Sujet Précédent Sujet Suivant

Pop up intenpestif site "Sagipsul"

Fermé
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 - 8 janv. 2009 à 21:57
 mik - 10 janv. 2009 à 21:36
Bonjour,
comme le dit le sujet depuis quelque heure j'ai une fenetre mozilla qui s'ouvre toute seule sur le site "Sagipsul"

j'ai passé un scan avec "HijackThis" et voici le rapport et je remercie d'avance les personne qui vont m'aider

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:19, on 08/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\Douglas\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
J:\AvP.exe
J:\AvP.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Douglas\Bureau\VundoFix.exe
C:\Documents and Settings\Douglas\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [3c441de6] rundll32.exe "C:\WINDOWS\system32\vocyjlyc.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer ePower Management.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Douglas\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: wbsys.dll C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL lfeosz.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:

15 réponses

Réponse 1 / 15
Utilisateur anonyme
8 janv. 2009 à 22:02
Salut,

* Telecharges Malwarebytes :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Mbam se met à jour automatiquement à la fin du scan, laisses faire
* Une fois telechargé, fermes tous les programmes en cours
--> lances mbam et cliques sur recherche
(--> executes un examen rapide du pc
* A la fin clique sur Afficher les resutats.
* Puis supprmer la selection.
* Un rapport sera généré, poste le
0
Réponse 2 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
8 janv. 2009 à 22:17
hello
voilas le rapport


Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1632
Windows 5.1.2600 Service Pack 2

08/01/2009 22:17:10
mbam-log-2009-01-08 (22-17-09).txt

Type de recherche: Examen rapide
Eléments examinés: 65646
Temps écoulé: 5 minute(s), 14 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 50
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 28

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\vocyjlyc.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ljJBsPHA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\urqrOfeB.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\wsbthveu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\lfeosz.dll (Trojan.Vundo.H) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12c7b4f6-8e31-411b-9b46-e104dcff2f0c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{12c7b4f6-8e31-411b-9b46-e104dcff2f0c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqrofeb (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9133d342-71e9-4a48-baf5-63c91945ef5b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9133d342-71e9-4a48-baf5-63c91945ef5b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa2668e7-8043-44a4-b40a-02b1119b557b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aa2668e7-8043-44a4-b40a-02b1119b557b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{12c7b4f6-8e31-411b-9b46-e104dcff2f0c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9133d342-71e9-4a48-baf5-63c91945ef5b} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{aa2668e7-8043-44a4-b40a-02b1119b557b} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3c441de6 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjbspha -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjbspha -> Delete on reboot.

Dossier(s) infecté(s):
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\ljJBsPHA.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\AHPsBJjl.ini (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\AHPsBJjl.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqrOfeB.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\lfeosz.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nnnoPFut.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuFPonnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuFPonnn.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rkbklmpn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\npmlkbkr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vocyjlyc.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\cyljycov.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsbthveu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oyuhmqpi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jemcwi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqNHyXR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Local Settings\Temporary Internet Files\Content.IE5\VT3SHUDH\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Local Settings\Temporary Internet Files\Content.IE5\C5MF89AV\index[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Douglas\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvsrOhG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
0
Réponse 3 / 15
Utilisateur anonyme
8 janv. 2009 à 22:23
Ok,
Ouvres Malwarebytes et cliques sur Quarantaine, supprimes tout
si il faut redemarrer l'ordi, fais le.
*je te donnes la suite, postes un nouveau rapport hijacktjis.
0
Réponse 4 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
8 janv. 2009 à 22:27
voilas j'ai pas eu besoin de redémarrer
voilas le rapport demandé


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:37, on 08/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\Douglas\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
J:\AvP.exe
J:\AvP.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Douglas\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer ePower Management.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Douglas\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: wbsys.dll C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL lfeosz.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
Utilisateur anonyme
8 janv. 2009 à 22:46
Re,

* Telecharges ComboFix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Desactives ton antivirus et les garde ton antispyware /!\.
*Deconnectes toi et fermes toutes les programmes en cours.
*Double-cliques sur l'icone de ton bureau
---> un pop up apparait ---> cliques sur oui.
*Note :( Il est conseillé d'installer la console de recuperation avant l'utilisation de l'outil)
* Choisis la langue et tapes sur la touche 1 (yes) pour demarrer le scan.
/!\ Ne touche ni à la souris, ni au clavier pendant le scan, au risque de
figer l'ordi /!\.

* A la fin du scan, il est possible que ComboFix ait besoin de redemarrer le
pc pour finaliser la desinfection, laisses le faire.
* Un rapport est généré, reactives ton antivirus et postes le;

*Note: le rapport se trouve aussi là : C:\Combofix.txt
0
Réponse 6 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
8 janv. 2009 à 23:21
voilas il a mis le temp mais c'est fait

voici le rapport

ComboFix 09-01-08.01 - Douglas 2009-01-08 23:01:54.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.895.339 [GMT 1:00]
LancÚ depuis: c:\documents and settings\Douglas\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\AHPsBJjl.ini
c:\windows\system32\AHPsBJjl.ini2
c:\windows\system32\esnhgucq.ini
c:\windows\system32\lfeosz.dll
c:\windows\system32\ljJBsPHA.dll
c:\windows\system32\urqrOfeB.dll
c:\windows\system32\vocyjlyc.dll
c:\windows\system32\wsbthveu.dll
c:\windows\Temp\log.txt
H:\Autorun.inf

----- BITS: Il y a peut-être des sites infectés -----

hxxp://childhe.com
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-08 au 2009-01-08 ))))))))))))))))))))))))))))))))))))
.

2009-01-08 22:50 . 2009-01-08 22:50 <REP> d-------- C:\$WIN_NT$.~BT
2009-01-08 22:50 . 2004-08-10 05:00 471,012 --a------ C:\txtsetup.sif
2009-01-08 22:50 . 2004-08-10 05:00 263,488 --a------ C:\$LDR$
2009-01-08 22:09 . 2009-01-08 22:09 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-08 22:09 . 2009-01-08 22:09 <REP> d-------- c:\documents and settings\Douglas\Application Data\Malwarebytes
2009-01-08 22:09 . 2009-01-08 22:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-08 22:09 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-08 22:09 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-08 21:46 . 2009-01-08 21:46 <REP> d-------- C:\VundoFix Backups
2009-01-08 21:36 . 2009-01-08 21:36 <REP> d-------- c:\program files\Navilog1
2009-01-08 14:46 . 2009-01-08 14:46 <REP> d-------- c:\documents and settings\All Users\Application Data\TrackMania
2009-01-08 12:45 . 2009-01-08 12:45 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-08 12:45 . 2009-01-08 12:45 1,409 --a------ c:\windows\QTFont.for
2009-01-08 10:04 . 2009-01-08 21:24 151,641 --a------ c:\windows\system32\xpsf1.exe
2009-01-08 00:22 . 2009-01-08 00:22 103,424 --a------ c:\windows\system32\tzpqlo.dll
2009-01-08 00:21 . 2009-01-08 00:22 103,424 --a------ c:\windows\system32\egpycfgc.dll
2009-01-05 12:33 . 2009-01-06 22:00 43,520 --a------ c:\windows\system32\CmdLineExt03.dll
2009-01-05 12:20 . 2009-01-05 12:20 <REP> d-------- c:\program files\Sierra
2008-12-26 22:55 . 2008-12-26 22:55 98,304 --a------ c:\windows\system32CmdLineExt.dll
2008-12-26 11:06 . 2008-12-26 11:06 <REP> d-------- c:\program files\TrackMania Sunrise
2008-12-25 17:13 . 2008-12-25 17:13 <REP> d-------- c:\documents and settings\Douglas\Application Data\Command & Conquer 3 Les guerres du Tiberium
2008-12-10 23:31 . 2008-12-10 23:31 7,694 --a------ c:\windows\system32\ealregsnapshot1.reg
2008-12-08 19:09 . 2008-12-08 19:09 <REP> d-------- c:\program files\SimCity 4
2008-12-08 15:58 . 2008-12-08 15:58 <REP> d-------- c:\program files\Maxis
2008-12-08 15:58 . 2008-12-08 15:58 532 --a------ c:\windows\eReg.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-12 17:29 3,088,384 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-10 23:46 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2008-12-06 10:23 --------- d-----w c:\documents and settings\Douglas\Application Data\SPORE
2008-12-06 10:16 --------- d-----w c:\program files\Electronic Arts
2008-11-26 07:54 --------- d-----w c:\program files\18 WoS Pedal to the Metal
2008-11-21 21:46 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-11-21 21:46 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-11-16 14:24 --------- d-----w c:\program files\HOJY TECH
2008-11-13 15:18 --------- d-----w c:\program files\Picasa2
2008-11-13 15:17 --------- d-----w c:\program files\Western Digital Technologies
2008-11-11 11:33 --------- d-----w c:\documents and settings\All Users\Application Data\Tages
2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-15 17:59 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 14:18 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
2006-11-27 22:15 251 ----a-w c:\program files\wt3d.ini
2008-11-13 15:18 133,120 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2008-01-24 21:28 61 --sh--w c:\windows\cnerolf.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-08-08 634880]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-06-07 208896]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_08\bin\jusched.exe" [2006-07-26 49263]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-12-27 590848]
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-13 1862144]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"nwiz"="nwiz.exe" [2006-07-20 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2007-10-25 219136]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Acer ePower Management.lnk - c:\acer\Empowering Technology\ePower\ePower_DMC.exe [2006-11-16 438272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 23:34 24576 c:\program files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.msrt24"= msrt24.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0[/u]OODBS

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\System32\\dpnsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"d:\\Jeux\\the settlers\\base\\bin\\Settlers6.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-07-05 63352]
R4 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [2006-11-16 17664]
R4 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [2006-11-16 90112]
R4 LockServ;LockServ;c:\acer\Empowering Technology\eLock\LockServ.exe -p --> c:\acer\Empowering Technology\eLock\LockServ.exe -p [?]
S3 epindd;epindd;c:\windows\system32\drivers\EPINDD.SYS [2006-11-16 8448]
S3 Fadpu16E;Fadpu16E;\??\c:\docume~1\Douglas\LOCALS~1\Temp\Fadpu16E.sys --> c:\docume~1\Douglas\LOCALS~1\Temp\Fadpu16E.sys [?]
S3 SaiH075C;SaiH075C;c:\windows\system32\drivers\SaiH075C.sys [2008-04-11 176640]
S3 SWUSBFLT;Pilote de filtre Microsoft SideWinder VIA;c:\windows\system32\drivers\SWUSBFLT.SYS [2007-05-14 3968]
S4 AutoSyncService;Memeo AutoSync service;c:\program files\Memeo\AutoSync\MemeoService.exe [2007-07-06 31768]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{190c08e8-ad73-11db-88a2-0016d34a569f}]
\Shell\AutoRun\command - J:\load.exe /CDROM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20fb411c-7809-11db-881a-0016d34a569f}]
\Shell\AutoRun\command - F:\load.exe /CDROM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4b3593a-a8a3-11db-8897-0016d34a569f}]
\Shell\AutoRun\command - F:\load.exe /CDROM

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe39bc8e-a8b0-11db-8898-0016d34a569f}]
\Shell\AutoRun\command - F:\load.exe /CDROM
.
Contenu du dossier 'Tâches planifiées'

2008-12-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-01-08 c:\windows\Tasks\uxfgjuuc.job
- c:\windows\system32\rundll32.exe [2004-08-19 16:10]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{12C7B4F6-8E31-411B-9B46-E104DCFF2F0C} - c:\windows\system32\ljJBsPHA.dll
Notify-msldr32 - msldr32.dll


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.shareazaweb.com/be/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Douglas\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
FF - ProfilePath - c:\documents and settings\Douglas\Application Data\Mozilla\Firefox\Profiles\gtmdjw3l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Java\jre1.5.0_08\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_08\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_08\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_08\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_08\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_08\bin\NPJPI150_08.dll
FF - plugin: c:\program files\Java\jre1.5.0_08\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-08 23:12:30
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=

[HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Electronic Arts\S*NULL*P*NULL*O*NULL*R*NULL*E*NULL*"!]
"Order"=hex:08,00,00,00,02,00,00,00,88,02,00,00,01,00,00,00,05,00,00,00,78,00,\
00,00,00,00,00,00,6a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,58,00,32,\
00,ea,07,00,00,8a,39,62,bd,20,00,41,49,44,45,45,41,7e,31,2e,4c,4e,4b,00,00,\
2e,00,03,00,04,00,ef,be,86,39,bb,52,94,39,00,b8,14,00,00,00,41,00,69,00,64,\
00,65,00,20,00,45,00,41,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,9a,00,00,00,01,00,00,\
00,8c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7a,00,36,00,5a,07,00,00,\
8a,39,61,bd,20,00,44,00,e9,00,73,00,69,00,6e,00,74,00,61,00,6c,00,6c,00,65,\
00,72,00,20,00,53,00,44,00,03,00,04,00,ef,be,86,39,bb,52,94,39,00,b8,14,00,\
00,00,44,00,e9,00,73,00,69,00,6e,00,74,00,61,00,6c,00,6c,00,65,00,72,00,20,\
00,53,00,50,00,4f,00,52,00,45,00,22,21,2e,00,6c,00,6e,00,6b,00,00,00,28,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,28,00,00,00,00,00,00,00,00,00,7a,00,00,\
00,02,00,00,00,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,\
66,05,00,00,8a,39,61,bd,20,00,4c,49,53,45,5a,4d,4f,49,2e,4c,4e,4b,00,00,30,\
00,03,00,04,00,ef,be,86,39,bb,52,94,39,00,b8,14,00,00,00,4c,00,69,00,73,00,\
65,00,7a,00,4d,00,6f,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7c,00,00,00,04,00,\
00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,32,00,00,06,00,\
00,8a,39,61,bd,20,00,53,50,4f,52,45,43,7e,31,2e,4c,4e,4b,00,00,32,00,03,00,\
04,00,ef,be,8a,39,61,bd,94,39,00,b8,14,00,00,00,53,00,70,00,6f,00,72,00,65,\
00,2e,00,63,00,6f,00,6d,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,74,00,00,00,03,00,00,\
00,66,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,54,00,32,00,fc,06,00,00,\
8a,39,60,bd,20,00,53,50,4f,52,45,54,2e,4c,4e,4b,00,00,2c,00,03,00,04,00,ef,\
be,86,39,bb,52,94,39,00,b8,14,00,00,00,53,00,50,00,4f,00,52,00,45,00,22,21,\
2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1a,\
00,00,00,00,00,00,00,00,00

[HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\jeux2\Strategie\Electronic Arts\C*NULL*o*NULL*m*NULL*m*NULL*a*NULL*n*NULL*d*NULL* *NULL*&*NULL* *NULL*C*NULL*o*NULL*n*NULL*q*NULL*u*NULL*e*NULL*r*NULL* *NULL*3*NULL* *NULL*L*NULL*e*NULL*s*NULL* *NULL*g*NULL*u*NULL*e*NULL*r*NULL*r*NULL*e*NULL*s*NULL* *NULL*d*NULL*u*NULL* *NULL*T*NULL*i*NULL*b*NULL*e*NULL*r*NULL*i*NULL*u*NULL*m*NULL*"!]
"Order"=hex:08,00,00,00,02,00,00,00,2c,03,00,00,01,00,00,00,04,00,00,00,72,00,\
00,00,00,00,00,00,64,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,52,00,31,\
00,00,00,00,00,99,39,8a,81,10,00,41,53,53,49,53,54,7e,31,00,00,2c,00,03,00,\
04,00,ef,be,99,39,8a,81,98,39,00,b8,14,00,00,00,41,00,73,00,73,00,69,00,73,\
00,74,00,61,00,6e,00,63,00,65,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,\
00,00,18,00,00,00,00,00,00,00,00,00,e8,00,00,00,01,00,00,00,da,00,00,00,41,\
75,67,4d,02,00,00,00,01,00,00,00,c8,00,32,00,5f,04,00,00,99,39,8a,81,20,00,\
43,4f,4d,4d,41,4e,7e,31,2e,4c,4e,4b,00,00,9e,00,03,00,04,00,ef,be,99,39,8a,\
81,9d,39,00,b8,14,00,00,00,43,00,6f,00,6d,00,6d,00,61,00,6e,00,64,00,20,00,\
26,00,20,00,43,00,6f,00,6e,00,71,00,75,00,65,00,72,00,20,00,33,00,20,00,4c,\
00,65,00,73,00,20,00,67,00,75,00,65,00,72,00,72,00,65,00,73,00,20,00,64,00,\
75,00,20,00,54,00,69,00,62,00,65,00,72,00,69,00,75,00,6d,00,22,21,20,00,43,\
00,65,00,6e,00,74,00,72,00,65,00,20,00,64,00,65,00,20,00,63,00,6f,00,6e,00,\
74,00,72,00,f4,00,6c,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,e8,00,00,00,02,00,\
00,00,da,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,c8,00,36,00,59,02,00,\
00,99,39,8a,81,20,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,\
6c,00,65,00,72,00,20,00,92,00,03,00,04,00,ef,be,99,39,8a,81,9d,39,00,b8,14,\
00,00,00,44,00,e9,00,73,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,65,00,\
72,00,20,00,43,00,6f,00,6d,00,6d,00,61,00,6e,00,64,00,20,00,26,00,20,00,43,\
00,6f,00,6e,00,71,00,75,00,65,00,72,00,20,00,33,00,20,00,4c,00,65,00,73,00,\
20,00,67,00,75,00,65,00,72,00,72,00,65,00,73,00,20,00,64,00,75,00,20,00,54,\
00,69,00,62,00,65,00,72,00,69,00,75,00,6d,00,22,21,2e,00,6c,00,6e,00,6b,00,\
00,00,28,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,28,00,00,00,00,00,00,00,00,\
00,de,00,00,00,03,00,00,00,d0,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,\
be,00,36,00,9f,03,00,00,99,39,8a,81,20,00,4a,00,6f,00,75,00,65,00,72,00,20,\
00,e0,00,20,00,43,00,6f,00,6d,00,6d,00,61,00,88,00,03,00,04,00,ef,be,99,39,\
8a,81,9d,39,00,b8,14,00,00,00,4a,00,6f,00,75,00,65,00,72,00,20,00,e0,00,20,\
00,43,00,6f,00,6d,00,6d,00,61,00,6e,00,64,00,20,00,26,00,20,00,43,00,6f,00,\
6e,00,71,00,75,00,65,00,72,00,20,00,33,00,20,00,4c,00,65,00,73,00,20,00,67,\
00,75,00,65,00,72,00,72,00,65,00,73,00,20,00,64,00,75,00,20,00,54,00,69,00,\
62,00,65,00,72,00,69,00,75,00,6d,00,22,21,2e,00,6c,00,6e,00,6b,00,00,00,28,\
00,0e,00,00,00,0a,00,ef,be,00,00,00,00,28,00,00,00,00,00,00,00,00,00

[HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\jeux2\Strategie\Electronic Arts\S*NULL*P*NULL*O*NULL*R*NULL*E*NULL*"!]
"Order"=hex:08,00,00,00,02,00,00,00,88,02,00,00,01,00,00,00,05,00,00,00,78,00,\
00,00,00,00,00,00,6a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,58,00,32,\
00,ea,07,00,00,8a,39,62,bd,20,00,41,49,44,45,45,41,7e,31,2e,4c,4e,4b,00,00,\
2e,00,03,00,04,00,ef,be,86,39,bb,52,9d,39,00,b8,14,00,00,00,41,00,69,00,64,\
00,65,00,20,00,45,00,41,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,9a,00,00,00,01,00,00,\
00,8c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7a,00,36,00,5a,07,00,00,\
8a,39,61,bd,20,00,44,00,e9,00,73,00,69,00,6e,00,74,00,61,00,6c,00,6c,00,65,\
00,72,00,20,00,53,00,44,00,03,00,04,00,ef,be,86,39,bb,52,9d,39,00,b8,14,00,\
00,00,44,00,e9,00,73,00,69,00,6e,00,74,00,61,00,6c,00,6c,00,65,00,72,00,20,\
00,53,00,50,00,4f,00,52,00,45,00,22,21,2e,00,6c,00,6e,00,6b,00,00,00,28,00,\
0e,00,00,00,0a,00,ef,be,00,00,00,00,28,00,00,00,00,00,00,00,00,00,7a,00,00,\
00,02,00,00,00,6c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5a,00,32,00,\
66,05,00,00,8a,39,61,bd,20,00,4c,49,53,45,5a,4d,4f,49,2e,4c,4e,4b,00,00,30,\
00,03,00,04,00,ef,be,86,39,bb,52,9d,39,00,b8,14,00,00,00,4c,00,69,00,73,00,\
65,00,7a,00,4d,00,6f,00,69,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,7c,00,00,00,03,00,\
00,00,6e,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5c,00,32,00,00,06,00,\
00,8a,39,61,bd,20,00,53,50,4f,52,45,43,7e,31,2e,4c,4e,4b,00,00,32,00,03,00,\
04,00,ef,be,8a,39,61,bd,9d,39,00,b8,14,00,00,00,53,00,70,00,6f,00,72,00,65,\
00,2e,00,63,00,6f,00,6d,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,74,00,00,00,04,00,00,\
00,66,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,54,00,32,00,fc,06,00,00,\
8a,39,60,bd,20,00,53,50,4f,52,45,54,2e,4c,4e,4b,00,00,2c,00,03,00,04,00,ef,\
be,86,39,bb,52,9d,39,00,b8,14,00,00,00,53,00,50,00,4f,00,52,00,45,00,22,21,\
2e,00,6c,00,6e,00,6b,00,00,00,1a,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1a,\
00,00,00,00,00,00,00,00,00

[HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*NULL*]
"??"=hex:0d,f0,c4,4a,18,6e,58,c0,59,8f,cc,60,d8,96,3a,be,69,3d,cd,68,ac,a9,5a,\
58,3b,71,e2,68,25,6b,ef,79,11,4d,de,8b,12,3f,e7,fb,5a,48,05,ff,f9,08,20,2a,\
bd,6a,bc,c2,fa,24,0e,05,96,3d,97,73,33,81,81,c3,68,cf,56,79,4b,80,58,3a,c6,\
ab,26,f1,5e,09,5f,e4,a0,ed,11,01,50,74,73,54,8c,1f,62,b0,90,b2,bf,2e,45,3f,\
60,00,e3,88,72,64,19,b8,0b,b1,ab,e3,70,4e,e2,db,ac,2f,7a,bb,a7,05,3a,7d,b9,\
68,d8,e1,b0,43,da,11,5b,28,dc,df,a1,c0,42,41,83,75,64,e0,e4,91,c4,6e,dd,fd,\
10,56,25,3f,7d,d7,c6,f1,9b,18,a5,e5,82,5a,a4,11,0b,ea,2b,eb,db,2a,0b,91,70,\
f5,be,a3,eb,a9,5b,d5,77,ae,08,a7,6a,ab,e9,2a,64,73,2c,48,ef,78,03,e9,49,7a,\
ff,9d,9d,3f,3e,20,be,a2,18,85,d5,15,35,02,16,73,e7,f5,27,06,7d,1d,b3,a4,71,\
78,a8,df,f7,61,ad,a6,55,94,f1,7b,b7,ea,ac,0b,05,04,cb,77,20,13,63,3c,a5,71,\
8a,0d,4e,1c,c1,71,d2,ad,3f,0b,fc,b9,ac,69,3b,c4,91,e9,9a,5f,2f,6c,34,b1,7f,\
a6,2c,9f,ac,da,3b,71,8e,23,44,11,9a,7b,fe,3a,12,cc,78,b2,4d,39,4d,c3,47,3c,\
6f,22,2e,91,b1,a8,e8,cd,0a,98,80,ac,d8,ef,ba,31,36,dd,de,35,de,8d,f8,65,db,\
4e,cb,80,b7,ba,28,0b,b0,a7,92,12,1f,88,40,04,97,f7,80,47,06,11,fe,71,98,ed,\
bf,1e,ec,c9,98,95,6a,60,86,02,8c,34,35,ab,de,be,76,a9,4c,58,c4,e3,68,c2,39,\
75,f4,1b,08,87,d7,cb,3a,23,14,e4,9e,03,72,90,29,49,f4,7f,75,7b,e3,17,34,c4,\
cb,48,43,a1,a0,6d,67,f2,e6,f9,07,2f,52,54,a5,f2,dd,45,12,9b,90,c5,9a,a7,56,\
92,f4,b3,4a,0d,dd,0c,db,b3,25,ae,34,b5,05,9f,fa,d3,ab,bb,0c,9d,7f,fa,ce,9f,\
1e,32,f6,31,42,05,b4,15,ff,64,e3,2f,30,96,d6,af,ef,36,4f,95,45,4f,4f,ea,6c,\
a7,92,84,b2,92,ac,e9,0e,4f,36,06,03,e6,0e,68,cb,dd,af,58,7a,b1,18,66,bc,b0,\
de,1e,9e,a1,9c,4c,34,a4,7a,98,e5,ba,87,e6,3b,ce,21,6c,60,06,93,84,c0,49,1d,\
dd,49,90,4d,50,8d,42,1f,c1,19,f9,37,ed,e7,a0,2a,5f,71,49,71,3c,d9,7f,af,03,\
e2,21,51,1f,6e,6e,01,05,f4,ca,cf,3b,53,c9,1b,be,ee,ee,59,42,0a,d3,e7,56,46,\
c8,ec,b9,23,a0,58,b6,a7,df,23,32,ae,30,e2,c4,96,40,a8,12,4e,3c,99,5f,d3,89,\
b4,ac,cd,c7,63,a0,a3,ba,6b,eb,4d,b0,f6,69,fd,1c,d2,8c,17,14,37,9b,a7,d6,57,\
5f,b9,f7,0a,c9,6a,91,56,b9,db,a9,be,46,af,fe,d5,16,5e,c3,27,7a,39,95,f5,1c,\
b1,2a,9b,19,fe,b9,8d,89,44,54,aa,d3,76,7b,36,69,2a,bd,29,47,34,3f,2c,3f,57,\
82,35,a3,18,ad,b8,fb,71,3d,e6,13,82,bb,2a,3a,5f,43,64,bf,84,2c,91,d5,18,67,\
24,8a,b8,8d,20,f1,80,a9,48,a7,b8,e8,33,44,40,9f,8f,0d,56,1e,da,ec,23,29,d8,\
2b,e4,6e,fa,2a,0e,f1,01,55,36,c3,96,43,af,6d,b4,5b,0d,1a,f0,85,96,c1,81,be,\
fe,2c,af,f9,09,c1,a0,45,14,0a,d1,a1,01,9a,76,72,4e,2d,07,09,4b,b3,40,ae,bd,\
60,e9,44,7f,73,52,66,01,f5,99,7e,af,0d,ba,bc,f9,80,68,bf,a8,6b,49,a6,97,a8,\
f8,c5,eb,d3,de,51,67,7e,c2,05,e9,fc,3a,5a,26,4d,d6,78,1d,16,91,70,dd,fa,67,\
27,52,52,8b,28,1e,0e,26,29,3a,38,f5,bf,2c,68,b8,4a,fc,7a,91,86,9f,f1,c0,e6,\
64,e3,e8,70,8d,9a,e7,5d,46,fd,49,97,87,f7,0c,9e,05,1b,13,56,39,53,2f,8d,69,\
69,f4,5d,99,19,13,3a,f8,94,18,62,d8,25,eb,61,ed,84,15,c9,c0,63,59,a0,86,21,\
ef,80,63,e0,95,28,79,1d,6b,74,29,5f,6d,05,76,6a,0a,e8,eb,d1,ad,09,0d,23,a1,\
bb,1f,ed,c2,7c,78,76,aa,6c,70,6c,be,3b,b2,d9,8e,65,1f,4e,10,28,ed,b7,96,75,\
ad,ae,8c,46,63,f3,ab,5b,73,4a,3e,f2,4c,07,02,2b,dc,28,41,4d,b5,5e,9b,4f,64,\
a7,8a,48,6b,c2,5f,a9,2d,82,4c,7a,20,39,52,fc,4d,85,47,df,66,f8,75,13,62,04,\
22,59,e7,29,44,4c,84,f8,58,87,d6,d7,c5,83,23,ed,ca,61,91,72,e6,1a,3d,91,9a,\
ef,e6,cd,f9,47,0a,5b,af,aa,06,21,be,f7,f2,5a,ed,ac,d5,42,58,e0,bd,0b,cb,ad,\
11,57,8c,1f,30,09,67,fa,09,a1,8e,57,ec,f3,fd,83,b7,ea,ae,f4,58,d4,77,e4,33,\
8e,e3,e8,06,09,d7,8e,37,00,cf,58,81,b9,76,f8,e1,6c,de,11,53,7b,68,4b,cf,2f,\
24,12,74,0f,55,be,a9,2b,9e,74,f5,c4,f0,ac,9c,e5,c3,48,8a,9a,0b,ec,19,de,29,\
64,70,d2,ea,5d,c2,d8,42,a3,db,63,bf,8c,8b,c9,87,5e,71,82,4d,9e,fe,a0,93,8a,\
1a,9b,86,73,e4,fe,64,7c,f7,c3,76,0e,6e,10,c2,78,56,da,1a,44,5c,e8,a8,7d,46,\
04,6d,0c,dd,ec,3c,09,0f,6d,47,5d,b1,91,c9,e0,ab,f8,8b,7a,55,1c,61,16,45,63,\
61,b3,a1,6e,4c,0a,aa,7d,4a,2e,bc,a8,df,e2,00,0c,f2,ae,26,1b,2a,39,d2,bf,34,\
de,b5,31,70,f3,3d,e5,a5,4e,11,88,44,4e,1f,ee,72,d6,c9,af,49,47,a1,60,2e,22,\
fa,b3,22,90,db,73,7f,6e,04,b3,6c,fb,ed,35,b7,88,04,36,64,96,df,77,e5,24,ef,\
7e,25,ac,0d,66,ca,c1,46,56,2b,63,32,fd,1f,fc,05,44,76,72,7f,28,bc,e2,c7,93,\
45,15,93,ca,6d,5f,5d,34,11,a0,05,a3,4f,b5,e8,3c,7d,81,03,dd,63,3e,81,ae,a9,\
90,9c,10,1f,8f,e4,2e,aa,be,f4,5f,e0,c0,15,e2,5d,84,c6,a3,43,ee,a4,f6,c6,00,\
bb,c1,54,a0,41,fc,e9,b6,ac,53,49,5e,3b,69,2d,55,12,59,71,b5,d2,dd,42,4d,67,\
d3,63,71,dd,06,7e,04,79,af,dc,2f,3f,ff,3c,1e,9c,91,6e,19,2b,4a,a2,e0,22,53,\
cf,86,24,aa,bb,6e,35,52,bb,a7,8c,b4,c6,07,fc,9e,4a,3d,b6,c1,03,83,20,3d,c5,\
ec,90,da,11,23,f8,c3,d4,1e,b2,ba,71,4c,46,f3,4a,0c,0c,82,26,87,62,e8,b1,01,\
a8,1d,2f,d0,fa,ca,d0,4c,00,82,96,f6,dd,54,1d,94,76,03,2a,19,34,be,36,c0,55,\
81,b6,e3,6e,c6,bd,d3,d3,5f,ad,7e,46,5c,5f,14,27,3a,41,e3,01,65,18,8e,aa,f2,\
5a,1d,6f,e0,87,89,ee,a6,39,fc,e1,81,f8,5a,e6,78,d4,b5,c0,c4,1b,13,8d,bb,b5,\
9d,07,d4,75,96,b8,5f,61,1e,fc,c5,75,b4,21,2f,6a,75,0a,8f,73,c6,a3,b0,94,80,\
44,86,6d,ec,65,fc,ee,65,67,ac,b3,6e,00,a0,d2,f7,2e,21,bf,b4,9b,db,2c,1d,27,\
aa,3b,47,ad,5e,e9,b6,ac,f3,78,5d,bc,4d,ee,15,bc,c3,f6,39,6f,5e,55,d2,84,b2,\
79,d6,0d,7f,0a,29,2c,08,1a,30,3d,39,25,c2,86,60,db,92,c6,ac,e7,10,dd,9b,77,\
fb,f4,79,5f,c7,08,ac,28,52,61,57,c9,89,96,0b,af,1d,3f,2c,2a,5a,e0,f6,ba,2a,\
e7,61,6c,66,60,e3,6d,f8,8c,2a,8a,ab,94,b2,47,31,b4,82,98,43,85,09,c9,50,94,\
a6,8e,59,14,18,24,77,2c,8c,51,97,95,c4,b6,f4,ae,45,9c,96,26,d1,45,0c,1c,c2,\
14,d2,85,45,c1,5f,01,fe,6a,df,94,af,77,9c,b7,45,e7,4e,2d,7d,e2,80,ec,aa,43,\
0b,26,47,e4,29,f0,96,0b,21,ff,e9,2d,5e,34,41,bc,58,c8,72,97,7f,24,6c,94,a4,\
96,59,83,2f,ed,bd,38,43,d2,10,ba,9a,6e,88,f8,d8,d0,41,0f,65,89,90,2e,9d,21,\
7a,67,77,73,e9,a6,c1,d8,2c,ad,f3,e1,a1,ac,be,a5,76,9b,f3,23,2c,15,59,6c,0e,\
35,b3,5a,c6,cd,33,99,de,91,42,03,6a,3e,2e,ec,1b,cf,80,14,77,a5,aa,37,85,a5,\
fa,20,39,08,67,f6,2a,da,a3,f2,11,fa,17,7e,1b,70,77,6c,da,77,31,58,ad,2c,54,\
8f,2a,17,e1,97,06,5d,d5,30,b7,8c,0d,58,16,b0,ca,ce,cf,0f,8a,ed,09,85,33,61,\
e4,5d,4c,72,45,00,a8,ff,ef,14,37,60,8d,91,13,d7,20,cd,6f,7e,63,db,b5,9e,e4,\
ea,ff,b8,02,af,04,98,72,59,6c,de,4b,bd,1d,c7,cb,a9,08,b7,66,d8,14,3c,aa,e5,\
1a,89,19,74,4d,2c,7c,01,bc,fd,4f,38,12,96,6d,6c,bc,56,28,cd,b9,90,1c,68,8f,\
92,ed,7d,48,d5,05,2e,07,ea,6d,28,35,8a,b8,c2,0b,e2,e2,96,77,5b,ca,5d,20,45,\
f0,ff,de,56,69,5c,ee,9c,ae,86,49,da,17,59,f2,c3,36,6a,fd,5f,4d,b2,a4,60,38,\
cc,2e,1f,a5,d1,c4,d6,7e,b8,92,2d,fa,92,ce,f2,da,e8,da,13,85,2c,ff,a2,c8,aa,\
f3,1a,3a,8f,ee,79,53,42,10,cc,16,fe,79,d4,9d,bf,21,f1,fc,99,be,f5,8a,cc,aa,\
60,de,8d,20,25,e1,a0,af,72,02,e3,d0,c5,6d,4e,e9,2b,58,68,9b,1c,87,a0,c3,dc,\
2c,89,bc,2c,5f,b6,47,5f,8f,13,55,85,59,58,71,b9,f4,c9,ee,6e,e9,32,89,2a,2f,\
10,84,03,ab,ed,07,60,85,06,0a,59,e9,45,4a,32,69,f8,13,d2,f3,fd,be,b4,a7,a5,\
08,e0,ca,b6,0c,76,96,7b,85,2d,ef,4b,40,c6,e2,57,79,74,3d,76,f0,d5,ed,bb,43,\
19,07,70,13,70,7a,f5,4a,52,95,69,c0,9a,a8,e1,20,8d,23,9e,eb,64,e8,f0,05,ed,\
a8,e0,df,e7,e6,de,8f,e2,a9,8d,f6,6b,c5,98,c2,80,2b,79,67,93,18,a0,f0,bb,0f,\
54,6d,55,d9,af,78,22,c8,e4,2e,1b,db,27,f4,09,5d,21,23,cb,ba,36,68,3b,2e,11,\
74,4e,b1,c3,04,8f,ee,5c,b0,44,47,f7,fe,d7,66,97,28,98,0a,a1,54,26,bb,a7,16,\
6c,5a,5a,d2,c7,94,72,88,f0,96,40,7b,57,ff,4f,86,71,95,dd,9a,61,49,2d,61,1a,\
2f,c3,c5,9d,c4,62,f2,54,e9,a8,3e,27,fe,4d,58,71,d3,6e,db,d1,fb,81,f3,11,09,\
01,a8,97,d1,5b,74,20,65,66,d7,04,15,f4,fb,e6,64,48,f6,1d,bc,80,e0,11,10,32,\
c4,fa,66,94,9c,99,41,aa,60,27,91,eb,f6,ff,0e,4a,26,47,35,17,fd,4d,63,9b,f0,\
c0,b2,ae,31,7e,fd,13,02,4a,02,e8,d0,cd,b1,6e,32,f6,24,c3,31,29,42,2c,a7,72,\
05,18,a2,a1,b9,94,be,ea,31,d8,59,be,31,fc,9c,31,74,d6,cd,9b,ec,bd,2c,ad,be,\
a8,d2,4b,ee,64,02,5a,9f,f0,77,ee,a6,f2,0b,7d,98,52,9c,c5,95,33,ab,35,ed,52,\
39,65,e3,53,03,1d,89,c0,c8,6c,74,7b,d4,5c,c0,fc,fe,ab,86,7b,96,53,e4,cf,8e,\
c9,03,61,84,e1,fc,f6,f4,2e,21,da,52,3b,43,fe,35,a8,3e,75,31,a1,82,a0,49,78,\
53,33,05,0a,21,6c,df,5f,c2,3b,be,16,9e,5c,e3,bf,2e,57,61,53,b8,72,af,7a,13,\
8d,fa,18,7a,fb,1c,b2,cc,bc,5e,b7,a7,b4,a8,95,49,15,57,91,e6,1b,b7,3b,e5,53,\
04,32,c2,dc,5f,35,cc,e2,1c,87,ae,18,7d,a2,07,0b,c7,a8,37,68,ab,cf,32,f6,72,\
d8,41,17,10,91,75,3f,fb,6a,f0,2f,c4,92,89,e8,1e,3d,36,9a,21,77,e8,6b,b8,27,\
2e,44,98,5e,38,b0,b2,24,0f,55,18,4b,bc,3e,28,31,94,03,f2,8a,40,92,1e,8a,40,\
92,b7,0b,b1
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\SecuROM\License information*NULL*]
"datasecu"=hex:d0,2f,9a,e2,eb,20,c6,69,68,7c,a6,3e,13,0c,74,e8,3b,65,b5,d7,68,\
4d,f5,61,d3,81,30,03,3a,23,1d,42,07,02,16,8a,22,a0,3a,1a,1d,85,6a,40,5f,31,\
52,c7,ed,41,eb,27,c4,4f,ea,fa,bd,3c,e5,b9,f7,80,72,d0,5d,65,98,04,ef,47,b0,\
ad,cd,5e,24,0d,be,c5,b6,ad,bf,04,05,01,9b,dd,df,1d,13,4d,fe,89,6c,15,e2,90,\
e2,f9,3d,49,bc,2d,57,13,d7,e4,99,4b,e2,9b,fd,50,38,e0,b9,02,49,02,70,27,c9,\
eb,9c,81,b0,bb,af,4d,2b,35,ad,a8,a5,74,24,bf,33,71,4e,2e,ad,74,84,b1,e7,b2,\
34,d4,1e,14,f3,7b,73,a5,ea,dd,1b,12,1b,aa,d9,42,d3,cc,ce,51,18,78,cd,b9,09,\
d5,aa,25,19,f9,29,27,5c,a0,54,5e,34,ad,0b,b9,eb,a6,02,15,60,87,ca,72,60,d4,\
ab,62,98,35,b3,59,24,c4,fc,43,ec,ba,fb,93,42,65,cb,e1,a8,54,ca,83,a2,02,70,\
37,cc,a9,85,1f,a0,6d,1a,50,ed,8e,fc,90,37,dc,1e,e1,a3,70,cf,4c,d1,0b,ac,8d,\
37,49,3d,1b,03,42,0f,d7,35,7a,aa,02,a5,93,ad,b7,8f,1d,80,f8,dc,37,ac,83,d3,\
af,24,5c,c5,5e,95,02,1b,ef,f6,dc,2e,73,ea,6b,89,c2,1c,73,f6,70,40,c3,8a,23,\
a4,7c,45,66,e8,0e,f7,c7,33,ff,f9,64,bc,50,0e,fe,c4,f5,0b,61,90,8e,f0,90,5d,\
95,6a,20,19,f0,2e,63,65,bd,1a,1d,5c,d8,f9,37,f8,1b,db,05,83,38,61,82,e4,cc,\
e1,17,f0,cb,ff,23,27,87,19,07,e7,15,ef,8d,2a,ce,d4,92,42,ac,00,4b,10,1d,6e,\
4b,2b,09,d6,92,86,23,eb,0d,b0,74,dc,ac,cd,f9,53,98,f5,90,ac,6c,8e,eb,21,5a,\
66,78,38,c0,71,3e,de,9e,99,0b,50,63,34,f2,fd,26,dd,0a,f0,92,ac,1c,98,47,66,\
fe,00,32,c4,85,41,f8,90,e9,5d,f3,28,60,c2,4a,0c,d8,12,18,97,bc,b0,d4,de,58,\
26,54,14,ce,bd,a7,26,35,0d,2c,31,7f,e7,50,9e,8b,d7,3e,0b,85,ae,bc,7d,ac,36,\
03,cd,d5,58,12,fa,e5,1e,26,2b,72,7f,a3,51,65,a9,d4,4b,70,4e,85,1c,50,d5,7d,\
59,f3,6f,44,8f,75,f8,92,a6,36,85,18,12,1b,61,d8,89,f6,91,58,36,dc,cc,53,a3,\
57,30,f1,19,ac,27,f7,8a,23,6e,19,b3,0e,af,19,45,f6,9f,54,a4,36,b7,82,33,fc,\
60,b5,fb,dc,c8,af,eb,82,38,2b,1f,6b,4b,64,8e,d3,d1,60,cc,90,2d,17,07,8f,9c,\
5b,75,28,99,b3,9c,2f,67,76,ae,7f,c0,d4,6f,e7,0d,dc,70,f8,04,f2,0c,1a,f1,b0,\
c5,c0,49,ac,a8,65,fd,0e,df,e9,b1,89,3a,39,69,66,e1,4c,5c,a2,a0,69,26,4a,83,\
6b,12,6f,28,40,e8,72,b5,23,8e,57,41,9c,2a,bd,35,81,84,03,76,44,d8,65,17,64,\
8c,2b,c8,c0,fe,fb,19,b2,bb,38,d9,4d,00,51,0a,79,ab,e8,df,f0,85,54,0c,5c,65,\
c5,fc,e8,d6,6b,8a,f6,c6,70,31,fd,62,3c,e0,13,3c,43,29,47,9f,41,86,72,5f,04,\
3d,cf,7d,76,fb,79,a7,fe,3c,71,00,85,bf,9f,7e,1b,dc,74,65,11,a0,e9,e9,b3,7f,\
35,6e,7f,d0,f7,df,af,c6,e9,a1,e9,67,e7,3a,77,4f,8d,0a,2d,69,9a,91,b7,f7,36,\
d3,71,b9,f4,bb,28,42,54,78,2a,a9,95,67,c4,51,b4,71,4f,8d,88,3a,86,40,b5,df,\
94,fa,65,21,2a,0f,c9,4c,d5,13,e7,36,62,2a,67,7a,d9,f3,aa,61,fb,58,c0,6c,34,\
e8,77,a5,ef,2f,f0,f2,4f,aa,15,cb,7c,52,2f,00,97,21,14,b1,6e,54,11,03,ca,46,\
6a,10,eb,50,bd,29,fa,4e,4b,7c,f8,a0,1e,ba,c4,2f,78,d9,62,5b,d9,84,a3,3e,7b,\
31,58,16,08,78,8e,c1,4d,df,ef,91,42,bd,2e,a0,8e,a4,c7,02,62,7f,cf,69,0d,ca,\
65,7a,4b,95,5e,54,ef,e2,89,41,26,a2,cb,a0,4f,da,69,05,53,b6,f5,86,75,18,79,\
d9,b8,f0,f9,6d,30,32,6f,a0,af,b5,1f,26,88,4c,2f,d2,ff,ee,8c,d0,76,5d,db,7a,\
ff,45,bc,ac,94,2c,a9,35,0d,48,31,1f,49,16,80,12,8f,60,de,b9,08,59,da,68,d1,\
cd,d6,fa,55,d7,c9,30,30,db,ef,31,46,6d,b2,cf,0b,42,7f,93,84,1e,ac,77,39,ea,\
ca,1a,cc,67,c6,71,97,cf,13,4a,18,8e,fb,0f,08,90,0b,0b,66,42,4c,c8,da,da,42,\
be,5f,42,7b,f3,41,ba,49,48,a8,d3,95,73,d9,dd,c1,d4,49,a7,f8,98,e1,0a,cc,60,\
38,a8,3b,e4,a5,67,13,73,fc,fb,b9,04,d8,c0,04,bb,0d,8d,1e,aa,9a,d6,0f,77,6d,\
24,e0,1a,dd,b0,3a,13,c2,14,cb,bc,dd,bd,50,f7,16,f7,f3,28,4f,6b,55,ee,2f,e5,\
21,d0,7a,c7,54,c6,e5,ee,fa,97,25,07,c6,dc,e2,06,0c,e4,81,c8,16,b5,e6,aa,ed,\
8e,15,32,0a,5f,6c,df,7f,c3,ce,32,d4,d4,10,40,98,fc,c1,1f,aa,b1,74,85,06,58,\
c3,f8,7e,93,f0,cb,54,40,d8,82,b0,31,7e,88,63,ba,6a,84,68,01,b7,2e,f3,bd,bf,\
34,8f,f7,05,7e,db,fc,da,78,4d,fd,f0,92,a7,5a,6e,62,cb,42,9b,99,52,1f,2d,da,\
63,d2,42,cc,73,1c,91,dc,b1,5a,eb,9b,d5,ec,0c,0f,e5,8e,b3,e9,75,ee,5c,af,20,\
c3,d9,26,c4,49,19,8f,48,fb,b5,64,82,dd,98,ca,6e,b8,77,c6,3d,d4,f6,a2,13,6d,\
27,24,88,ec,1c,99,76,b7,08,77,aa,ae,70,92,02,01,62,79,de,fd,27,d4,4d,2c,e0,\
13,12,aa,9a,d8,23,98,65,d0,35,e9,b9,e9,5d,98,0d,3c,8b,3f,44,ce,bb,4a,dd,26,\
d6,b4,c6,ba,ab,54,3e,d5,b9,c8,32,2d,9c,ea,49,83,21,7e,3f,31,81,33,30,90,a4,\
c7,3f,bc,ab,42,9e,fe,9e,65,eb,b0,05,02,da,64,12,fb,44,5b,f5,80,98,d1,26,4b,\
95,46,54,97,8a,e9,b9,92,92,7d,b7,2e,82,fe,49,99,07,8f,17,a1,37,38,b5,43,1d,\
1f,2a,73,3e,f1,59,da,a5,a2,3e,b2,6f,c1,16,2c,15,90,39,54,d5,f6,d7,ab,e9,44,\
3f,34,09,32,c3,46,5c,3e,e5,f2,11,8e,9f,0b,9d,45,ee,d0,5f,32,f9,e1,c9,8c,cc,\
8c,80,21,a4,95,80,2d,af,80,30,ed,93,ec,1b,0a,19,37,87,9f,fe,a2,80,0c,fd,76,\
e5,14,91,e3,71,67,a0,b2,1e,57,31,0e,2b,5c,84,66,a0,5d,50,0a,be,c3,50,04,9a,\
28,08,86,be,f5,6d,15,58,32,f2,f5,25,6e,79,a8,37,fa,7c,d8,ac,ce,f7,05,8f,48,\
65,20,1a,0d,93,9a,67,5b,ee,91,2f,73,a1,0a,ab,27,8e,ea,bc,1a,be,28,47,25,25,\
05,4c,ec,bd,f4,9a,f9,ac,32,db,40,d9,9f,42,4a,75,dc,f4,e5,0b,7c,ce,d8,77,b4,\
60,74,e2,4e,2c,3f,e6,e3,82,b1,96,2f,d3,98,e4,7d,e0,73,a6,cf,b0,95,4c,1a,c5,\
8c,74,f3,4c,fd,52,06,a3,35,ed,3f,c6,11,75,63,4c,86,bf,5e,c6,8e,5d,76,6a,f9,\
3d,93,4b,fe,2f,9f,3c,4b,38,5d,25,de,ea,13,a2,b4,4a,55,d7,a6,ab,7a,f7,b9,86,\
b8,36,a2,c9,e5,61,14,3d,b9,32,4a,f6,e1,84,60,92,11,da,e1,2a,6d,6f,4e,6b,f2,\
bc,08,b6,1b,b1,db,e6,24,92,f7,19,5e,a1,46,ff,d7,36,22,59,a4,ea,92,e7,f6,59,\
d5,45,0f,56,a9,d4,04,99,3c,0e,1d,99,aa,f3,09,45,c6,5e,2a,e0,99,f3,5c,dc,fb,\
6a,ac,07,1a,4c,70,35,d9,70,c0,7c,e4,ba,ea,40,b0,56,e2,ee,58,33,71,68,3f,d1,\
89,fd,17,ec,bf,35,f4,14,dd,4a,5b,b7,63,04,33,af,09,e2,ab,f6,c4,b2,3f,ce,35,\
18,0b,a0,97,70,21,93,20,37,68,d0,8a,04,0a,f6,1a,81,08,34,02,cc,56,7e,5c
"rkeysecu"=hex:d3,a0,de,5f,9a,62,90,a4,01,cc,bd,22,b8,58,41,59

