23:41:40 ----A---- E:\WINDOWS\system32\Install7x.dll
2008-12-24 23:41:40 ----A---- E:\WINDOWS\system32\AegisI5.exe
2008-12-24 23:41:11 ----HD---- E:\Program Files\InstallShield Installation Information
2008-12-24 23:40:58 ----D---- E:\Program Files\RALINK
2008-12-24 23:40:56 ----D---- E:\Program Files\Fichiers communs\InstallShield
2008-12-24 23:38:19 ----D---- E:\Documents and Settings\hackeu\Application Data\Identities
2008-12-24 23:38:18 ----HD---- E:\Program Files\Uninstall Information
2008-12-24 23:38:09 ----ASH---- E:\Documents and Settings\hackeu\Application Data\desktop.ini
2008-12-24 23:38:08 ----SD---- E:\Documents and Settings\hackeu\Application Data\Microsoft
2008-12-24 23:37:35 ----D---- E:\WINDOWS\SoftwareDistribution
2008-12-24 23:37:34 ----SD---- E:\WINDOWS\system32\Microsoft
2008-12-24 23:37:34 ----A---- E:\WINDOWS\SchedLgU.Txt
2008-12-24 23:33:22 ----D---- E:\WINDOWS\system32\xircom
2008-12-24 23:33:22 ----D---- E:\Program Files\xerox
2008-12-24 23:33:22 ----D---- E:\Program Files\microsoft frontpage
2008-12-24 23:33:03 ----A---- E:\WINDOWS\control.ini
2008-12-24 23:32:52 ----A---- E:\WINDOWS\OEWABLog.txt
2008-12-24 23:32:49 ----A---- E:\WINDOWS\system32\mapi32.dll
2008-12-24 23:32:10 ----SD---- E:\WINDOWS\Downloaded Program Files
2008-12-24 23:32:10 ----RD---- E:\WINDOWS\Offline Web Pages
2008-12-24 23:32:10 ----RAH---- E:\WINDOWS\system32\logonui.exe.manifest
2008-12-24 23:32:06 ----RAH---- E:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-24 23:32:02 ----HD---- E:\Program Files\WindowsUpdate
2008-12-24 23:31:59 ----D---- E:\Program Files\Services en ligne
2008-12-24 23:31:37 ----D---- E:\WINDOWS\system32\DirectX
2008-12-24 23:30:56 ----A---- E:\WINDOWS\system32\atrace.dll
2008-12-24 23:30:51 ----A---- E:\WINDOWS\system32\desktop.ini
2008-12-24 23:30:51 ----A---- E:\WINDOWS\desktop.ini
2008-12-24 23:30:42 ----A---- E:\WINDOWS\system32
mevtmsg.dll
2008-12-24 23:30:41 ----A---- E:\WINDOWS\system32\acctres.dll
2008-12-24 23:30:40 ----D---- E:\Program Files\Fichiers communs\Services
2008-12-24 23:30:37 ----SD---- E:\WINDOWS\Tasks
2008-12-24 23:30:37 ----A---- E:\WINDOWS\system32\icfgnt5.dll
2008-12-24 23:30:36 ----D---- E:\Program Files\Fichiers communs\MSSoap
2008-12-24 23:30:31 ----D---- E:\WINDOWS\srchasst
2008-12-24 23:30:29 ----D---- E:\WINDOWS\system32\Macromed
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuweb.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wups.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wucltui.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuauserv.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuaueng1.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuaueng.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuauclt1.exe
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuauclt.exe
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuapi.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\qmgrprxy.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\qmgr.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\bitsprx3.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\bitsprx2.dll
2008-12-24 23:30:20 ----D---- E:\Program Files\Movie Maker
2008-12-24 23:30:14 ----A---- E:\WINDOWS\system32\safrslv.dll
2008-12-24 23:30:14 ----A---- E:\WINDOWS\system32\safrdm.dll
2008-12-24 23:30:14 ----A---- E:\WINDOWS\system32\safrcdlg.dll
2008-12-24 23:30:13 ----A---- E:\WINDOWS\system32acpldlg.dll
2008-12-24 23:30:04 ----A---- E:\WINDOWS\system32\fltmc.exe
2008-12-24 23:30:04 ----A---- E:\WINDOWS\system32\fltlib.dll
2008-12-24 23:30:03 ----D---- E:\WINDOWS\system32\Restore
2008-12-24 23:30:03 ----A---- E:\WINDOWS\system32\srrstr.dll
2008-12-24 23:30:02 ----A---- E:\WINDOWS\system32\srsvc.dll
2008-12-24 23:30:02 ----A---- E:\WINDOWS\system32\srclient.dll
2008-12-24 23:30:00 ----A---- E:\WINDOWS\system32\mnmdd.dll
2008-12-24 23:30:00 ----A---- E:\WINDOWS\system32\isrdbg32.dll
2008-12-24 23:30:00 ----A---- E:\WINDOWS\system32\ils.dll
2008-12-24 23:29:59 ----A---- E:\WINDOWS\system32
mmkcert.dll
2008-12-24 23:29:59 ----A---- E:\WINDOWS\system32\msconf.dll
2008-12-24 23:29:59 ----A---- E:\WINDOWS\system32\mnmsrvc.exe
2008-12-24 23:29:52 ----D---- E:\Program Files\NetMeeting
2008-12-24 23:29:52 ----A---- E:\WINDOWS\system32\msoert2.dll
2008-12-24 23:29:52 ----A---- E:\WINDOWS\system32\msoeacct.dll
2008-12-24 23:29:50 ----A---- E:\WINDOWS\system32\inetres.dll
2008-12-24 23:29:49 ----A---- E:\WINDOWS\system32\inetcomm.dll
2008-12-24 23:29:46 ----D---- E:\Program Files\Outlook Express
2008-12-24 23:29:46 ----A---- E:\WINDOWS\system32\schedsvc.dll
2008-12-24 23:29:45 ----A---- E:\WINDOWS\system32\mstinit.exe
2008-12-24 23:29:45 ----A---- E:\WINDOWS\system32\mstask.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\isign32.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\inetcfg.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\icwphbk.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\icwdial.dll
2008-12-24 23:29:34 ----D---- E:\Program Files\Fichiers communs\System
2008-12-24 23:29:33 ----D---- E:\Program Files\Internet Explorer
2008-12-24 23:29:06 ----D---- E:\Program Files\ComPlus Applications
2008-12-24 23:29:04 ----A---- E:\WINDOWS\vbaddin.ini
2008-12-24 23:29:04 ----A---- E:\WINDOWS\vb.ini
2008-12-24 23:29:01 ----D---- E:\WINDOWS\Registration
2008-12-24 23:28:56 ----D---- E:\Program Files\Windows Media Player
2008-12-24 23:28:56 ----D---- E:\Program Files\Online Services
2008-12-24 23:28:48 ----D---- E:\Program Files\Messenger
2008-12-24 23:28:36 ----D---- E:\Program Files\MSN Gaming Zone
2008-12-24 23:28:36 ----A---- E:\WINDOWS\system32\write.exe
2008-12-24 23:28:21 ----A---- E:\WINDOWS\system32\sndvol32.exe
2008-12-24 23:28:20 ----A---- E:\WINDOWS\system32\hticons.dll
2008-12-24 23:28:20 ----A---- E:\WINDOWS\system32\avwav.dll
2008-12-24 23:28:19 ----A---- E:\WINDOWS\system32\avtapi.dll
2008-12-24 23:28:19 ----A---- E:\WINDOWS\system32\avmeter.dll
2008-12-24 23:28:18 ----A---- E:\WINDOWS\system32\winchat.exe
2008-12-24 23:28:02 ----A---- E:\WINDOWS\system32\getuname.dll
2008-12-24 23:28:02 ----A---- E:\WINDOWS\system32\charmap.exe
2008-12-24 23:28:01 ----A---- E:\WINDOWS\system32\calc.exe
2008-12-24 23:28:00 ----A---- E:\WINDOWS\system32\sol.exe
2008-12-24 23:27:59 ----A---- E:\WINDOWS\system32\winmine.exe
2008-12-24 23:27:59 ----A---- E:\WINDOWS\system32\mshearts.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32\usrlogon.cmd
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	sshutdn.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	slabels.ini
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	skill.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	sdiscon.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	scon.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32eset.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32\freecell.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\shadow.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32winsta.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32egini.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32dpcfgex.dll
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\qwinsta.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\qappsrv.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\msg.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\logoff.exe
2008-12-24 23:27:56 ----A---- E:\WINDOWS\system32\msdtcprf.ini
2008-12-24 23:27:56 ----A---- E:\WINDOWS\system32\cdmodem.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\mtxlegih.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\mtxex.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\mtxdm.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\dcomcnfg.exe
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\stclient.dll
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\comsnap.dll
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\comrepl.dll
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\comaddin.dll
2008-12-24 23:27:47 ----A---- E:\WINDOWS\system32\wmimgmt.msc
2008-12-24 23:27:33 ----D---- E:\Program Files\MSN
2008-12-24 23:27:31 ----A---- E:\WINDOWS\system32\accwiz.exe
2008-12-24 23:27:30 ----A---- E:\WINDOWS\system32\sndrec32.exe
2008-12-24 23:27:30 ----A---- E:\WINDOWS\system32\mplay32.exe
2008-12-24 23:27:29 ----A---- E:\WINDOWS\system32\hypertrm.dll
2008-12-24 23:27:28 ----D---- E:\Program Files\Windows NT
2008-12-24 23:27:28 ----A---- E:\WINDOWS\system32\mspaint.exe
2008-12-24 23:27:27 ----A---- E:\WINDOWS\system32\clipbrd.exe
2008-12-24 23:27:26 ----A---- E:\WINDOWS\system32	scfgwmi.dll
2008-12-24 23:27:26 ----A---- E:\WINDOWS\system32\spider.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32\sessmgr.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32emotepg.dll
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32dshost.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32dsaddin.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32dchost.dll
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32\mstscax.dll
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32\mstsc.exe
2008-12-24 23:27:24 ----A---- E:\WINDOWS\system32	scupgrd.exe
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32	ermsrv.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32dpwsx.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32dpsnd.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32dpclip.exe
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32\qprocess.exe
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32\icaapi.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32\cfgbkend.dll
2008-12-24 23:27:22 ----D---- E:\WINDOWS\system32\MsDtc
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\xolehlp.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\mtxoci.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\msdtcuiu.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\msdtctm.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\msdtcprx.dll
2008-12-24 23:27:21 ----A---- E:\WINDOWS\system32\msdtclog.dll
2008-12-24 23:27:21 ----A---- E:\WINDOWS\system32\msdtc.exe
2008-12-24 23:27:20 ----D---- E:\WINDOWS\system32\Com
2008-12-24 23:27:20 ----A---- E:\WINDOWS\system32\colbact.dll
2008-12-24 23:27:20 ----A---- E:\WINDOWS\system32\clbcatex.dll
2008-12-24 23:27:20 ----A---- E:\WINDOWS\system32\catsrvps.dll
2008-12-24 23:27:19 ----A---- E:\WINDOWS\system32\catsrvut.dll
2008-12-24 23:27:19 ----A---- E:\WINDOWS\system32\catsrv.dll
2008-12-24 23:27:18 ----A---- E:\WINDOWS\system32\comsvcs.dll
2008-12-24 23:27:17 ----A---- E:\WINDOWS\system32\comuid.dll
2008-12-24 23:27:16 ----A---- E:\WINDOWS\system32\clbcatq.dll
2008-12-24 23:27:01 ----A---- E:\WINDOWS\system32\servdeps.dll
2008-12-24 23:27:00 ----A---- E:\WINDOWS\system32\mmfutil.dll
2008-12-24 23:27:00 ----A---- E:\WINDOWS\system32\licwmi.dll
2008-12-24 23:27:00 ----A---- E:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-01-06 15:41:48 ----A---- E:\WINDOWS\win.ini
2009-01-06 15:41:48 ----A---- E:\WINDOWS\system.ini
2008-12-12 18:02:12 ----A---- E:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; E:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ntiopnp;ntiopnp; E:\WINDOWS\system32\drivers
tiopnp.sys [2007-02-12 12800]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; E:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; E:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-24 21419]
R3 avgntflt;avgntflt; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; E:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2003-11-30 12288]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS
v4_mini.sys [2008-12-02 6209536]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS
vnetbus.sys [2008-08-01 22016]
R3 PAC207;SoC PC-Camera; E:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 RT73;RT73 USB Wireless LAN Card Driver; E:\WINDOWS\system32\DRIVERSt73.sys [2006-12-21 429440]
R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 ssmdrv;ssmdrv; E:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
S3 aat2bdcu;aat2bdcu; E:\WINDOWS\system32\drivers\aat2bdcu.sys []
S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 CPUCooLServer;CPUCooLServer Service; E:\Program Files\CPUCooL\CooLSrv.exe [2007-07-31 118784]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2008-12-28 152984]
R2 NVSvc;NVID