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*NULL*]
"OODEFRAG10.00.00.01WORKSTATION"="EA18BCA398F728465BA20EC79F5B2820C188294FCC27EA0DF6BE240A6DBE6642F95E0398AFEF26D28CC2C3B0CD7C2019E28589393CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E6679DB7CE019D40AA5C9DB7CE019D40AA5C4E2CE988D79AE0BEC3811CDC0C7B825994CDAC6787E2CCD11C1526A5DFD65769EC99F842BA01DA55552FE240BE52486FBDAA3ABBDA393002D7D7F0375A5CFD181889837AC6F67EE906B01E821F3136CDD005A37B5D9C114546C47B56C6ADD20C077A31DF94D2E5C598DAE8726419ECAEBCAC9AB802D734E524C3A8F3777BE1C1E20D3B60F0CF0337C429F0A2786AE251E694E3C4EF17B53522E1F4446DDB8A39C8887034DD0C9B11363C7B69F76F63F7A5D556B600E8838565516B3FE14700784B57B2D38D0AC6A68AD4DE60345188E9472BDD6A4244DF2F08652E223F9B4A08F105F87BEA307353555B06E5332147F009757CFEF87F630D1698726BA69A477335C44C2D114960F39E59719BAD50E4DC21B9C5571A58F7811006815FE869A3CB04ECCCAECF82236A607FB2E892B8797F369CE09ACFEE5BEBEB7037071091E3A5BE77AA87AC6E241C899FF176839474AFE46D8B347A47213713BB07AE5700E19A3D01AD8460042173FD2FEBB3D3031747BD9995D22BC8B0CDE2F075E52D87C6C5C94DAFB9579EA9DD13CBED528F087726443662E92842C41F2ABB9B01B55B14C820411EF831FAA34C9633DA48720A7F2FEF7AEBB0EBE26A20AF6F2797C7171D49F3657D5E44BC4734C4482CCF6F556B472EC33DA2A6BE07C7AB7FD707EFB5896D6B6AE14417E8A1115212EAE62A194E5BDC90F6FDB94E4F11CC05066F6C9B55E3A020764E676B135E65BA3950FEE80ED8D285CD473C6FCEFA313E9733330C4F5CA07D79DFA512CF209A12471178BB643255E989C37660638BF0890C7CE8309C0C6D1C3CA2F50EE1D9FD8BDDF45A6D5F5DA2A90780EA46C14913ECF336EA17352BFDB9270431F7A595153CD70898BDDED66955354BC8AAEE3F9591F31148B0E2763C383235E2C84C615760259E5DCE9A9CCE2019B7F7F7C7FDE8454780C4D347AE859D6D2B4DDFD9CF2ED6484E07A91CB06862CB9D927F78197176B8BD5738D5982D937A1FE37EA6F478A1D8EFA5B7C09A4618F897E6F685A78A3D2BC3AB7C55FCF7688F0E50CB606B0AE882237FCA3BE3E461E083F87544C4FE4F14D321A16228200F76396DD108502AF584498E93109CB901D687FDF6E191900CFA724C0DECEA539A0FA64C00F1C51239B0097FAB1957ACDF4407DFDC5A31F4F17FE57389B899B4C7491E312747F074C570CCB30E8429990AA5313E6B82CA54A8D03C93C15C8DD9722D2C16FD83FB70CFBD414199542ED02E8A71EB4A000BCBF735"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(624)
c:\program files\AlienGUIse\fastload.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\acer\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
c:\program files\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
c:\program files\GRISOFT\AVG7\AVGAMSVR.EXE
c:\program files\GRISOFT\AVG7\AVGUPSVC.EXE
c:\program files\GRISOFT\AVG7\AVGEMC.EXE
c:\windows\SYSTEM32\CTSVCCDA.EXE
c:\windows\EHOME\EHRECVR.EXE
c:\windows\EHOME\EHSCHED.EXE
c:\program files\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE
c:\acer\EMPOWERING TECHNOLOGY\ELOCK\LOCKSERV.EXE
c:\windows\SYSTEM32\NVSVC32.EXE
c:\windows\SYSTEM32\OODAG.EXE
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\EHOME\EHMSAS.EXE
c:\program files\LAUNCH MANAGER\LMANAGER.EXE
c:\program files\GRISOFT\AVG7\AVGCC.EXE
c:\program files\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXSTORESVR.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\docume~1\Douglas\LOCALS~1\Temp\RtkBtMnt.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
c:\program files\Java\jre1.5.0_08\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-01-08 23:18:52 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-08 22:18:50

Avant-CF: 9 094 823 936 octets libres
Après-CF: 9,985,982,464 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
redirect=useBiosSettings
redirectbaudrate=
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
redirect=useBiosSettings
redirectbaudrate=
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="c" c
multi(0)disk(0)rdisk(0)partition(1)\Minint="c" c
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="c" c
multi(0)disk(0)rdisk(0)partition(1)\Minint="c" c
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn
i(0)disk(0)rdisk(0)partition(1)\Minint="c" c
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn
="Console de r‚cup‚ration Microsoft Windows XP" /cmdcons

547 --- E O F --- 2008-12-19 09:14:05
0
Réponse 7 / 15
Utilisateur anonyme
8 janv. 2009 à 23:44
Re,

* Telecharges SDFix sur ton bureau:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

*Double-cliques sur SDFix.exe.
----> lances l'installation pour l'extraire dans un dossier dédié.

*Redemarre ton pc en Mode sans echec, pour cela :
---> tapotes sur la touche F8 ou F5 de ton clavier au demarrage du pc
---> un ecran noir apparait avec plusieurs options, choisis Mode sans echec et
valides par la touche Entrée de ton clavier...

* Une fois en MSE, ouvres le dossier qui vient d'etre créée sur le
bureau et double cliques sur RunThis.bat pour lancer le script:
---> Appuies sur la touche Y de ton clavier pour lancer le nettoyage
---> Laisses le scanner, il te demandera d'appuyer sur une touche pour redemarrer le pc,
fais le.
* Ton systeme sera plus long car l'outil continuera de travailler
* Au chargement du bureau, il affichera Finished.
*Appuies sur 1 touche pour obtenir le rapport sous le nom de report.txt
*postes le rapport.
0
Réponse 8 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
9 janv. 2009 à 00:28
je n'arrive pas a avoir accés au mode sans echec il charge le mode mais apres il reste sur l'ecran de demarrage j'ai attendu 30 minute mais rien n'a bougé
0
Réponse 9 / 15
Utilisateur anonyme
9 janv. 2009 à 01:01
re, on va verifier
* Telecharges FindyKill : http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
---> lances l'installation
---> puis double clique sur le raccourci de ton bureau pour le lancer
---> au menu, choisi l'option 1
---> laisses le chercher, à la fin, un rapport est généré, postes le.
0
Réponse 10 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
9 janv. 2009 à 01:10
le voilas



----------------- FindyKill V4.711 ------------------

* User : Douglas - DOUGLAS
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 1:04:41 le 09/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\oodtray.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\DOCUME~1\Douglas\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch


»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Douglas\Application Data


»»»» Presence des fichiers dans C:\DOCUME~1\Douglas\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\Douglas\Local Settings\Temporary Internet Files\Content.IE5

Found ! [03/07/2006 12:33] - C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\FileCD\Readme.txt
Found ! [08/12/2008 16:02] - C:\Program Files\Maxis\SimCity 4 Deluxe\filelist.txt

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ehTray=C:\WINDOWS\ehome\ehtray.exe
preload=C:\Windows\RUNXMLPL.exe
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
RTHDCPL=RTHDCPL.EXE
SkyTel=SkyTel.EXE
AzMixerSel=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
ntiMUI=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
LManager=C:\PROGRA~1\LAUNCH~1\LManager.exe
Boot=C:\Acer\Empowering Technology\ePower\Boot.exe
Acer ePresentation HPD=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
nwiz=nwiz.exe /install
NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
ISUSPM="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
OODefragTray=C:\WINDOWS\system32\oodtray.exe
Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
ePower_DMC=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_CURRENT_USER\software\local appwizard-generated applications\DocUnins]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Hog]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\LaunchApp]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\NTI WaveEditor]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\PhotoViewer]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\Ubisoft


--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - Type de démarrage = 3

Ip6Fw - Type de démarrage = 3

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2


--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

F: - Lecteur fixe

H: - Lecteur fixe


+- presence des fichiers :



--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 11 / 15
Utilisateur anonyme
9 janv. 2009 à 01:28
Ok, relances findykill et choisis l'option2 et valides par Entrée.
* le menu demarrer et les icones vont disparaitre,c'est normal.
---> le nettoyage prends quelques minutes
---> appuies sur OK dans la fenetre d'information.
* Le Fix va avoir besoin de redemarrer le pc:
---> appuies sur 1 touche comme demandé
* au redemarrage le fix continu de travailler, laisses faire
* a la fin un rapport est généré, postes le
0
Réponse 12 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
9 janv. 2009 à 11:24
voilas le rapport

et la fenetre pop up sagipsul ne s'ouvre plus...



----------------- FindyKill V4.711 ------------------

* User : Douglas - DOUGLAS
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 11:06:51 the 09/01/2009
* Windows XP - Internet Explorer 6.0.2900.2180


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonuiX.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\spoolsv.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\Douglas\Application Data


»»»» Supression files in C:\DOCUME~1\Douglas\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\Douglas\Local Settings\Temporary Internet Files\Content.IE5


--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
Deleted ! - HKEY_USERS\S-1-5-21-3823352429-38789864-1306546268-1005\Software\Ubisoft

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

D: - Lecteur fixe

F: - Lecteur fixe

H: - Lecteur fixe


+- deleting files :


--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Other Infections ] ----------------


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Douglas\Recent\How To Use The Crack.lnk
C:\Documents and Settings\Douglas\Recent\Red Faction No CD Crack.lnk
C:\Documents and Settings\Douglas\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\crack.au-143c79f9-3b82d33d.idx
C:\Documents and Settings\Douglas\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\crack.au-143c79f9-3b82d33d.au
C:\Documents and Settings\Douglas\Application Data\uTorrent\Blitzkrieg 2 French + crack.torrent
C:\Documents and Settings\Douglas\Application Data\uTorrent\Blitzkrieg 2 French + crack.iso.torrent
C:\Documents and Settings\Douglas\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\Documents and Settings\Douglas\Application Data\uTorrent\SimCity 4 Deluxe + Crack.torrent


---------------- ! End of report ! ------------------
0
Réponse 13 / 15
Utilisateur anonyme
9 janv. 2009 à 12:02
Re,

* Il faudrait peut etre penser a virer tout ça >> Cracks <<, tes problèmes viennent de là et la pub
intempestive ---> ce n'est que de la "poudre aux yeux " par rapport à tout ce que l'on a trouvé pour
l'instant lis ça à propos des cracks :
https://forum.malekal.com/viewtopic.php?f=33&t=893

* Ensuite, ton systeme n'est pas à jour, d'ailleurs rien n'est à jour sur ton pc, pas meme l'antivirus AVG7...
( Java, Adobe, Mise a jour windows...) ---> tout ça represente d'enorme failles de securité...

* As tu accés au mode sans echec, si oui lances SDFix
---> si non, lances le comme ça...
et postes le rapport.
0
Réponse 14 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
9 janv. 2009 à 12:27
voilas le rapport SDfix


[b]System Report[/b]
*************

Run on 09/01/2009 at 12:21

Microsoft Windows XP [version 5.1.2600]

Current user is an administrator

[b]Running Processes[/b]:

\SystemRoot\System32\smss.exe [528]
\??\C:\WINDOWS\system32\csrss.exe [596]
\??\C:\WINDOWS\system32\winlogon.exe [620]
C:\WINDOWS\system32\services.exe [664]
C:\WINDOWS\system32\lsass.exe [680]
C:\WINDOWS\system32\svchost.exe [832]
C:\WINDOWS\system32\svchost.exe [920]
C:\WINDOWS\System32\svchost.exe [960]
C:\WINDOWS\system32\svchost.exe [1144]
C:\WINDOWS\system32\svchost.exe [1176]
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [1336]
C:\Program Files\Alwil Software\Avast4\ashServ.exe [1392]
C:\WINDOWS\system32\spoolsv.exe [1996]
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [1516]
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [152]
C:\WINDOWS\system32\CTsvcCDA.exe [200]
C:\WINDOWS\eHome\ehRecvr.exe [252]
C:\WINDOWS\eHome\ehSched.exe [336]
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [992]
C:\Acer\Empowering Technology\eLock\LockServ.exe [1132]
C:\WINDOWS\system32\nvsvc32.exe [212]
C:\WINDOWS\system32\oodag.exe [320]
C:\WINDOWS\system32\svchost.exe [1828]
C:\WINDOWS\system32\svchost.exe [1964]
C:\WINDOWS\ehome\mcrdsvc.exe [2404]
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [3800]
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [3872]
C:\WINDOWS\system32\dllhost.exe [3896]
C:\WINDOWS\System32\alg.exe [1020]
C:\WINDOWS\explorer.exe [900]
C:\WINDOWS\System32\svchost.exe [3340]
C:\WINDOWS\system32\wuauclt.exe [3636]
C:\Program Files\Mozilla Firefox\firefox.exe [3264]
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe [3732]
C:\WINDOWS\system32\rundll32.exe [1648]


[b]Drivers - Running[/b]:

Aavmker4
abp480n5
ACPI
ACPIEC
adpu160m
AFD
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
AmdK8
amsint
AR5211
asc
asc3350p
asc3550
aswFsBlk
aswMon2
aswRdr
aswSP
aswTdi
atapi
atksgt
audstub
Beep
Cam5603D
cbidf
cd20xrnt
Cdfs
Cdrom
CmBatt
CmdIde
Compbatt
Cpqarray
dac2w2k
dac960nt
Disk
DKbFltr
dmio
dmload
dpti2o
eeCtrl
eLock2BurnerLockDriver
eLock2FSCTLDriver
Fastfat
Fips
FltMgr
Ftdisk
GEARAspiWDM
giveio
Gpc
HDAudBus
HidUsb
hpn
HSFHWAZL
HSF_DPV
HTTP
i2omgmt
i2omp
i8042prt
Imapi
ini910u
int15
IntcAzAudAddService
IntelIde
Ip6Fw
IpNat
IPSec
irda
isapnp
Kbdclass
kmixer
KSecDD
lirsgt
mdmxsdk
mnmdd
Modem
Mouclass
mouhid
MountMgr
mraid35x
MRxDAV
MRxSmb
Msfs
mssmbios
Mup
NDIS
NdisTapi
Ndisuio
NdisWan
NDProxy
NetBIOS
NetBT
Npfs
NTIDrvr
Null
nv
nvsmu
ohci1394
papycpu2
papyjoy
PartMgr
PCI
PCIIde
Pcmcia
perc2
perc2hib
PptpMiniport
prodrv06
prohlp02
prosync1
PSched
Ptilink
PxHelp20
ql1080
Ql10wnt
ql12160
ql1240
ql1280
RasAcd
Rasirda
Rasl2tp
RasPppoe
Raspti
Rdbss
RDPCDD
rdpdr
redbook
ROOTMODEM
Secdrv
sfdrv01
sfdrv01a
sfhlp01
sfhlp02
sfsync02
sfvfs02
sisagp
Sparrow
speedfan
sptd
sr
Srv
swenum
symc810
symc8xx
sym_hi
sym_u3
SynTP
sysaudio
Tcpip
TermDD
tifm21
tmcomm
TosIde
tvicport
UBHelper
ultra
Update
usbehci
usbhub
usbohci
USBSTOR
VgaSave
viaagp
ViaIde
VolSnap
Wanarp
wdmaud
winachsf
WmiAcpi
zntport


[b]Drivers - Stopped[/b]:

Abiosdsk
aec
Arp1394
AsyncMac
Atdisk
Atmarpc
btaudio
BTDriver
BTKRNL
BTWDNDIS
cbidf2k
CCDECODE
Cdaudio
Changer
dmboot
DMusic
drmkaud
epindd
Fadpu16E
Fdc
Flpydisk
GcKernel
HIDSwvd
HPZid412
HPZipr12
HPZius12
int15.sys
IpFilterDriver
IpInIp
IRENUM
kbdhid
lbrtfdc
mcdbus
MHNDRV
MSKSSRV
MSPCLOCK
MSPQM
MSTEE
NABTSFEC
NdisIP
NIC1394
NSCIRDA
NSNDIS5
Ntfs
NVENETFD
nvnetbus
NwlnkFlt
NwlnkFwd
Parport
ParVdm
PCIDump
PDCOMP
PDFRAME
PDRELI
PDRFRAME
Processor
psdfilter
psdvdisk
RDPWD
rtl8139
SaiH075C
sdbus
Serial
Sfloppy
Simbad
SLIP
splitter
streamip
swmidi
SWUSBFLT
SYMIDSCO
TDPIPE
TDTCP
Udfs
usbccgp
usbprint
usbscan
usbser
WDICA
WSTCODEC


[b]Services - Running[/b]:

AcerMemUsageCheckService
ALG
Apple
aswUpdSv
AudioSrv
avast!
avast!
avast!
Browser
COMSysApp
Creative
CryptSvc
DcomLaunch
Dhcp
dmserver
Dnscache
ehRecvr
ehSched
ERSvc
Eventlog
EventSystem
FastUserSwitchingCompatibility
helpsvc
HidServ
HTTPFilter
Irmon
lanmanserver
lanmanworkstation
LightScribeService
LmHosts
LockServ
McrdSvc
Netman
Nla
NVSvc
O&O
PlugPlay
PolicyAgent
ProtectedStorage
RasMan
RemoteRegistry
RpcSs
SamSs
Schedule
seclogon
SENS
SharedAccess
ShellHWDetection
Spooler
srservice
SSDPSRV
stisvc
TapiSrv
TermService
Themes
TrkWks
upnphost
W32Time
WebClient
winmgmt
wscsvc
wuauserv
WZCSVC


[b]Services - Stopped[/b]:

Adobe
Alerter
AppMgmt
aspnet_state
AutoSyncService
BITS
CiSvc
ClipSrv
clr_optimization_v2.0.50727_32
dmadmin
Fax
GoogleDesktopManager
gusvc
IDriverT
ImapiService
iPod
Messenger
MHN
mnmsrvc
MSDTC
MSIServer
NBService
NetDDE
NetDDEdsdm
Netlogon
NMIndexingService
NtLmSsp
NtmsSvc
odserv
ose
Pml
RasAuto
RDSessMgr
RemoteAccess
RpcLocator
RSVP
SCardSvr
SwPrv
SysmonLog
TlntSvr
UMWdf
UPS
usnjsvc
VSS
WmdmPmSN
Wmi
WmiApSrv
xmlprov


[b]Files Created/Modified - 60 Days[/b]:


C:\

9 Jan 2009 11:05:56 1 409 286 144 A.SH. "C:\pagefile.sys"
9 Jan 2009 11:06:04 938 127 360 A.SH. "C:\hiberfil.sys"


C:\WINDOWS\

9 Jan 2009 11:06:14 2 048 A.S.. "C:\WINDOWS\bootstat.dat"
8 Dec 2008 15:58:20 532 A.... "C:\WINDOWS\eReg.dat"
26 Dec 2008 22:55:58 98 304 A.... "C:\WINDOWS\system32CmdLineExt.dll"
9 Jan 2009 11:09:28 65 846 A.... "C:\WINDOWS\system32\perfc009.dat"
9 Jan 2009 11:09:28 412 478 A.... "C:\WINDOWS\system32\perfh009.dat"
9 Jan 2009 11:09:28 79 692 A.... "C:\WINDOWS\system32\perfc00C.dat"
9 Jan 2009 11:09:30 480 848 A.... "C:\WINDOWS\system32\perfh00C.dat"
8 Jan 2009 21:24:42 151 641 A.... "C:\WINDOWS\system32\xpsf1.exe"
21 Nov 2008 22:46:10 1 044 480 A.... "C:\WINDOWS\system32\libdivx.dll"
21 Nov 2008 22:46:10 200 704 A.... "C:\WINDOWS\system32\ssldivx.dll"
12 Dec 2008 18:29:30 3 088 384 A.... "C:\WINDOWS\system32\mshtml.dll"
14 Dec 2008 19:15:58 664 A.... "C:\WINDOWS\system32\d3d9caps.dat"
26 Nov 2008 18:21:30 1 236 208 A.... "C:\WINDOWS\system32\aswBoot.exe"
8 Jan 2009 0:22:06 103 424 A.... "C:\WINDOWS\system32\egpycfgc.dll"
8 Jan 2009 0:22:06 103 424 A.... "C:\WINDOWS\system32\tzpqlo.dll"
11 Dec 2008 0:46:04 107 888 A.... "C:\WINDOWS\system32\CmdLineExt.dll"
6 Jan 2009 22:00:06 43 520 A.... "C:\WINDOWS\system32\CmdLineExt03.dll"
10 Dec 2008 23:31:10 7 694 A.... "C:\WINDOWS\system32\ealregsnapshot1.reg"
9 Jan 2009 12:18:00 3 798 A.... "C:\WINDOWS\temp\scsE.tmp"
9 Jan 2009 12:18:18 0 A.... "C:\WINDOWS\temp\scs12.tmp"
9 Jan 2009 11:06:52 6 A..H. "C:\WINDOWS\Tasks\SA.DAT"
8 Jan 2009 23:06:42 110 A.... "C:\WINDOWS\ERDNT\CFrecovery.bat"
4 Jan 2009 18:38:18 15 504 A.... "C:\WINDOWS\system32\drivers\mbam.sys"
26 Nov 2008 18:18:26 93 296 A.... "C:\WINDOWS\system32\drivers\aswmon.sys"
26 Nov 2008 18:18:18 94 032 A.... "C:\WINDOWS\system32\drivers\aswmon2.sys"
26 Nov 2008 18:17:36 111 184 A.... "C:\WINDOWS\system32\drivers\aswSP.sys"
26 Nov 2008 18:15:36 26 944 A.... "C:\WINDOWS\system32\drivers\aavmker4.sys"
26 Nov 2008 18:17:26 20 560 A.... "C:\WINDOWS\system32\drivers\aswFsBlk.sys"
26 Nov 2008 18:16:38 50 864 A.... "C:\WINDOWS\system32\drivers\aswTdi.sys"
26 Nov 2008 18:16:30 23 152 A.... "C:\WINDOWS\system32\drivers\aswRdr.sys"
4 Jan 2009 18:38:22 38 496 A.... "C:\WINDOWS\system32\drivers\mbamswissarmy.sys"
12 Dec 2008 18:29:30 3 088 384 A.... "C:\WINDOWS\system32\dllcache\mshtml.dll"
23 Dec 2008 18:40:56 80 A.... "C:\WINDOWS\system32\oodag\Analyze_4.dat"
9 Jan 2009 11:20:18 80 A.... "C:\WINDOWS\system32\oodag\Analyze_3.dat"
23 Dec 2008 18:43:10 80 A.... "C:\WINDOWS\system32\oodag\Analyze_8.dat"
4 Dec 2008 21:36:02 80 A.... "C:\WINDOWS\system32\oodag\Analyze_10.dat"
10 Dec 2008 23:31:18 74 137 A.... "C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe"
8 Jan 2009 22:54:56 237 568 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000001\NTUSER.DAT"
8 Jan 2009 22:54:56 8 192 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000002\UsrClass.dat"
8 Jan 2009 22:54:56 241 664 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000003\NTUSER.DAT"
8 Jan 2009 22:54:56 8 192 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000004\UsrClass.dat"
8 Jan 2009 22:54:58 16 539 648 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000005\NTUSER.DAT"
8 Jan 2009 22:54:58 495 616 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000006\UsrClass.dat"