Utilisateur anonyme · Answer

1/

Pour ToolsCleaner2 je trouve pas le rapport mais tout a bien était supprimé 

2/

quand je lance RSIT.exe j'ai le message d'erreur E:\Documents and Settings\hackeu\Bureau\hackeu.exe n'est pas une application win32 valide

je fait ok et j'ai le fichier log.txt qui s'ouvre

Logfile of random's system information tool 1.05 (written by random/random)
Run by hackeu at 2009-01-06 17:16:14
Microsoft Windows XP Professionnel Service Pack 3
System drive E: has 216 GB (71%) free of 305 GB
Total RAM: 3071 MB (77% free)


======Scheduled tasks folder======

E:\WINDOWS	asks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files\Java\jre6\bin\ssv.dll [2008-12-28 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-28 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-28 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"=E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2008-12-02 13680640]
"SunJavaUpdateSched"=E:\Program Files\Java\jre6\bin\jusched.exe [2008-12-28 136600]
"SkyTel"=E:\WINDOWS\SkyTel.EXE [2007-04-04 1822720]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=E:\WINDOWS\system32\NvMcTray.dll [2008-12-02 86016]
"Monitor"=E:\WINDOWS\PixArt\PAC207\Monitor.exe [2009-01-06 319488]
"Alcmtr"=E:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"UnlockerAssistant"=E:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"avgnt"=E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-06 2156368]
"NudgeMania"=E:\Program Files\NudgeMania\NudgeMania.exe [2007-02-25 65821]
"msnmsgr"=E:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
E:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2006-01-07 864264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
E:\Program Files\ManyCam 2.3\ManyCam.exe [2008-10-14 1791272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
E:\Program Files\MAGIX\Video_deluxe_15_Version_a_telecharger\TrayServer.exe [2008-09-01 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2]
E:\WINDOWS\system32\winsys2.exe [2008-01-18 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^hackeu^Menu Démarrer^Programmes^Démarrage^RAR Password Cracker.lnk]
E:\PROGRA~1\RARPAS~1pc.exe [2004-04-25 157696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^hackeu^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
E:\WINDOWS\BRICOP~1\VISTAI~1\TransBar\TransBar.exe [2005-06-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^hackeu^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
E:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [2006-05-21 180224]

E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Ralink Wireless Utility.lnk - E:\Program Files\RALINK\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ma-config.com\maconfservice.exe"="E:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="E:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"E:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe"="E:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe:*:Enabled:script-fu"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Windows Live\Messenger\wlcsdk.exe"="E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\Program Files\eMule\emule.exe"="E:\Program Files\eMule\emule.exe:*:Enabled:eMule"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Windows Live\Messenger\wlcsdk.exe"="E:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.js - edit - "E:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2009-01-06 17:16:14 ----D---- E:sit
2009-01-06 17:15:43 ----A---- E:\TCleaner.txt
2009-01-06 16:59:58 ----D---- E:\Documents and Settings\All Users\Application Data\Avira
2009-01-06 16:52:56 ----D---- E:\Documents and Settings\hackeu\Application Data\Malwarebytes
2009-01-06 16:52:52 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2009-01-06 16:52:52 ----D---- E:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-06 15:06:52 ----D---- E:\Program Files\Unlocker
2009-01-06 15:06:52 ----D---- E:\Documents and Settings\hackeu\Application Data\Desktopicon
2009-01-06 08:18:02 ----D---- E:\Program Files\Spybot - Search & Destroy
2009-01-06 08:18:02 ----D---- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-06 08:17:14 ----D---- E:\Program Files\SpywareBlaster
2009-01-06 08:16:03 ----AD---- E:\Documents and Settings\All Users\Application Data\TEMP
2009-01-06 08:15:45 ----D---- E:\Program Files\Grisoft
2009-01-06 08:15:45 ----D---- E:\Documents and Settings\All Users\Application Data\Grisoft
2009-01-06 07:42:35 ----D---- E:\WINDOWS\system32\appmgmt
2009-01-06 07:37:20 ----D---- E:\Program Files\Trend Micro
2009-01-06 07:29:06 ----D---- E:\WINDOWS\pss
2009-01-06 05:12:40 ----A---- E:\WINDOWS\WORDPAD.INI
2009-01-05 23:50:12 ----D---- E:\Program Files\CamStudio
2009-01-05 23:29:46 ----D---- E:\Program Files\Fichiers communs\Autosurf Manager
2009-01-05 22:26:12 ----D---- E:\Program Files\eMule
2009-01-03 21:43:14 ----D---- E:\Program Files\Crystal Button 2008
2009-01-03 14:00:34 ----D---- E:\Documents and Settings\All Users\Application Data\ESET
2009-01-03 01:47:01 ----A---- E:\WINDOWS\system32\devil.dll
2009-01-03 01:47:01 ----A---- E:\WINDOWS\system32\avisynth.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\system32\yv12vfw.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\system32\i420vfw.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\system32\AVSredirect.dll
2009-01-03 01:47:00 ----A---- E:\WINDOWS\MOTA113.exe
2009-01-03 01:46:59 ----A---- E:\WINDOWS\x2.64.exe
2009-01-03 01:46:59 ----A---- E:\WINDOWS\system32\x.264.exe
2009-01-03 01:46:59 ----A---- E:\WINDOWS\meta4.exe
2009-01-03 01:46:57 ----D---- E:\Program Files\AviSynth 2.5
2009-01-03 01:45:27 ----RSH---- E:\WINDOWS\system32
bDX.dll
2009-01-03 01:45:27 ----RSH---- E:\WINDOWS\system32\msfDX.dll
2009-01-03 01:45:27 ----RSH---- E:\WINDOWS\system32\flvDX.dll
2009-01-03 01:45:19 ----D---- E:\Program Files\eRightSoft
2009-01-03 01:42:28 ----D---- E:\Program Files\ManyCam 2.3
2009-01-03 01:30:04 ----D---- E:\WINDOWS\Minidump
2009-01-03 01:12:49 ----D---- E:\Documents and Settings\hackeu\Application Data\dvdcss
2009-01-02 16:59:25 ----D---- E:\Documents and Settings\hackeu\Application Data\FileZilla
2009-01-02 16:16:59 ----D---- E:\Program Files\Corel
2009-01-02 16:10:25 ----D---- E:\Program Files\Microsoft Works
2009-01-02 16:10:15 ----D---- E:\Program Files\Microsoft Visual Studio
2009-01-02 16:10:14 ----D---- E:\Program Files\Fichiers communs\DESIGNER
2009-01-02 16:09:28 ----D---- E:\Program Files\Microsoft Visual Studio 8
2009-01-02 16:07:48 ----D---- E:\Program Files\Microsoft Expression
2009-01-02 16:07:47 ----D---- E:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-02 16:07:33 ----RHD---- E:\MSOCache
2009-01-02 16:02:57 ----A---- E:\WINDOWS\ETAXP.ini
2009-01-02 03:00:20 ----D---- E:\Program Files\MSXML 4.0
2009-01-01 23:00:28 ----A---- E:\WINDOWS\system32\PnkBstrA.exe
2009-01-01 23:00:21 ----A---- E:\WINDOWS\system32\PnkBstrB.exe
2009-01-01 22:58:41 ----D---- E:\Documents and Settings\hackeu\Application Data\Leadertech
2009-01-01 22:58:28 ----D---- E:\WINDOWS\system32\LogFiles
2009-01-01 22:51:30 ----D---- E:\Program Files\EA Games
2009-01-01 17:55:36 ----D---- E:\Program Files\CPUCooL
2009-01-01 17:55:24 ----D---- E:\Program Files\Microsoft
2009-01-01 17:55:05 ----D---- E:\Program Files\Windows Live SkyDrive
2009-01-01 17:50:23 ----D---- E:\Program Files\Fichiers communs\Windows Live
2009-01-01 17:39:55 ----D---- E:\Documents and Settings\hackeu\Application Data\MAGIX
2009-01-01 17:38:35 ----D---- E:\Program Files\Fichiers communs\MAGIX Shared
2009-01-01 17:38:33 ----A---- E:\WINDOWS\system32\msxml4r.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\TTIC32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\TTI32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\STRING32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\MXRestore.exe
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\msxml4a.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\mgxcdr.txt
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLTPO32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLRES32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLRD32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPTL32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPRJ32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPRF32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLPNT32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLMSC32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLIX.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLISO32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLIO32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLIMG32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLDRV32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLDIR32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLDEV32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLCPY32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLCDF32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLCDA32.dll
2009-01-01 17:38:32 ----A---- E:\WINDOWS\system32\DLLAV32.dll
2009-01-01 17:37:27 ----D---- E:\Documents and Settings\All Users\Application Data\MAGIX
2009-01-01 17:37:03 ----D---- E:\Program Files\MAGIX
2009-01-01 17:37:03 ----A---- E:\WINDOWS\system32\DLLDEV32i.dll
2009-01-01 17:36:46 ----D---- E:\WINDOWS\system32\MAGIX
2009-01-01 17:36:46 ----A---- E:\WINDOWS\system32\mgxoschk.dll
2009-01-01 17:36:46 ----A---- E:\WINDOWS\mgxoschk.ini
2009-01-01 16:58:04 ----D---- E:\Documents and Settings\hackeu\Application Data\MagicEffect Photo
2009-01-01 03:01:03 ----HDC---- E:\WINDOWS\$NtUninstallKB951978$
2009-01-01 03:00:56 ----HDC---- E:\WINDOWS\$NtUninstallKB941569$
2009-01-01 03:00:46 ----HDC---- E:\WINDOWS\$NtUninstallKB923689$
2009-01-01 03:00:36 ----HDC---- E:\WINDOWS\$NtUninstallKB954459$
2009-01-01 03:00:27 ----HDC---- E:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-12-31 12:22:33 ----D---- E:\Program Files\RAR Password Cracker
2008-12-31 03:08:17 ----D---- E:\WINDOWS\Prefetch
2008-12-30 15:10:22 ----A---- E:\WINDOWS\msicpl.ini
2008-12-30 05:20:04 ----D---- E:\WINDOWS\RegisteredPackages
2008-12-30 05:01:40 ----HDC---- E:\WINDOWS\$NtUninstallKB960714$
2008-12-30 05:01:33 ----HDC---- E:\WINDOWS\$NtUninstallKB958644$
2008-12-30 05:01:24 ----HDC---- E:\WINDOWS\$NtUninstallKB958215$
2008-12-30 05:01:17 ----HDC---- E:\WINDOWS\$NtUninstallKB957097$
2008-12-30 05:01:11 ----HDC---- E:\WINDOWS\$NtUninstallKB957095$
2008-12-30 05:01:04 ----HDC---- E:\WINDOWS\$NtUninstallKB956841$
2008-12-30 05:00:56 ----HDC---- E:\WINDOWS\$NtUninstallKB956803$
2008-12-30 05:00:51 ----HDC---- E:\WINDOWS\$NtUninstallKB956802$
2008-12-30 05:00:40 ----HDC---- E:\WINDOWS\$NtUninstallKB955069$
2008-12-30 05:00:33 ----HDC---- E:\WINDOWS\$NtUninstallKB954600$
2008-12-30 05:00:27 ----HDC---- E:\WINDOWS\$NtUninstallKB954211$
2008-12-30 05:00:20 ----HDC---- E:\WINDOWS\$NtUninstallKB952954$
2008-12-30 05:00:13 ----HDC---- E:\WINDOWS\$NtUninstallKB952287$
2008-12-30 05:00:08 ----HDC---- E:\WINDOWS\$NtUninstallKB951698$
2008-12-30 05:00:01 ----HDC---- E:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-30 04:59:54 ----HDC---- E:\WINDOWS\$NtUninstallKB951066$
2008-12-30 04:59:49 ----HDC---- E:\WINDOWS\$NtUninstallKB950974$
2008-12-30 04:59:43 ----HDC---- E:\WINDOWS\$NtUninstallKB950762$
2008-12-30 04:59:38 ----HDC---- E:\WINDOWS\$NtUninstallKB946648$
2008-12-30 04:59:34 ----HDC---- E:\WINDOWS\$NtUninstallKB938464$
2008-12-30 04:59:09 ----HD---- E:\WINDOWS\PIF
2008-12-30 04:56:56 ----D---- E:\WINDOWS\system32\fr-fr
2008-12-30 04:56:56 ----D---- E:\WINDOWS\system32\fr
2008-12-30 04:56:56 ----D---- E:\WINDOWS\l2schemas
2008-12-30 04:56:55 ----D---- E:\WINDOWS\system32\bits
2008-12-30 04:54:37 ----D---- E:\WINDOWS\ServicePackFiles
2008-12-30 04:51:10 ----D---- E:\WINDOWS
etwork diagnostic
2008-12-30 04:47:12 ----HDC---- E:\WINDOWS\$NtServicePackUninstall$
2008-12-30 04:32:20 ----D---- E:\Documents and Settings\hackeu\Application Data\Google
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\vxblock.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxwave.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxmas.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxhpinst.exe
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\pxdrv.dll