C:\Program Files\

20 Dec 2008 9:55:06 233 472 A.... "C:\Program Files\Mozilla Firefox\freebl3.dll"
20 Dec 2008 9:55:06 696 824 A.... "C:\Program Files\Mozilla Firefox\js3250.dll"
20 Dec 2008 9:54:48 17 400 A.... "C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll"
20 Dec 2008 9:55:14 710 136 A.... "C:\Program Files\Mozilla Firefox\mozcrt19.dll"
20 Dec 2008 9:55:14 198 136 A.... "C:\Program Files\Mozilla Firefox\nspr4.dll"
20 Dec 2008 9:55:16 718 328 A.... "C:\Program Files\Mozilla Firefox\nss3.dll"
20 Dec 2008 9:55:16 288 248 A.... "C:\Program Files\Mozilla Firefox\nssckbi.dll"
20 Dec 2008 9:55:16 103 928 A.... "C:\Program Files\Mozilla Firefox\nssdbm3.dll"
20 Dec 2008 9:55:16 87 544 A.... "C:\Program Files\Mozilla Firefox\nssutil3.dll"
20 Dec 2008 9:55:16 20 472 A.... "C:\Program Files\Mozilla Firefox\plc4.dll"
20 Dec 2008 9:55:16 17 400 A.... "C:\Program Files\Mozilla Firefox\plds4.dll"
20 Dec 2008 9:55:22 103 928 A.... "C:\Program Files\Mozilla Firefox\smime3.dll"
20 Dec 2008 9:55:22 151 552 A.... "C:\Program Files\Mozilla Firefox\softokn3.dll"
20 Dec 2008 9:55:22 395 768 A.... "C:\Program Files\Mozilla Firefox\sqlite3.dll"
20 Dec 2008 9:55:22 136 696 A.... "C:\Program Files\Mozilla Firefox\ssl3.dll"
20 Dec 2008 9:55:22 17 912 A.... "C:\Program Files\Mozilla Firefox\xpcom.dll"
20 Dec 2008 9:55:26 9 742 840 A.... "C:\Program Files\Mozilla Firefox\xul.dll"
20 Dec 2008 9:55:04 185 848 A.... "C:\Program Files\Mozilla Firefox\crashreporter.exe"
20 Dec 2008 9:55:06 307 704 A.... "C:\Program Files\Mozilla Firefox\firefox.exe"
20 Dec 2008 9:55:22 242 168 A.... "C:\Program Files\Mozilla Firefox\updater.exe"
8 Jan 2009 21:36:18 2 645 A.... "C:\Program Files\Navilog1\unins000.dat"
8 Jan 2009 21:36:10 689 104 A.... "C:\Program Files\Navilog1\unins000.exe"
2 Jan 2009 20:48:28 325 837 A.... "C:\Program Files\Navilog1\navilog1.bat"
2 Jan 2009 18:58:02 185 523 A.... "C:\Program Files\Navilog1\Navreb.bat"
28 Dec 2008 18:55:42 100 685 A.... "C:\Program Files\DivX\DivXWebPlayerUninstall.exe"
23 Dec 2008 14:52:34 139 A.... "C:\Program Files\RegCleaner\Options.dat"
23 Dec 2008 14:52:36 10 499 A.... "C:\Program Files\RegCleaner\old.dat"
9 Jan 2009 1:04:16 74 945 A.... "C:\Program Files\FindyKill\Uninstal.exe"
8 Jan 2009 22:09:16 8 869 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.dat"
8 Jan 2009 22:08:44 688 784 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
4 Jan 2009 18:38:16 73 360 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll"
4 Jan 2009 18:38:18 380 048 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe"
4 Jan 2009 18:38:16 1 269 392 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
4 Jan 2009 18:38:18 73 360 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll"
4 Jan 2009 18:38:20 77 968 A.... "C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll"
4 Jan 2009 18:38:20 44 688 A.... "C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll"
4 Jan 2009 18:38:20 399 504 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"
4 Jan 2009 18:38:18 170 640 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
13 Nov 2008 16:19:08 115 247 A.... "C:\Program Files\Picasa2\Uninstall.exe"
13 Nov 2008 16:18:46 5 355 320 A..H. "C:\Program Files\Picasa2\setup.exe"
26 Nov 2008 8:54:14 49 631 A.... "C:\Program Files\18 WoS Pedal to the Metal\uninst.exe"
26 Dec 2008 11:11:52 353 675 A.... "C:\Program Files\TrackMania Sunrise\unins000.dat"
26 Dec 2008 11:06:36 683 865 A.... "C:\Program Files\TrackMania Sunrise\unins000.exe"
11 Nov 2008 20:41:24 344 064 A.... "C:\Program Files\InstallShield Installation Information\{DE29025A-091F-4998-AD2D-24C84421190F}\_setup.dll"
10 Dec 2008 23:54:50 372 736 A.... "C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe"
10 Dec 2008 23:54:50 324 552 A.... "C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\_setup.dll"
10 Dec 2008 23:54:50 535 552 ..... "C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\ISSetup.dll"
26 Nov 2008 18:15:32 225 280 A.... "C:\Program Files\Alwil Software\Avast4\Aavm4h.dll"
26 Nov 2008 18:19:02 188 416 A.... "C:\Program Files\Alwil Software\Avast4\AavmGuih.dll"
26 Nov 2008 18:15:26 20 992 A.... "C:\Program Files\Alwil Software\Avast4\AavmRpch.dll"
26 Nov 2008 18:15:42 35 840 A.... "C:\Program Files\Alwil Software\Avast4\AhResMai.dll"
26 Nov 2008 18:17:12 32 768 A.... "C:\Program Files\Alwil Software\Avast4\ahResMes.dll"
26 Nov 2008 18:16:50 53 248 A.... "C:\Program Files\Alwil Software\Avast4\AhResNS.dll"
26 Nov 2008 18:18:40 29 696 A.... "C:\Program Files\Alwil Software\Avast4\AhResOut.dll"
26 Nov 2008 18:17:06 33 280 A.... "C:\Program Files\Alwil Software\Avast4\ahResP2P.dll"
26 Nov 2008 18:19:12 43 008 A.... "C:\Program Files\Alwil Software\Avast4\AhResStd.dll"
26 Nov 2008 18:15:56 53 248 A.... "C:\Program Files\Alwil Software\Avast4\AhResWS.dll"
26 Nov 2008 18:18:00 65 536 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiMai.dll"
26 Nov 2008 18:17:10 36 864 A.... "C:\Program Files\Alwil Software\Avast4\ahRuiMes.dll"
26 Nov 2008 18:16:48 36 864 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiNS.dll"
26 Nov 2008 18:18:12 90 112 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiOut.dll"
26 Nov 2008 18:17:04 22 528 A.... "C:\Program Files\Alwil Software\Avast4\ahRuiP2P.dll"
26 Nov 2008 18:19:10 57 344 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiStd.dll"
26 Nov 2008 18:16:02 49 152 A.... "C:\Program Files\Alwil Software\Avast4\AhRuiWS.dll"
26 Nov 2008 18:11:32 225 280 A.... "C:\Program Files\Alwil Software\Avast4\ashBase.dll"
26 Nov 2008 18:13:20 98 304 A.... "C:\Program Files\Alwil Software\Avast4\ashCfgP.dll"
26 Nov 2008 18:13:32 131 072 A.... "C:\Program Files\Alwil Software\Avast4\ashCfgT.dll"
26 Nov 2008 18:13:38 151 552 A.... "C:\Program Files\Alwil Software\Avast4\ashChest.dll"
26 Nov 2008 18:18:40 204 600 A.... "C:\Program Files\Alwil Software\Avast4\ashOutXt.dll"
26 Nov 2008 18:15:02 76 880 A.... "C:\Program Files\Alwil Software\Avast4\ashShell.dll"
26 Nov 2008 18:11:38 53 248 A.... "C:\Program Files\Alwil Software\Avast4\ashSODBC.dll"
26 Nov 2008 18:12:00 233 472 A.... "C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll"
26 Nov 2008 18:12:16 48 128 A.... "C:\Program Files\Alwil Software\Avast4\ashSXML.dll"
26 Nov 2008 18:11:44 118 784 A.... "C:\Program Files\Alwil Software\Avast4\ashTask.dll"
26 Nov 2008 18:13:12 327 680 A.... "C:\Program Files\Alwil Software\Avast4\ashUInt.dll"
26 Nov 2008 18:16:26 65 536 A.... "C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll"
26 Nov 2008 18:11:36 659 456 A.... "C:\Program Files\Alwil Software\Avast4\aswAux.dll"
26 Nov 2008 18:12:04 11 584 A.... "C:\Program Files\Alwil Software\Avast4\aswIdle.dll"
26 Nov 2008 18:11:08 22 528 A.... "C:\Program Files\Alwil Software\Avast4\aswInteg.dll"
26 Nov 2008 18:09:34 327 680 A.... "C:\Program Files\Alwil Software\Avast4\aswRawFS.dll"
26 Nov 2008 18:09:02 147 456 A.... "C:\Program Files\Alwil Software\Avast4\aswRes.dll"
26 Nov 2008 18:17:00 106 496 A.... "C:\Program Files\Alwil Software\Avast4\avCommEx.dll"
26 Nov 2008 18:13:42 13 656 A.... "C:\Program Files\Alwil Software\Avast4\AVSSHOOK.dll"
26 Nov 2008 18:12:54 917 504 A.... "C:\Program Files\Alwil Software\Avast4\XT1922.dll"
26 Nov 2008 18:13:48 274 640 A.... "C:\Program Files\Alwil Software\Avast4\ashAvast.exe"
26 Nov 2008 18:14:04 130 440 A.... "C:\Program Files\Alwil Software\Avast4\ashBug.exe"
26 Nov 2008 18:14:16 68 640 A.... "C:\Program Files\Alwil Software\Avast4\ashChest.exe"
26 Nov 2008 18:14:10 53 792 A.... "C:\Program Files\Alwil Software\Avast4\ashCnsnt.exe"
26 Nov 2008 18:18:52 81 000 A.... "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
26 Nov 2008 18:13:54 50 184 A.... "C:\Program Files\Alwil Software\Avast4\ashLogV.exe"
26 Nov 2008 18:18:32 254 040 A.... "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe"
26 Nov 2008 18:18:58 208 720 A.... "C:\Program Files\Alwil Software\Avast4\ashPopWz.exe"
26 Nov 2008 18:14:58 282 880 A.... "C:\Program Files\Alwil Software\Avast4\ashQuick.exe"
26 Nov 2008 18:18:46 155 160 A.... "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
26 Nov 2008 18:14:22 126 320 A.... "C:\Program Files\Alwil Software\Avast4\ashSimp2.exe"
26 Nov 2008 18:15:22 159 280 A.... "C:\Program Files\Alwil Software\Avast4\ashSimpl.exe"
26 Nov 2008 18:13:56 17 920 A.... "C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe"
26 Nov 2008 18:13:58 61 440 A.... "C:\Program Files\Alwil Software\Avast4\ashSkPck.exe"
26 Nov 2008 18:11:50 68 640 A.... "C:\Program Files\Alwil Software\Avast4\ashUpd.exe"
26 Nov 2008 18:16:24 352 920 A.... "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe"
19 Nov 2008 18:51:28 31 552 A.... "C:\Program Files\Alwil Software\Avast4\aswChLic.exe"
26 Nov 2008 18:12:08 18 752 A.... "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
26 Nov 2008 18:21:10 68 640 A.... "C:\Program Files\Alwil Software\Avast4\sched.exe"
26 Nov 2008 18:15:06 68 640 A.... "C:\Program Files\Alwil Software\Avast4\VisthAux.exe"
26 Nov 2008 18:15:14 53 280 A.... "C:\Program Files\Alwil Software\Avast4\VisthLic.exe"
26 Nov 2008 18:14:48 53 280 A.... "C:\Program Files\Alwil Software\Avast4\VisthUpd.exe"
26 Nov 2008 18:09:14 131 072 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnB.dll"
26 Nov 2008 18:09:10 86 016 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll"
26 Nov 2008 18:09:20 192 512 A.... "C:\Program Files\Alwil Software\Avast4\aswCmnS.dll"
26 Nov 2008 18:11:22 1 269 760 A.... "C:\Program Files\Alwil Software\Avast4\aswEngin.dll"
26 Nov 2008 18:10:56 86 016 A.... "C:\Program Files\Alwil Software\Avast4\aswScan.dll"
20 Dec 2008 9:55:22 510 592 A.... "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
20 Dec 2008 9:54:54 23 032 A.... "C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll"
20 Dec 2008 9:54:54 134 648 A.... "C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll"
7 Jan 2009 18:31:18 98 035 A.... "C:\Program Files\Mozilla Firefox\components\xpti.dat"
7 Jan 2009 18:31:28 144 765 A.... "C:\Program Files\Mozilla Firefox\components\compreg.dat"
13 Nov 2008 16:18:26 133 120 A.... "C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll"
20 Dec 2008 9:55:16 65 528 A.... "C:\Program Files\Mozilla Firefox\plugins\npnul32.dll"
21 Nov 2008 22:45:04 1 332 224 A.... "C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll"
20 Dec 2008 9:55:20 117 A.... "C:\Program Files\Mozilla Firefox\res\hiddenWindow.html"
8 Dec 2008 10:53:36 1 615 A.... "C:\Program Files\Navilog1\Contents\Gnc2.bat"
8 Dec 2008 10:54:48 1 575 A.... "C:\Program Files\Navilog1\Contents\Gnc2su.bat"
10 Dec 2008 20:26:32 5 147 A.... "C:\Program Files\Navilog1\Contents\Gncs.bat"
14 Nov 2008 20:53:26 4 244 A.... "C:\Program Files\Navilog1\Contents\Heurs.bat"
13 Nov 2008 21:58:04 4 287 A.... "C:\Program Files\Navilog1\Contents\Heurss.bat"
13 Nov 2008 21:56:24 2 662 A.... "C:\Program Files\Navilog1\Contents\Orphus.bat"
21 Nov 2008 22:45:04 1 332 224 A.... "C:\Program Files\DivX\DivX Web Player\npdivx32.dll"
23 Dec 2008 14:52:34 989 A.... "C:\Program Files\RegCleaner\Backups\06.05.2007.02.18.21.65.reg"
23 Dec 2008 14:52:34 996 A.... "C:\Program Files\RegCleaner\Backups\06.05.2007.02.18.21.66.reg"
23 Dec 2008 14:50:18 75 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.263.dat"
23 Dec 2008 14:52:34 78 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.263.reg"
23 Dec 2008 14:50:18 76 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.264.dat"
23 Dec 2008 14:52:34 316 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.264.reg"
23 Dec 2008 14:52:34 492 A.... "C:\Program Files\RegCleaner\Backups\06.05.2007.02.20.08.175.reg"
10 Nov 2008 15:00:06 56 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.05.33.dat"
23 Dec 2008 14:52:34 133 348 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.05.33.reg"
23 Dec 2008 14:50:20 66 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.18.414.dat"
23 Dec 2008 14:52:34 138 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.18.414.reg"
23 Dec 2008 14:50:20 66 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.18.415.dat"
23 Dec 2008 14:52:34 138 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.18.415.reg"
23 Dec 2008 14:51:14 60 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.9.dat"
23 Dec 2008 14:52:34 174 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.9.reg"
23 Dec 2008 14:51:14 60 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.11.dat"
23 Dec 2008 14:52:34 164 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.11.reg"
23 Dec 2008 14:51:14 63 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.14.dat"
23 Dec 2008 14:52:34 170 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.14.reg"
23 Dec 2008 14:51:14 55 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.16.dat"
23 Dec 2008 14:52:34 165 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.16.reg"
23 Dec 2008 14:51:14 53 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.17.dat"
10 Nov 2008 15:00:34 57 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.32.92.dat"
23 Dec 2008 14:52:34 60 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.32.92.reg"
23 Dec 2008 14:52:34 152 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.17.reg"
23 Dec 2008 14:51:14 59 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.18.dat"
23 Dec 2008 14:52:34 158 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.18.reg"
23 Dec 2008 14:51:14 55 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.22.dat"
23 Dec 2008 14:52:34 146 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.22.reg"
23 Dec 2008 14:51:14 64 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.34.dat"
23 Dec 2008 14:52:34 159 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.34.reg"
23 Dec 2008 14:51:14 57 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.36.dat"
23 Dec 2008 14:52:34 157 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.51.13.36.reg"
10 Nov 2008 15:00:34 93 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.33.163.dat"
23 Dec 2008 14:52:34 380 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.33.163.reg"
10 Nov 2008 15:00:34 95 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.33.164.dat"
23 Dec 2008 14:52:34 7 831 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.33.164.reg"
10 Nov 2008 15:00:34 99 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.33.165.dat"
23 Dec 2008 14:52:34 229 A.... "C:\Program Files\RegCleaner\Backups\10.11.2008.15.00.33.165.reg"
23 Dec 2008 14:50:18 55 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.16.2.dat"
23 Dec 2008 14:52:34 1 523 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.16.2.reg"
23 Dec 2008 14:50:18 60 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.165.dat"
23 Dec 2008 14:52:34 301 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.165.reg"
23 Dec 2008 14:50:18 57 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.240.dat"
23 Dec 2008 14:52:34 132 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.240.reg"
23 Dec 2008 14:50:18 59 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.241.dat"
23 Dec 2008 14:52:34 264 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.241.reg"
23 Dec 2008 14:50:18 56 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.242.dat"
23 Dec 2008 14:52:34 115 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.242.reg"
23 Dec 2008 14:50:18 51 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.243.dat"
23 Dec 2008 14:52:34 337 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.243.reg"
23 Dec 2008 14:50:18 62 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.244.dat"
23 Dec 2008 14:52:34 240 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.244.reg"
23 Dec 2008 14:50:18 62 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.254.dat"
23 Dec 2008 14:52:34 8 670 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.254.reg"
23 Dec 2008 14:50:18 69 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.257.dat"
23 Dec 2008 14:52:34 147 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.257.reg"
23 Dec 2008 14:50:18 60 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.258.dat"
23 Dec 2008 14:52:34 122 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.258.reg"
23 Dec 2008 14:50:18 60 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.259.dat"
23 Dec 2008 14:52:34 880 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.259.reg"
23 Dec 2008 14:50:18 75 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.260.dat"
23 Dec 2008 14:52:34 2 096 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.260.reg"
23 Dec 2008 14:50:18 83 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.261.dat"
23 Dec 2008 14:52:34 883 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.261.reg"
23 Dec 2008 14:50:18 64 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.262.dat"
23 Dec 2008 14:52:34 306 A.... "C:\Program Files\RegCleaner\Backups\23.12.2008.14.50.17.262.reg"
8 Jan 2009 21:24:38 101 376 A.... "C:\Program Files\IZArc\SFXS\IZArcRAR.dat"
3 Jan 2009 13:43:16 2 588 A.... "C:\Program Files\FindyKill\Tools\FixSrosa.reg"
11 Dec 2008 17:59:00 61 440 A.... "C:\Program Files\FindyKill\Tools\md5deep.exe"
22 Dec 2008 12:16:18 284 160 A.... "C:\Program Files\FindyKill\Tools\swreg.exe"
5 Jan 2009 13:25:24 674 A.... "C:\Program Files\FindyKill\Tools\Uac.reg"
13 Nov 2008 16:18:24 550 912 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_fr.dll"
13 Nov 2008 16:18:24 1 862 144 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
13 Nov 2008 16:18:24 108 032 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll"
13 Nov 2008 16:18:26 551 936 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll"
13 Nov 2008 16:18:26 101 376 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.dll"
13 Nov 2008 16:18:26 105 984 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopMail.dll"
13 Nov 2008 16:18:20 4 999 A.... "C:\Program Files\Google\Google Desktop Search\topic_sites.dat"
13 Nov 2008 16:18:26 155 136 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopSSD.dll"
13 Nov 2008 16:18:26 347 136 A.... "C:\Program Files\Google\Google Desktop Search\GoogleUIEngine.dll"
13 Nov 2008 16:18:20 572 A.... "C:\Program Files\Google\Google Desktop Search\ak ### GoogleDesktopSetup.exe -uninstall"
13 Nov 2008 16:18:26 238 592 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopOffice.dll"
13 Nov 2008 16:18:26 36 352 A.... "C:\Program Files\Google\Google Desktop Search\gzlib.dll"
13 Nov 2008 16:18:26 118 784 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll"
13 Nov 2008 16:18:26 133 120 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopMozilla.dll"
13 Nov 2008 16:18:26 167 936 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopDeskbar2.dll"
13 Nov 2008 16:18:26 175 104 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll"
13 Nov 2008 16:18:26 68 096 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopActions.dll"
13 Nov 2008 16:18:26 143 360 A.... "C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
13 Nov 2008 16:19:08 3 A.... "C:\Program Files\Picasa2\runtime\hlpsys.dll"
10 Dec 2008 23:55:00 324 552 ..... "C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\1.02.0000\_Setup.dll"
10 Dec 2008 23:55:00 535 552 ..... "C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\1.02.0000\ISSetup.dll"
10 Dec 2008 23:55:00 372 736 ..... "C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\1.02.0000\setup.exe"
9 Jan 2009 1:22:20 159 792 A.... "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll"
9 Jan 2009 11:09:04 70 766 A.... "C:\Program Files\Alwil Software\Avast4\DATA\iNews.htm"
9 Jan 2009 10:54:12 0 A.... "C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat"
9 Jan 2009 11:06:48 391 216 A.... "C:\Program Files\Alwil Software\Avast4\DATA\clnr0.dll"
9 Jan 2009 11:06:48 309 912 A.... "C:\Program Files\Alwil Software\Avast4\DATA\dllcc0.dat"
9 Jan 2009 11:06:48 9 080 A.... "C:\Program Files\Alwil Software\Avast4\DATA\exts0.dll"
9 Jan 2009 11:06:48 237 560 A.... "C:\Program Files\Alwil Software\Avast4\DATA\aswar0.dll"
26 Nov 2008 18:08:16 98 304 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Base.dll"
26 Nov 2008 18:07:30 17 920 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Boot.dll"
26 Nov 2008 18:08:16 2 572 288 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\Lang.dll"
26 Nov 2008 18:08:14 61 440 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\LangMai.dll"
20 Nov 2008 17:50:42 6 720 A.... "C:\Program Files\Alwil Software\Avast4\FRENCH\ENHANCED.HTM"
20 Dec 2008 9:55:04 7 142 A.... "C:\Program Files\Mozilla Firefox\defaults\profile\bookmarks.html"
21 Nov 2008 22:45:40 548 864 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcp80.dll"
21 Nov 2008 22:45:40 626 688 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcr80.dll"
21 Nov 2008 22:45:38 479 232 A.... "C:\Program Files\Mozilla Firefox\plugins\Microsoft.VC80.CRT\msvcm80.dll"
21 Nov 2008 22:45:40 548 864 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcp80.dll"
21 Nov 2008 22:45:40 626 688 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcr80.dll"
21 Nov 2008 22:45:38 479 232 A.... "C:\Program Files\DivX\DivX Web Player\Microsoft.VC80.CRT\msvcm80.dll"
13 Nov 2008 16:18:12 138 168 A.... "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
13 Nov 2008 16:18:18 118 784 A.... "C:\Program Files\Google\Google Desktop Search\gcdtmp1\GoogleDesktopCommon.dll"
13 Nov 2008 16:18:18 1 862 144 A.... "C:\Program Files\Google\Google Desktop Search\gcdtmp1\GoogleDesktopSetupHelper.exe"
23 Dec 2008 14:44:12 118 784 A.... "C:\Program Files\Google\Google Desktop Search\gcdtmp2\GoogleDesktopCommon.dll"
23 Dec 2008 14:44:12 1 862 144 A.... "C:\Program Files\Google\Google Desktop Search\gcdtmp2\GoogleDesktopSetupHelper.exe"
8 Dec 2008 12:56:58 7 524 352 A.... "C:\Program Files\Maxis\SimCity 4 Deluxe\Apps\SimCity 4.exe"
23 Dec 2008 18:00:02 2 259 155 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\782f52ca_Vehicles%5cCoastCar%5c307_WRC.zip"
23 Dec 2008 18:05:08 1 992 673 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\bbab0141_Vehicles%5cSportCar%5cHonda+S2000+2Fast+2Furious.zip"
23 Dec 2008 18:11:30 3 483 456 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\0fa27055_Vehicles%5cSportCar%5cLamborghini_Murcielago_R-GT.zip"
27 Dec 2008 17:34:30 28 459 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\b1a0290d_Any%5cAdvertisement%5cimagefab.zip"
27 Dec 2008 17:34:52 303 697 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\7da5650b_Vehicles%5cSportCar%5cIsland_Team_TnT.zip"
27 Dec 2008 17:35:10 279 396 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\fe92b0da_Vehicles%5cCoastCar%5cCoast_Team_TnT.zip"
27 Dec 2008 17:35:30 307 607 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\b6363fae_Vehicles%5cBayCar%5cBay_Team_TnT.zip"
27 Dec 2008 17:35:34 64 038 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\6d4101b9_Any%5cAdvertisement%5cTnT%3dred.zip"
27 Dec 2008 17:35:36 21 412 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\b25c0e5e_Any%5cAdvertisement%5cshark-TM.zip"
27 Dec 2008 17:35:38 36 167 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\2004480b_Any%5cAdvertisement%5cimagetarth.zip"
27 Dec 2008 17:35:42 20 295 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\632da269_Any%5cAdvertisement%5cimageshloub.zip"
27 Dec 2008 17:35:44 33 780 A.... "C:\Program Files\TrackMania Sunrise\GameData\Cache\1a19c902_Any%5cAdvertisement%5cimagegrip.zip"
26 Nov 2008 18:15:36 26 944 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\Aavmker4.sys"
26 Nov 2008 18:17:26 20 560 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswFsBlk.sys"
26 Nov 2008 18:18:26 93 296 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMon.sys"
26 Nov 2008 18:18:18 94 032 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMon2.sys"
26 Nov 2008 18:17:16 51 792 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswMonFlt.sys"
26 Nov 2008 18:16:30 23 152 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AswRdr.sys"
26 Nov 2008 18:17:36 111 184 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\aswSP.sys"
26 Nov 2008 18:16:38 50 864 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AswTdi.sys"
11 Nov 2008 15:05:36 1 288 A.... "C:\Program Files\Bullfrog\Dungeon Keeper 2\Data\Settings\AddressBookWinsock.dat"
26 Nov 2008 18:15:40 25 168 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\Aavmker4.sys"
26 Nov 2008 18:17:30 22 096 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswFsBlk.sys"
26 Nov 2008 18:18:22 75 856 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswMon2.sys"
26 Nov 2008 18:17:24 64 592 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswMonFlt.sys"
26 Nov 2008 18:16:32 27 216 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswRdr.sys"
26 Nov 2008 18:17:50 89 168 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswSP.sys"
26 Nov 2008 18:16:42 57 936 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\AMD64\aswTdi.sys"
26 Nov 2008 18:17:28 37 968 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswFsBlk.sys"
26 Nov 2008 18:17:20 140 368 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswMonFlt.sys"
26 Nov 2008 18:16:34 55 376 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswRdr.sys"
26 Nov 2008 18:17:44 168 016 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswSP.sys"
26 Nov 2008 18:16:44 126 544 A.... "C:\Program Files\Alwil Software\Avast4\Setup\INF\IA64\aswTdi.sys"
29 Dec 2008 19:05:32 339 700 A...R "C:\Program Files\TrackMania Sunrise\GameData\Skins\Vehicles\CoastCar\General Lee2.zip"
27 Dec 2008 17:28:16 15 719 A.... "C:\Program Files\TrackMania Sunrise\GameData\Tracks\Campaigns\Downloaded\OnTheEdge.zip"
27 Dec 2008 17:34:30 3 833 271 A.... "C:\Program Files\TrackMania Sunrise\GameData\Tracks\Campaigns\Downloaded\TnT-Team2.zip"