2008-12-30 04:08:44 ----N---- E:\WINDOWS\system32\px.dll
2008-12-30 04:07:19 ----D---- E:\WINDOWS\system32\IOSUBSYS
2008-12-30 04:07:13 ----D---- E:\Program Files\Google
2008-12-30 03:57:00 ----D---- E:\Program Files\Fichiers communs\Macromedia
2008-12-30 03:56:48 ----D---- E:\Program Files\Macromedia
2008-12-30 03:56:48 ----D---- E:\Documents and Settings\All Users\Application Data\Macromedia
2008-12-30 03:56:13 ----D---- E:\WINDOWS\Downloaded Installations
2008-12-29 20:14:21 ----D---- E:\Program Files\Fichiers communs\Adobe
2008-12-29 20:14:19 ----D---- E:\Program Files\Adobe
2008-12-29 20:14:11 ----A---- E:\WINDOWS\unin040c.exe
2008-12-29 19:47:37 ----D---- E:\Program Files\Sqirlz Morph
2008-12-29 19:47:37 ----A---- E:\WINDOWS\Sqirlz Morph Uninstaller.exe
2008-12-29 12:36:00 ----A---- E:\WINDOWS\system32
vunrm.exe
2008-12-29 05:16:46 ----A---- E:\WINDOWS\system32\wmpns.dll
2008-12-29 02:22:51 ----D---- E:\Program Files\PhotoFiltre
2008-12-28 20:48:35 ----D---- E:\Program Files\Rockstar Games
2008-12-28 20:41:02 ----A---- E:\WINDOWS\CoD.INI
2008-12-28 19:23:15 ----A---- E:\WINDOWS\system32\NCTWMAFile2.dll
2008-12-28 19:23:15 ----A---- E:\WINDOWS\system32\NCTAudioVisualization2.dll
2008-12-28 19:23:15 ----A---- E:\WINDOWS\system32\NCTAudioTransform2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioRecord2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioPlayer2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioInformation2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioFile2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioEditor2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioDisplay2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioDesign2.dll
2008-12-28 19:23:14 ----A---- E:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2008-12-28 19:23:08 ----A---- E:\WINDOWS\system32\NMSDVDXU.dll
2008-12-28 19:23:08 ----A---- E:\WINDOWS\system32\msvcr71d.dll
2008-12-28 19:23:08 ----A---- E:\WINDOWS\system32\msvcr70.dll
2008-12-28 19:23:07 ----D---- E:\Program Files\Audio Studio Gold
2008-12-28 18:54:42 ----D---- E:\Program Files\Electronic Arts
2008-12-28 16:06:59 ----D---- E:\Program Files\FileZilla FTP Client
2008-12-28 16:06:14 ----D---- E:\WINDOWS\Sun
2008-12-28 14:43:26 ----D---- E:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-28 14:35:59 ----N---- E:\WINDOWS\system32\spmsg.dll
2008-12-28 14:35:58 ----HDC---- E:\WINDOWS\$NtUninstallKB935448$
2008-12-28 10:16:11 ----N---- E:\WINDOWS\system32\xmllite.dll
2008-12-28 10:16:07 ----N---- E:\WINDOWS\system32\wmphoto.dll
2008-12-28 10:16:02 ----N---- E:\WINDOWS\system32\wlanapi.dll
2008-12-28 10:16:01 ----N---- E:\WINDOWS\system32\windowscodecsext.dll
2008-12-28 10:16:01 ----N---- E:\WINDOWS\system32\windowscodecs.dll
2008-12-28 10:15:58 ----N---- E:\WINDOWS\system32\verclsid.exe
2008-12-28 10:15:53 ----N---- E:\WINDOWS\system32	spkg.dll
2008-12-28 10:15:53 ----N---- E:\WINDOWS\system32	sgqec.dll
2008-12-28 10:15:46 ----N---- E:\WINDOWS\system32\spupdwxp.exe
2008-12-28 10:15:45 ----A---- E:\WINDOWS\system32\spdwnwxp.exe
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slserv.exe
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slrundll.exe
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slgen.dll
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slextspk.dll
2008-12-28 10:15:43 ----N---- E:\WINDOWS\system32\slcoinst.dll
2008-12-28 10:15:43 ----N---- E:\WINDOWS\slrundll.exe
2008-12-28 10:15:40 ----N---- E:\WINDOWS\system32\setupn.exe
2008-12-28 10:15:37 ----N---- E:\WINDOWS\system32\s3gnb.dll
2008-12-28 10:15:35 ----N---- E:\WINDOWS\system32httpaa.dll
2008-12-28 10:15:34 ----N---- E:\WINDOWS\system32asqec.dll
2008-12-28 10:15:33 ----N---- E:\WINDOWS\system32\qutil.dll
2008-12-28 10:15:32 ----N---- E:\WINDOWS\system32\qcliprov.dll
2008-12-28 10:15:32 ----N---- E:\WINDOWS\system32\qagentrt.dll
2008-12-28 10:15:32 ----N---- E:\WINDOWS\system32\qagent.dll
2008-12-28 10:15:30 ----N---- E:\WINDOWS\system32\photometadatahandler.dll
2008-12-28 10:15:26 ----N---- E:\WINDOWS\system32\onex.dll
2008-12-28 10:15:13 ----N---- E:\WINDOWS\system32
apstat.exe
2008-12-28 10:15:13 ----N---- E:\WINDOWS\system32
apmontr.dll
2008-12-28 10:15:13 ----N---- E:\WINDOWS\system32
apipsec.dll
2008-12-28 10:15:12 ----N---- E:\WINDOWS\system32\mtxparhd.dll
2008-12-28 10:15:11 ----N---- E:\WINDOWS\system32\msxml6r.dll
2008-12-28 10:15:11 ----N---- E:\WINDOWS\system32\msxml6.dll
2008-12-28 10:15:08 ----N---- E:\WINDOWS\system32\msshavmsg.dll
2008-12-28 10:15:08 ----N---- E:\WINDOWS\system32\mssha.dll
2008-12-28 10:14:48 ----N---- E:\WINDOWS\system32\mmcperf.exe
2008-12-28 10:14:48 ----N---- E:\WINDOWS\system32\mmcfxcommon.dll
2008-12-28 10:14:48 ----N---- E:\WINDOWS\system32\mmcex.dll
2008-12-28 10:14:47 ----N---- E:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-28 10:14:44 ----N---- E:\WINDOWS\system32\mdmxsdk.dll
2008-12-28 10:14:32 ----N---- E:\WINDOWS\system32\l2gpstore.dll
2008-12-28 10:14:30 ----N---- E:\WINDOWS\system32\kmsvc.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdpash.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdnepr.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdiultn.dll
2008-12-28 10:14:29 ----N---- E:\WINDOWS\system32\kbdbhc.dll
2008-12-28 10:14:24 ----N---- E:\WINDOWS\system32\smtpapi.dll
2008-12-28 10:14:23 ----N---- E:\WINDOWS\system32wnh.dll
2008-12-28 10:14:21 ----N---- E:\WINDOWS\system32\comsdupd.exe
2008-12-28 10:14:13 ----N---- E:\WINDOWS\system32\hsfcisp2.dll
2008-12-28 10:14:04 ----A---- E:\WINDOWS\002751_.tmp
2008-12-28 10:14:03 ----N---- E:\WINDOWS\system32\faxpatch.exe
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapsvc.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapqec.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eappprxy.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapphost.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eappgnui.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eappcfg.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapp3hst.dll
2008-12-28 10:14:00 ----N---- E:\WINDOWS\system32\eapolqec.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3ui.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3svc.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3msm.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3gpclnt.dll
2008-12-28 10:13:56 ----N---- E:\WINDOWS\system32\dot3dlg.dll
2008-12-28 10:13:55 ----N---- E:\WINDOWS\system32\dot3cfg.dll
2008-12-28 10:13:55 ----N---- E:\WINDOWS\system32\dot3api.dll
2008-12-28 10:13:53 ----N---- E:\WINDOWS\system32\dimsroam.dll
2008-12-28 10:13:53 ----N---- E:\WINDOWS\system32\dimsntfy.dll
2008-12-28 10:13:52 ----N---- E:\WINDOWS\system32\dhcpqec.dll
2008-12-28 10:13:47 ----N---- E:\WINDOWS\system32\credssp.dll
2008-12-28 10:13:38 ----N---- E:\WINDOWS\system32\bitsprx4.dll
2008-12-28 10:13:37 ----N---- E:\WINDOWS\system32\azroles.dll
2008-12-28 10:13:34 ----N---- E:\WINDOWS\system32\ativvaxx.dll
2008-12-28 10:13:34 ----N---- E:\WINDOWS\system32\ativtmxx.dll
2008-12-28 10:13:33 ----N---- E:\WINDOWS\system32\ati3duag.dll
2008-12-28 10:13:33 ----N---- E:\WINDOWS\system32\ati3d1ag.dll
2008-12-28 10:13:32 ----N---- E:\WINDOWS\system32\ati2dvag.dll
2008-12-28 10:13:32 ----N---- E:\WINDOWS\system32\ati2dvaa.dll
2008-12-28 10:13:32 ----N---- E:\WINDOWS\system32\ati2cqag.dll
2008-12-28 10:13:21 ----N---- E:\WINDOWS\system32\aaclient.dll
2008-12-28 09:58:26 ----A---- E:\WINDOWS\system32\muweb.dll
2008-12-28 09:58:26 ----A---- E:\WINDOWS\system32\mucltui.dll.mui
2008-12-28 09:58:26 ----A---- E:\WINDOWS\system32\mucltui.dll
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\javaws.exe
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\javaw.exe
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\java.exe
2008-12-28 04:06:38 ----A---- E:\WINDOWS\system32\deploytk.dll
2008-12-28 04:06:27 ----D---- E:\Program Files\Java
2008-12-28 04:05:23 ----D---- E:\Documents and Settings\hackeu\Application Data\Sun
2008-12-28 02:08:45 ----D---- E:\Program Files\NudgeMania
2008-12-28 01:53:03 ----A---- E:\WINDOWS\system32	sccvid.dll
2008-12-28 01:53:02 ----D---- E:\WINDOWS\system32\QuickTime
2008-12-28 01:52:58 ----D---- E:\Documents and Settings\All Users\Application Data\TechSmith
2008-12-28 01:52:46 ----D---- E:\Program Files\Fichiers communs\TechSmith Shared
2008-12-28 01:52:43 ----D---- E:\Program Files\TechSmith
2008-12-28 01:46:28 ----D---- E:\Program Files\Avira
2008-12-28 01:40:04 ----D---- E:\Documents and Settings\hackeu\Application Data\ALLCapture
2008-12-28 00:29:05 ----D---- E:\Documents and Settings\hackeu\Application Data\vlc
2008-12-28 00:15:11 ----D---- E:\Program Files\VideoLAN
2008-12-27 23:04:51 ----D---- E:\Documents and Settings\All Users\Application Data
View_Profiles
2008-12-27 22:44:36 ----A---- E:\WINDOWS\system32\vfwwdm32.dll
2008-12-27 22:40:50 ----A---- E:\WINDOWS\BricoPackUninst.cmd
2008-12-27 22:39:43 ----A---- E:\WINDOWS\BricoPackUninst.txt
2008-12-27 22:39:43 ----A---- E:\WINDOWS\BricoPackFoldersDelete.cmd
2008-12-27 22:39:26 ----D---- E:\WINDOWS\BricoPacks
2008-12-27 22:28:30 ----A---- E:\WINDOWS\system32\TUProgSt.exe
2008-12-27 22:28:29 ----A---- E:\WINDOWS\system32\uxtuneup.dll
2008-12-27 22:28:28 ----A---- E:\WINDOWS\system32\TuneUpDefragService.exe
2008-12-27 22:28:27 ----D---- E:\Documents and Settings\hackeu\Application Data\TuneUp Software
2008-12-27 22:28:19 ----D---- E:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-12-27 22:28:18 ----D---- E:\Program Files\TuneUp Utilities 2009
2008-12-27 22:28:03 ----SHD---- E:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-27 21:40:25 ----D---- E:\Documents and Settings\hackeu\Application Data\gtk-2.0
2008-12-27 21:37:01 ----D---- E:\Program Files\GIMP-2.0
2008-12-27 21:17:12 ----A---- E:\WINDOWS\system32\Remover.ini
2008-12-27 21:17:12 ----A---- E:\WINDOWS\system32\Remove.exe
2008-12-27 21:17:10 ----D---- E:\WINDOWS\PixArt
2008-12-27 21:17:10 ----D---- E:\Program Files\PC Camera
2008-12-27 21:17:10 ----D---- E:\Program Files\Fichiers communs\PAC207
2008-12-27 21:13:21 ----D---- E:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-12-27 20:37:16 ----D---- E:\Program Files\Messenger Plus! Live
2008-12-27 20:20:18 ----SHDC---- E:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-12-27 20:20:00 ----D---- E:\Program Files\Windows Live
2008-12-27 20:19:51 ----D---- E:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-27 15:20:21 ----D---- E:\dowloads
2008-12-27 13:40:42 ----D---- E:\WINDOWS\system32\Lang
2008-12-27 13:37:49 ----R---- E:\WINDOWS\system32\ChCfg.exe
2008-12-27 13:37:27 ----D---- E:\WINDOWS\system32\RTCOM
2008-12-27 13:37:26 ----A---- E:\WINDOWS\system32\ksuser.dll
2008-12-27 13:36:58 ----HDC---- E:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-12-27 13:36:55 ----R---- E:\WINDOWS\SoundMan.exe
2008-12-27 13:36:55 ----R---- E:\WINDOWS\SkyTel.exe
2008-12-27 13:36:54 ----R---- E:\WINDOWS\RtlUpd.exe
2008-12-27 13:36:51 ----R---- E:\WINDOWS\RTLCPL.exe
2008-12-27 13:36:45 ----R---- E:\WINDOWS\RTHDCPL.exe
2008-12-27 13:36:44 ----R---- E:\WINDOWS\MicCal.exe
2008-12-27 13:36:42 ----R---- E:\WINDOWS\Alcmtr.exe
2008-12-27 13:36:41 ----R---- E:\WINDOWS\alcwzrd.exe
2008-12-27 13:36:40 ----D---- E:\Program Files\Realtek
2008-12-27 13:36:35 ----R---- E:\WINDOWS\RtlExUpd.dll
2008-12-27 13:36:35 ----A---- E:\WINDOWS\HideWin.exe
2008-12-27 13:36:08 ----A---- E:\WINDOWS\system32\XAudio2_1.dll
2008-12-27 13:36:08 ----A---- E:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\xactengine3_1.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\d3dx10_38.dll
2008-12-27 13:36:07 ----A---- E:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-27 13:36:06 ----A---- E:\WINDOWS\system32\XAudio2_0.dll
2008-12-27 13:36:06 ----A---- E:\WINDOWS\system32\xactengine3_0.dll
2008-12-27 13:36:06 ----A---- E:\WINDOWS\system32\D3DX9_38.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\D3DX9_37.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\d3dx10_37.dll
2008-12-27 13:36:05 ----A---- E:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-27 13:36:04 ----A---- E:\WINDOWS\system32\xactengine2_10.dll
2008-12-27 13:36:04 ----A---- E:\WINDOWS\system32\d3dx10_36.dll
2008-12-27 13:36:03 ----A---- E:\WINDOWS\system32\xactengine2_9.dll
2008-12-27 13:36:03 ----A---- E:\WINDOWS\system32\d3dx9_36.dll
2008-12-27 13:36:03 ----A---- E:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-27 13:36:02 ----A---- E:\WINDOWS\system32\d3dx9_35.dll
2008-12-27 13:36:02 ----A---- E:\WINDOWS\system32\d3dx10_35.dll
2008-12-27 13:36:02 ----A---- E:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\xactengine2_8.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\X3DAudio1_2.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\d3dx9_34.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\d3dx10_34.dll
2008-12-27 13:36:01 ----A---- E:\WINDOWS\system32\D3DCompiler_34.dll
2008-12-27 13:36:00 ----A---- E:\WINDOWS\system32\xinput1_3.dll
2008-12-27 13:36:00 ----A---- E:\WINDOWS\system32\xactengine2_7.dll
2008-12-27 13:35:59 ----A---- E:\WINDOWS\system32\d3dx10_33.dll
2008-12-27 13:35:59 ----A---- E:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\xactengine2_6.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\xactengine2_5.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\d3dx9_33.dll
2008-12-27 13:35:57 ----A---- E:\WINDOWS\system32\d3dx9_32.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xinput1_2.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xactengine2_4.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xactengine2_3.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\xactengine2_2.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\x3daudio1_1.dll
2008-12-27 13:35:56 ----A---- E:\WINDOWS\system32\d3dx9_31.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\xinput1_1.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\xactengine2_1.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\xactengine2_0.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\x3daudio1_0.dll
2008-12-27 13:35:55 ----A---- E:\WINDOWS\system32\d3dx9_30.dll
2008-12-27 13:35:54 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2008-12-27 13:35:54 ----A---- E:\WINDOWS\system32\d3dx9_29.dll
2008-12-27 13:35:53 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2008-12-27 13:35:53 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2008-12-27 13:35:52 ----A---- E:\WINDOWS\system32\d3dx9_24.dll
2008-12-27 13:35:47 ----D---- E:\WINDOWS\Logs
2008-12-27 13:30:06 ----D---- E:\Program Files\Activision
2008-12-27 13:14:05 ----HDC---- E:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-27 13:13:40 ----SHD---- E:\WINDOWS\ftpcache
2008-12-27 13:12:16 ----HDC---- E:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-12-27 13:12:09 ----HDC---- E:\WINDOWS\$NtUninstallKB952954_0$
2008-12-27 13:12:03 ----HDC---- E:\WINDOWS\$NtUninstallKB946648_0$
2008-12-27 13:11:57 ----HDC---- E:\WINDOWS\$NtUninstallKB956803_0$
2008-12-27 13:11:50 ----HDC---- E:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-27 13:11:36 ----HDC---- E:\WINDOWS\$NtUninstallKB955839$
2008-12-27 13:11:30 ----HDC---- E:\WINDOWS\$NtUninstallKB956391$
2008-12-27 13:11:24 ----HDC---- E:\WINDOWS\$NtUninstallKB957095_0$
2008-12-27 13:11:02 ----HDC---- E:\WINDOWS\$NtUninstallKB958215_0$
2008-12-27 13:09:47 ----A---- E:\WINDOWS\system32\MRT.exe
2008-12-27 13:09:40 ----HDC---- E:\WINDOWS\$NtUninstallKB950974_0$
2008-12-27 13:09:34 ----HDC---- E:\WINDOWS\$NtUninstallKB951698_0$
2008-12-27 13:09:27 ----HDC---- E:\WINDOWS\$NtUninstallKB954211_0$
2008-12-27 13:09:15 ----HDC---- E:\WINDOWS\$NtUninstallKB956841_0$
2008-12-27 13:09:02 ----HDC---- E:\WINDOWS\$NtUninstallKB960714_0$
2008-12-27 13:08:56 ----HDC---- E:\WINDOWS\$NtUninstallKB950762_0$
2008-12-27 13:08:49 ----HDC---- E:\WINDOWS\$NtUninstallKB957097_0$
2008-12-27 13:08:42 ----HDC---- E:\WINDOWS\$NtUninstallKB952287_0$
2008-12-27 13:08:36 ----HDC---- E:\WINDOWS\$NtUninstallKB951066_0$
2008-12-27 13:08:29 ----HDC---- E:\WINDOWS\$NtUninstallKB938464_0$
2008-12-27 13:08:18 ----HDC---- E:\WINDOWS\$NtUninstallKB954600_0$
2008-12-27 13:08:12 ----HDC---- E:\WINDOWS\$NtUninstallKB958644_0$
2008-12-27 13:08:08 ----HDC---- E:\WINDOWS\$NtUninstallKB955069_0$
2008-12-27 13:08:04 ----HDC---- E:\WINDOWS\$NtUninstallKB956802_0$
2008-12-27 13:07:56 ----HDC---- E:\WINDOWS\$NtUninstallKB944338-v2$
2008-12-27 13:07:03 ----D---- E:\Program Files\Alcohol Soft
2008-12-27 12:47:26 ----D---- E:\Documents and Settings\hackeu\Application Data\WinRAR
2008-12-27 12:46:50 ----D---- E:\Program Files\WinRAR
2008-12-27 12:22:41 ----D---- E:\WINDOWS\system32\AGEIA
2008-12-27 12:22:41 ----D---- E:\Program Files\AGEIA Technologies
2008-12-27 12:22:36 ----D---- E:\Program Files\Fichiers communs\Wise Installation Wizard
2008-12-27 12:22:16 ----D---- E:\WINDOWS\system32\ReinstallBackups
2008-12-27 12:03:01 ----D---- E:\WINDOWS\system32\PreInstall
2008-12-27 12:03:01 ----A---- E:\WINDOWS\system32\spupdsvc.exe
2008-12-27 12:03:00 ----HDC---- E:\WINDOWS\$NtUninstallKB898461$
2008-12-27 12:03:00 ----HD---- E:\WINDOWS\$hf_mig$
2008-12-27 12:00:50 ----D---- E:\WINDOWS
view
2008-12-27 12:00:49 ----A---- E:\WINDOWS\system32
vudisp.exe
2008-12-27 12:00:48 ----RA---- E:\WINDOWS\system32\MadCHook.dll
2008-12-27 12:00:47 ----RA---- E:\WINDOWS\system32\smdll.dll
2008-12-27 12:00:46 ----A---- E:\WINDOWS\system32\d3dx9_28.dll
2008-12-27 12:00:45 ----RA---- E:\WINDOWS\system32\msvcr80.dll
2008-12-27 12:00:45 ----RA---- E:\WINDOWS\system32\Auxiliary.dll
2008-12-27 12:00:45 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2008-12-27 12:00:44 ----RA---- E:\WINDOWS\system32\WinSys2.exe
2008-12-27 12:00:44 ----RA---- E:\WINDOWS\system32\HookShield.dll
2008-12-27 12:00:44 ----RA---- E:\WINDOWS\system32\HookMAp.dll
2008-12-27 12:00:43 ----RA---- E:\WINDOWS\system32\msicpl.dll
2008-12-27 12:00:09 ----A---- E:\WINDOWS\system32\NVUNINST.EXE
2008-12-25 00:26:19 ----A---- E:\WINDOWS\system32\h323log.txt
2008-12-25 00:21:27 ----A---- E:\WINDOWS\system32\hidserv.dll
2008-12-25 00:20:23 ----A---- E:\WINDOWS\system32\usbui.dll
2008-12-25 00:19:21 ----A---- E:\WINDOWS\imsins.BAK
2008-12-25 00:19:19 ----SHD---- E:\WINDOWS\Installer
2008-12-25 00:19:19 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2008-12-25 00:19:18 ----D---- E:\Program Files\Fichiers communs\ODBC
2008-12-25 00:19:18 ----A---- E:\WINDOWS\ODBCINST.INI
2008-12-25 00:19:12 ----D---- E:\Program Files\Fichiers communs\SpeechEngines
2008-12-25 00:19:10 ----RD---- E:\Program Files
2008-12-25 00:19:10 ----D---- E:\Program Files\Fichiers communs\Microsoft Shared
2008-12-25 00:19:10 ----D---- E:\Program Files\Fichiers communs
2008-12-25 00:19:03 ----RA---- E:\WINDOWS\system32\kbdtuq.dll
2008-12-25 00:19:03 ----RA---- E:\WINDOWS\system32\kbdtuf.dll
2008-12-25 00:19:03 ----RA---- E:\WINDOWS\system32\kbdazel.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbduzb.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdtat.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdmon.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdkyr.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdkaz.dll
2008-12-25 00:19:00 ----RA---- E:\WINDOWS\system32\kbdaze.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdycc.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdur.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdru1.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdru.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdbu.dll
2008-12-25 00:18:59 ----RA---- E:\WINDOWS\system32\kbdblr.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhept.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhela3.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhela2.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhe319.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhe220.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdhe.dll
2008-12-25 00:18:58 ----RA---- E:\WINDOWS\system32\kbdgkl.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlv1.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlv.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlt1.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdlt.dll
2008-12-25 00:18:56 ----RA---- E:\WINDOWS\system32\kbdest.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdycl.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdsl1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdsl.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdro.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdpl1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdpl.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdhu1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdhu.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcz2.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcz1.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcz.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\kbdcr.dll
2008-12-25 00:18:54 ----RA---- E:\WINDOWS\system32\KBDAL.DLL
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\spxcoins.dll
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\irclass.dll
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\dgsetup.dll
2008-12-25 00:18:52 ----A---- E:\WINDOWS\system32\dgrpsetu.dll
2008-12-25 00:18:50 ----A---- E:\WINDOWS\system32\EqnClass.Dll
2008-12-25 00:18:48 ----A---- E:\WINDOWS\TASKMAN.EXE
2008-12-25 00:18:47 ----N---- E:\WINDOWS\system32\CONFIG.TMP
2008-12-25 00:18:47 ----A---- E:\WINDOWS\system32\batt.dll
2008-12-25 00:18:46 ----A---- E:\WINDOWS\system32\storprop.dll
2008-12-25 00:18:46 ----A---- E:\WINDOWS
otepad.exe
2008-12-25 00:18:39 ----ASH---- E:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-25 00:16:57 ----RA---- E:\WINDOWS\SET8.tmp
2008-12-25 00:16:53 ----RA---- E:\WINDOWS\SET4.tmp
2008-12-25 00:16:52 ----RA---- E:\WINDOWS\SET3.tmp
2008-12-25 00:16:47 ----D---- E:\WINDOWS\system32\CatRoot2
2008-12-25 00:16:47 ----D---- E:\WINDOWS\system32\CatRoot
2008-12-25 00:16:42 ----SD---- E:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-25 00:16:27 ----A---- E:\WINDOWS\setuplog.txt
2008-12-25 00:16:24 ----SHD---- E:\System Volume Information
2008-12-25 00:16:24 ----D---- E:\Documents and Settings
2008-12-25 00:11:45 ----RSHDC---- E:\WINDOWS\system32\dllcache
2008-12-25 00:11:45 ----RSD---- E:\WINDOWS\Fonts
2008-12-25 00:11:45 ----RD---- E:\WINDOWS\Web
2008-12-25 00:11:45 ----HD---- E:\WINDOWS\inf
2008-12-25 00:11:45 ----D---- E:\WINDOWS\WinSxS
2008-12-25 00:11:45 ----D---- E:\WINDOWS	wain_32
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Temp
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\wins
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\wbem
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\usmt
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\spool
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\ShellExt
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\Setup
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32as
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\oobe
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32
pp
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\mui
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\inetsrv
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\IME
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\icsxml
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\ias
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\export
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\drivers
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\dhcp
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\config
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\3com_dmi
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\3076
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\2052
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1054
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1042
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1041
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1037
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1036
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1033
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1031
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1028
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32\1025
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system32
2008-12-25 00:11:45 ----D---- E:\WINDOWS\system
2008-12-25 00:11:45 ----D---- E:\WINDOWS\security
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Resources
2008-12-25 00:11:45 ----D---- E:\WINDOWSepair
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Provisioning
2008-12-25 00:11:45 ----D---- E:\WINDOWS\PeerNet
2008-12-25 00:11:45 ----D---- E:\WINDOWS\pchealth
2008-12-25 00:11:45 ----D---- E:\WINDOWS\mui
2008-12-25 00:11:45 ----D---- E:\WINDOWS\msapps
2008-12-25 00:11:45 ----D---- E:\WINDOWS\msagent
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Media
2008-12-25 00:11:45 ----D---- E:\WINDOWS\java
2008-12-25 00:11:45 ----D---- E:\WINDOWS\ime
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Help
2008-12-25 00:11:45 ----D---- E:\WINDOWS\ehome
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Driver Cache
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Debug
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Cursors
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Connection Wizard
2008-12-25 00:11:45 ----D---- E:\WINDOWS\Config
2008-12-25 00:11:45 ----D---- E:\WINDOWS\AppPatch
2008-12-25 00:11:45 ----D---- E:\WINDOWS\addins
2008-12-25 00:11:45 ----D---- E:\WINDOWS
2008-12-24 23:59:01 ----D---- E:\Program Files\ma-config.com
2008-12-24 23:59:01 ----D---- E:\Documents and Settings\All Users\Application Data\ma-config.com
2008-12-24 23:57:45 ----D---- E:\Documents and Settings\hackeu\Application Data\Mozilla
2008-12-24 23:57:40 ----D---- E:\Program Files\Mozilla Firefox
2008-12-24 23:56:58 ----SHD---- E:\RECYCLER
2008-12-24 23:52:08 ----D---- E:\Program Files\MSN Messenger
2008-12-24 23:45:14 ----D---- E:\Documents and Settings\hackeu\Application Data\Adobe
2008-12-24 23:45:02 ----D---- E:\Documents and Settings\hackeu\Application Data\Macromedia
2008-12-24 23:44:55 ----D---- E:\WINDOWS\system32\SoftwareDistribution
2008-12-24 23:41:47 ----DC---- E:\WINDOWS\system32\DRVSTORE
2008-12-24 23:41:40 ----A---- E:\WINDOWS\system32\Install7x.dll
2008-12-24 23:41:40 ----A---- E:\WINDOWS\system32\AegisI5.exe
2008-12-24 23:41:11 ----HD---- E:\Program Files\InstallShield Installation Information
2008-12-24 23:40:58 ----D---- E:\Program Files\RALINK
2008-12-24 23:40:56 ----D---- E:\Program Files\Fichiers communs\InstallShield
2008-12-24 23:38:19 ----D---- E:\Documents and Settings\hackeu\Application Data\Identities
2008-12-24 23:38:18 ----HD---- E:\Program Files\Uninstall Information
2008-12-24 23:38:09 ----ASH---- E:\Documents and Settings\hackeu\Application Data\desktop.ini
2008-12-24 23:38:08 ----SD---- E:\Documents and Settings\hackeu\Application Data\Microsoft
2008-12-24 23:37:35 ----D---- E:\WINDOWS\SoftwareDistribution
2008-12-24 23:37:34 ----SD---- E:\WINDOWS\system32\Microsoft
2008-12-24 23:37:34 ----A---- E:\WINDOWS\SchedLgU.Txt
2008-12-24 23:33:22 ----D---- E:\WINDOWS\system32\xircom
2008-12-24 23:33:22 ----D---- E:\Program Files\xerox
2008-12-24 23:33:22 ----D---- E:\Program Files\microsoft frontpage
2008-12-24 23:33:03 ----A---- E:\WINDOWS\control.ini
2008-12-24 23:32:52 ----A---- E:\WINDOWS\OEWABLog.txt
2008-12-24 23:32:49 ----A---- E:\WINDOWS\system32\mapi32.dll
2008-12-24 23:32:10 ----SD---- E:\WINDOWS\Downloaded Program Files
2008-12-24 23:32:10 ----RD---- E:\WINDOWS\Offline Web Pages
2008-12-24 23:32:10 ----RAH---- E:\WINDOWS\system32\logonui.exe.manifest
2008-12-24 23:32:06 ----RAH---- E:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-24 23:32:02 ----HD---- E:\Program Files\WindowsUpdate
2008-12-24 23:31:59 ----D---- E:\Program Files\Services en ligne
2008-12-24 23:31:37 ----D---- E:\WINDOWS\system32\DirectX
2008-12-24 23:30:56 ----A---- E:\WINDOWS\system32\atrace.dll
2008-12-24 23:30:51 ----A---- E:\WINDOWS\system32\desktop.ini
2008-12-24 23:30:51 ----A---- E:\WINDOWS\desktop.ini
2008-12-24 23:30:42 ----A---- E:\WINDOWS\system32
mevtmsg.dll
2008-12-24 23:30:41 ----A---- E:\WINDOWS\system32\acctres.dll
2008-12-24 23:30:40 ----D---- E:\Program Files\Fichiers communs\Services
2008-12-24 23:30:37 ----SD---- E:\WINDOWS\Tasks
2008-12-24 23:30:37 ----A---- E:\WINDOWS\system32\icfgnt5.dll
2008-12-24 23:30:36 ----D---- E:\Program Files\Fichiers communs\MSSoap
2008-12-24 23:30:31 ----D---- E:\WINDOWS\srchasst
2008-12-24 23:30:29 ----D---- E:\WINDOWS\system32\Macromed
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuweb.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wups.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wucltui.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuauserv.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuaueng1.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuaueng.dll
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuauclt1.exe
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuauclt.exe
2008-12-24 23:30:25 ----A---- E:\WINDOWS\system32\wuapi.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\qmgrprxy.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\qmgr.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\bitsprx3.dll
2008-12-24 23:30:24 ----A---- E:\WINDOWS\system32\bitsprx2.dll
2008-12-24 23:30:20 ----D---- E:\Program Files\Movie Maker
2008-12-24 23:30:14 ----A---- E:\WINDOWS\system32\safrslv.dll
2008-12-24 23:30:14 ----A---- E:\WINDOWS\system32\safrdm.dll
2008-12-24 23:30:14 ----A---- E:\WINDOWS\system32\safrcdlg.dll
2008-12-24 23:30:13 ----A---- E:\WINDOWS\system32acpldlg.dll
2008-12-24 23:30:04 ----A---- E:\WINDOWS\system32\fltmc.exe
2008-12-24 23:30:04 ----A---- E:\WINDOWS\system32\fltlib.dll
2008-12-24 23:30:03 ----D---- E:\WINDOWS\system32\Restore
2008-12-24 23:30:03 ----A---- E:\WINDOWS\system32\srrstr.dll
2008-12-24 23:30:02 ----A---- E:\WINDOWS\system32\srsvc.dll
2008-12-24 23:30:02 ----A---- E:\WINDOWS\system32\srclient.dll
2008-12-24 23:30:00 ----A---- E:\WINDOWS\system32\mnmdd.dll
2008-12-24 23:30:00 ----A---- E:\WINDOWS\system32\isrdbg32.dll
2008-12-24 23:30:00 ----A---- E:\WINDOWS\system32\ils.dll
2008-12-24 23:29:59 ----A---- E:\WINDOWS\system32
mmkcert.dll
2008-12-24 23:29:59 ----A---- E:\WINDOWS\system32\msconf.dll
2008-12-24 23:29:59 ----A---- E:\WINDOWS\system32\mnmsrvc.exe
2008-12-24 23:29:52 ----D---- E:\Program Files\NetMeeting
2008-12-24 23:29:52 ----A---- E:\WINDOWS\system32\msoert2.dll
2008-12-24 23:29:52 ----A---- E:\WINDOWS\system32\msoeacct.dll
2008-12-24 23:29:50 ----A---- E:\WINDOWS\system32\inetres.dll
2008-12-24 23:29:49 ----A---- E:\WINDOWS\system32\inetcomm.dll
2008-12-24 23:29:46 ----D---- E:\Program Files\Outlook Express
2008-12-24 23:29:46 ----A---- E:\WINDOWS\system32\schedsvc.dll
2008-12-24 23:29:45 ----A---- E:\WINDOWS\system32\mstinit.exe
2008-12-24 23:29:45 ----A---- E:\WINDOWS\system32\mstask.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\isign32.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\inetcfg.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\icwphbk.dll
2008-12-24 23:29:44 ----A---- E:\WINDOWS\system32\icwdial.dll
2008-12-24 23:29:34 ----D---- E:\Program Files\Fichiers communs\System
2008-12-24 23:29:33 ----D---- E:\Program Files\Internet Explorer
2008-12-24 23:29:06 ----D---- E:\Program Files\ComPlus Applications
2008-12-24 23:29:04 ----A---- E:\WINDOWS\vbaddin.ini
2008-12-24 23:29:04 ----A---- E:\WINDOWS\vb.ini
2008-12-24 23:29:01 ----D---- E:\WINDOWS\Registration
2008-12-24 23:28:56 ----D---- E:\Program Files\Windows Media Player
2008-12-24 23:28:56 ----D---- E:\Program Files\Online Services
2008-12-24 23:28:48 ----D---- E:\Program Files\Messenger
2008-12-24 23:28:36 ----D---- E:\Program Files\MSN Gaming Zone
2008-12-24 23:28:36 ----A---- E:\WINDOWS\system32\write.exe
2008-12-24 23:28:21 ----A---- E:\WINDOWS\system32\sndvol32.exe
2008-12-24 23:28:20 ----A---- E:\WINDOWS\system32\hticons.dll
2008-12-24 23:28:20 ----A---- E:\WINDOWS\system32\avwav.dll
2008-12-24 23:28:19 ----A---- E:\WINDOWS\system32\avtapi.dll
2008-12-24 23:28:19 ----A---- E:\WINDOWS\system32\avmeter.dll
2008-12-24 23:28:18 ----A---- E:\WINDOWS\system32\winchat.exe
2008-12-24 23:28:02 ----A---- E:\WINDOWS\system32\getuname.dll
2008-12-24 23:28:02 ----A---- E:\WINDOWS\system32\charmap.exe
2008-12-24 23:28:01 ----A---- E:\WINDOWS\system32\calc.exe
2008-12-24 23:28:00 ----A---- E:\WINDOWS\system32\sol.exe
2008-12-24 23:27:59 ----A---- E:\WINDOWS\system32\winmine.exe
2008-12-24 23:27:59 ----A---- E:\WINDOWS\system32\mshearts.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32\usrlogon.cmd
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	sshutdn.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	slabels.ini
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	skill.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	sdiscon.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32	scon.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32eset.exe
2008-12-24 23:27:58 ----A---- E:\WINDOWS\system32\freecell.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\shadow.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32winsta.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32egini.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32dpcfgex.dll
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\qwinsta.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\qappsrv.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\msg.exe
2008-12-24 23:27:57 ----A---- E:\WINDOWS\system32\logoff.exe
2008-12-24 23:27:56 ----A---- E:\WINDOWS\system32\msdtcprf.ini
2008-12-24 23:27:56 ----A---- E:\WINDOWS\system32\cdmodem.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\mtxlegih.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\mtxex.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\mtxdm.dll
2008-12-24 23:27:55 ----A---- E:\WINDOWS\system32\dcomcnfg.exe
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\stclient.dll
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\comsnap.dll
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\comrepl.dll
2008-12-24 23:27:54 ----A---- E:\WINDOWS\system32\comaddin.dll
2008-12-24 23:27:47 ----A---- E:\WINDOWS\system32\wmimgmt.msc
2008-12-24 23:27:33 ----D---- E:\Program Files\MSN
2008-12-24 23:27:31 ----A---- E:\WINDOWS\system32\accwiz.exe
2008-12-24 23:27:30 ----A---- E:\WINDOWS\system32\sndrec32.exe
2008-12-24 23:27:30 ----A---- E:\WINDOWS\system32\mplay32.exe
2008-12-24 23:27:29 ----A---- E:\WINDOWS\system32\hypertrm.dll
2008-12-24 23:27:28 ----D---- E:\Program Files\Windows NT
2008-12-24 23:27:28 ----A---- E:\WINDOWS\system32\mspaint.exe
2008-12-24 23:27:27 ----A---- E:\WINDOWS\system32\clipbrd.exe
2008-12-24 23:27:26 ----A---- E:\WINDOWS\system32	scfgwmi.dll
2008-12-24 23:27:26 ----A---- E:\WINDOWS\system32\spider.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32\sessmgr.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32emotepg.dll
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32dshost.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32dsaddin.exe
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32dchost.dll
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32\mstscax.dll
2008-12-24 23:27:25 ----A---- E:\WINDOWS\system32\mstsc.exe
2008-12-24 23:27:24 ----A---- E:\WINDOWS\system32	scupgrd.exe
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32	ermsrv.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32dpwsx.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32dpsnd.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32dpclip.exe
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32\qprocess.exe
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32\icaapi.dll
2008-12-24 23:27:23 ----A---- E:\WINDOWS\system32\cfgbkend.dll
2008-12-24 23:27:22 ----D---- E:\WINDOWS\system32\MsDtc
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\xolehlp.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\mtxoci.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\msdtcuiu.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\msdtctm.dll
2008-12-24 23:27:22 ----A---- E:\WINDOWS\system32\msdtcprx.dll
2008-12-24 23:27:21 ----A---- E:\WINDOWS\system32\msdtclog.dll
2008-12-24 23:27:21 ----A---- E:\WINDOWS\system32\msdtc.exe
2008-12-24 23:27:20 ----D---- E:\WINDOWS\system32\Com
2008-12-24 23:27:20 ----A---- E:\WINDOWS\system32\colbact.dll
2008-12-24 23:27:20 ----A---- E:\WINDOWS\system32\clbcatex.dll
2008-12-24 23:27:20 ----A---- E:\WINDOWS\system32\catsrvps.dll
2008-12-24 23:27:19 ----A---- E:\WINDOWS\system32\catsrvut.dll
2008-12-24 23:27:19 ----A---- E:\WINDOWS\system32\catsrv.dll
2008-12-24 23:27:18 ----A---- E:\WINDOWS\system32\comsvcs.dll
2008-12-24 23:27:17 ----A---- E:\WINDOWS\system32\comuid.dll
2008-12-24 23:27:16 ----A---- E:\WINDOWS\system32\clbcatq.dll
2008-12-24 23:27:01 ----A---- E:\WINDOWS\system32\servdeps.dll
2008-12-24 23:27:00 ----A---- E:\WINDOWS\system32\mmfutil.dll
2008-12-24 23:27:00 ----A---- E:\WINDOWS\system32\licwmi.dll
2008-12-24 23:27:00 ----A---- E:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-01-06 15:41:48 ----A---- E:\WINDOWS\win.ini
2009-01-06 15:41:48 ----A---- E:\WINDOWS\system.ini
2008-12-12 18:02:12 ----A---- E:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; E:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ntiopnp;ntiopnp; E:\WINDOWS\system32\drivers
tiopnp.sys [2007-02-12 12800]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; E:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; E:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-24 21419]
R3 avgntflt;avgntflt; \??\E:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; E:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2003-11-30 12288]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS
v4_mini.sys [2008-12-02 6209536]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS
vnetbus.sys [2008-08-01 22016]
R3 PAC207;SoC PC-Camera; E:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 RT73;RT73 USB Wireless LAN Card Driver; E:\WINDOWS\system32\DRIVERSt73.sys [2006-12-21 429440]
R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 ssmdrv;ssmdrv; E:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
S3 aat2bdcu;aat2bdcu; E:\WINDOWS\system32\drivers\aat2bdcu.sys []
S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; E:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; E:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 CPUCooLServer;CPUCooLServer Service; E:\Program Files\CPUCooL\CooLSrv.exe [2007-07-31 118784]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2008-12-28 152984]
R2 NVSv

Destrio5 · Answer

---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous : 






:processes
explorer.exe 

:files
E:\WINDOWS\system32\winsys2.exe

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2]

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]






---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Utilisateur anonyme · Answer

Voila alors au démarage un message d'erreur s'affiche 

tire du message : avgnt.exe - composant introuvable

texte du message : cette application n'a pas pu démarrer car mfc71u.dll est introuvable. La réinstallation de cette application peut coriger ce problème 


et le rapport de OTMoveIt3 s'ouvre : 
 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
E:\WINDOWS\system32\WinSys2.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2\ deleted successfully.
========== COMMANDS ==========
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\NM.exe scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\NotifyIcon.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\ShutdownAllow.dll scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\hsperfdata_hackeu\348 scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\hsperfdata_hackeu\828 scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp\etilqs_TGb8EHGXLIp29XqhJCsP scheduled to be deleted on reboot.
File delete failed. E:\DOCUME~1\hackeu\LOCALS~1\Temp
sf2.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. E:\WINDOWS	emp\Perflib_Perfdata_3b4.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\urlclassifier3.sqlite-journal scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
 
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01062009_172440

Files moved on Reboot...
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\NM.exe moved successfully.
DllUnregisterServer procedure not found in E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\NotifyIcon.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\NotifyIcon.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\NotifyIcon.dll moved successfully.
DllUnregisterServer procedure not found in E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\ShutdownAllow.dll
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\ShutdownAllow.dll NOT unregistered.
E:\DOCUME~1\hackeu\LOCALS~1\Temp
sv3.tmp\ShutdownAllow.dll moved successfully.
File E:\DOCUME~1\hackeu\LOCALS~1\Temp\hsperfdata_hackeu\348 not found!
File E:\DOCUME~1\hackeu\LOCALS~1\Temp\hsperfdata_hackeu\828 not found!
File E:\DOCUME~1\hackeu\LOCALS~1\Temp\etilqs_TGb8EHGXLIp29XqhJCsP not found!
File E:\DOCUME~1\hackeu\LOCALS~1\Temp
sf2.tmp not found!
File move failed. E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File E:\WINDOWS	emp\Perflib_Perfdata_3b4.dat not found!
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_001_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_002_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_003_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\Cache\_CACHE_MAP_ moved successfully.
E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\urlclassifier3.sqlite moved successfully.
File E:\Documents and Settings\hackeu\Local Settings\Application Data\Mozilla\Firefox\Profiles\dl1riaq1.default\urlclassifier3.sqlite-journal not found!

Destrio5 · Answer

---> Menu Démarrer > Exécuter > Tape cmd et valide.

---> Dans la fenêtre noire, tape sfc /scannow et valide.

Utilisateur anonyme · Answer

ok je le fait sa charge les fichier sur a partir du cd de windows

Utilisateur anonyme · Answer

voila c'est terminé : )

Utilisateur anonyme · Answer

voila c'est terminé

Destrio5 · Answer

Toujours l'erreur au démarrage ?

Utilisateur anonyme · Answer

j'ai pas redémarer encor mais si il y a une erreur de dll je le chercheré sur internet et le rajoutré moi méme : ) 

merci pour tout : D

Destrio5 · Answer

- Fais un scan en ligne ici https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (Avec Internet Explorer).

- En bas à droite, clique sur Démarrer Online-scanner.

- Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.

- Accepte les Contrôles ActiveX.

- Choisis Poste de travail pour le scan.

- Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.

- Pour t'aider à utiliser le scan en ligne :
https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId291566

NOTE : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

Virus

35 réponses

Discussions similaires