[b]Files with hidden attributes[/b]:

Wed 30 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Wed 30 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Wed 30 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Wed 30 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Wed 30 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Thu 13 Nov 2008 5,355,320 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Mon 27 Nov 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 2 Jan 2009 2,602 ...HR --- "C:\Documents and Settings\Douglas\Application Data\SecuROM\UserData\securom_v7_01.bak"
Wed 4 Oct 2006 3,072,000 A..H. --- "C:\Documents and Settings\Douglas\Application Data\U3\temp\Launchpad Removal.exe"


[b]Program Folders[/b]:

C:\Program Files\

18 WoS Pedal to the Metal
Acer Inc
Adobe
AlienGUIse
Alwil Software
Apple Software Update
Autodesk
backburner 2
BFG
BOINC
Bullfrog
ComPlus Applications
CONEXANT
Creative
CyberLink
DAEMON Tools Lite
Dealio
DIFX
DivX
EACom
Electronic Arts
eMule
EPSON
Fichiers communs
FindyKill
FrenchOtto
GameSpy Arcade
GemMasterFrench
Google
Grisoft
Hewlett-Packard
HOJY TECH
HP
ING
InstallShield Installation Information
InterActual
Internet Explorer
iPod
iTunes
IZArc
Java
Launch Manager
Malwarebytes' Anti-Malware
Maxis
Memeo
Messenger
Microsoft Application Compatibility Toolkit 5
microsoft frontpage
Microsoft Games
Microsoft Office
Microsoft Visual Studio
Microsoft Visual Studio 8
Microsoft Works
Microsoft.NET
Movie Maker
Mozilla Firefox
MP3 Player Utilities 1.47
MSBuild
MSN
MSN Gaming Zone
MSN Messenger
MSXML 4.0
Navilog1
Nero
NetMeeting
NewTech Infosystems
Nsasoft
Online Services
OO Software
OpenOffice.org 2.1
Outlook Express
Picasa2
Power Defrag
QuickTime
Realtek
RegCleaner
Services en ligne
Sierra
Sierra On-Line
SimCity 4
SlySoft
SpeedFan
Stardock
Symantec
Synaptics
TmNationsForever
TrackMania Sunrise
Uninstall Information
uTorrent
VideoLAN
VistaMare
Western Digital
Western Digital Technologies
WinCustomize
Windows Media Player
Windows NT
Windows Plus
WindowsUpdate
WinRAR
WMV9_VCM
xchat
xerox

C:\Program Files\Fichiers communs\

Adobe
Adobe Systems Shared
Ahead
Apple
DESIGNER
eSellerate
Hewlett-Packard
InstallShield
Java
LightScribe
Microsoft Shared
MSSoap
muvee Technologies
NewTech Infosystems
ODBC
Services
SpeechEngines
Stardock
Symantec Shared
System


[b]Add/Remove Programs[/b]:

Otto
18 Wheels of Steel Pedal to the Metal
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
GemMaster Mystic
Adobe Flash Player ActiveX
Adobe Flash Player 10 Plugin
Adobe Illustrator CS2
Adobe Photoshop CS2
Adobe Shockwave Player
Adobe SVG Viewer 3.0
AlienGUIse Theme Manager
avast! Antivirus
Berlin Subway
cblite
Christen Eagle II 1.0
HDAUDIO Soft Data Fax Modem with SmartCP
Dungeon Keeper 2
Electronic Arts Game Updater
FindyKill
Microsoft Flight Simulator 2004 Un siècle d'aviation
FLShell v1.0.3 Public Edition
Google Desktop
Acer GridVista
Heil 10000 gallon tanker
HijackThis 2.0.2
Homeworld2
NTI CD & DVD-Maker
Texas Instruments PCIxx21/x515/xx12 drivers.
Acer eDataSecurity Management 2.0.3077
SWAT 4
Correctif Windows XP - KB873339
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885855
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Microsoft .NET Framework 1.0 Hotfix (KB887998)
High Definition Audio Driver Package - KB888111
Correctif Windows XP - KB888239
Correctif Windows XP - KB888302
Correctif pour Windows XP (KB888795)
Correctif Windows XP - KB890859
Correctif pour Windows XP (KB891593)
Correctif Windows XP - KB891781
Mise à jour de sécurité pour Windows XP (KB893756)
Windows Installer 3.1 (KB893803)
Mise à jour pour Windows XP (KB894391)
Correctif Windows XP - KB895961
Correctif pour Windows XP (KB896256)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896424)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour pour Windows XP (KB898461)
Correctif pour Windows XP (KB899337)
Correctif pour Windows XP (KB899510)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899591)
Correctif n° 2 pour Windows XP Édition Media Center 2005
Mise à jour pour Windows XP (KB900485)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Correctif pour Windows XP (KB902841)
Hotfix for Windows Media Player 10 (KB903157)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour pour Windows XP (KB908531)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911567)
Mise à jour de sécurité pour Windows XP (KB911927)
Windows XP Media Center Edition 2005 KB912067
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour pour Windows XP (KB912945)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour pour Lecteur Windows Media 10 (KB913800)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour pour Windows XP (KB916595)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917422)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Windows XP (KB917953)
Correctif pour Windows XP (KB918005)
Mise à jour de sécurité pour Windows XP (KB918118)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920214)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour pour Windows XP (KB920872)
Mise à jour de sécurité pour Windows XP (KB921398)
Mise à jour de sécurité pour Windows XP (KB921503)
Mise à jour pour Windows XP (KB922582)
Mise à jour de sécurité pour Windows XP (KB922616)
Mise à jour de sécurité pour Windows XP (KB922760)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923689)
Mise à jour de sécurité pour Windows XP (KB923694)
Mise à jour de sécurité pour Windows XP (KB923789)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924191)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924496)
Mise à jour de sécurité pour Windows XP (KB924667)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Windows XP (KB925454)
Mise à jour de sécurité pour Windows XP (KB925486)
Mise à jour de sécurité pour Windows XP (KB925902)
Mise à jour pour Lecteur Windows Media 10 (KB926251)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour de sécurité pour Windows XP (KB926436)
Mise à jour de sécurité pour Windows XP (KB927779)
Mise à jour de sécurité pour Windows XP (KB927802)
Mise à jour pour Windows XP (KB927891)
Mise à jour de sécurité pour Windows XP (KB928090)
Mise à jour de sécurité pour Windows XP (KB928255)
Mise à jour de sécurité pour Windows XP (KB928843)
Mise à jour de sécurité pour Windows XP (KB929123)
Mise à jour pour Windows XP (KB929338)
Mise à jour de sécurité pour Windows XP (KB929969)
Mise à jour de sécurité pour Windows XP (KB930178)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Mise à jour pour Windows XP (KB930916)
Mise à jour de sécurité pour Windows XP (KB931261)
Mise à jour de sécurité pour Windows XP (KB931768)
Mise à jour de sécurité pour Windows XP (KB931784)
Mise à jour pour Windows XP (KB931836)
Mise à jour de sécurité pour Windows XP (KB932168)
Mise à jour pour Windows XP (KB933360)
Mise à jour de sécurité pour Windows XP (KB933566)
Mise à jour de sécurité pour Windows XP (KB933729)
Correctif pour Windows XP (KB935448)
Mise à jour de sécurité pour Windows XP (KB935839)
Mise à jour de sécurité pour Windows XP (KB935840)
Mise à jour de sécurité pour Windows XP (KB936021)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)
Mise à jour de sécurité pour Windows XP (KB937143)
Mise à jour de sécurité pour Windows XP (KB937894)
Mise à jour de sécurité pour Windows XP (KB938127)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour pour Windows XP (KB938828)
Mise à jour de sécurité pour Windows XP (KB938829)
Mise à jour de sécurité pour Windows XP (KB939653)
Mise à jour de sécurité pour Windows XP (KB941202)
Mise à jour de sécurité pour Windows XP (KB941568)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB941644)
Mise à jour de sécurité pour Windows XP (KB941693)
Mise à jour de sécurité pour Windows XP (KB942615)
Mise à jour pour Windows XP (KB942763)
Mise à jour pour Windows XP (KB942840)
Mise à jour de sécurité pour Windows XP (KB943055)
Mise à jour de sécurité pour Windows XP (KB943460)
Mise à jour de sécurité pour Windows XP (KB943485)
Mise à jour de sécurité pour Windows XP (KB944338)
Mise à jour de sécurité pour Windows XP (KB944533)
Mise à jour de sécurité pour Windows XP (KB944653)
Mise à jour de sécurité pour Windows XP (KB945553)
Mise à jour de sécurité pour Windows XP (KB946026)
Mise à jour pour Windows XP (KB946627)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB947864)
Mise à jour de sécurité pour Windows XP (KB948590)
Mise à jour de sécurité pour Windows XP (KB948881)
Mise à jour de sécurité pour Windows XP (KB950749)
Mise à jour de sécurité pour Windows XP (KB950759)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour de sécurité pour Windows XP (KB951376)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)
Correctif pour Windows XP (KB952287)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953838)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour de sécurité pour Windows XP (KB954211)
Mise à jour de sécurité pour Windows XP (KB954600)
Mise à jour de sécurité pour Windows XP (KB955069)
Mise à jour pour Windows XP (KB955839)
Mise à jour de sécurité pour Windows XP (KB956390)
Mise à jour de sécurité pour Windows XP (KB956391)
Mise à jour de sécurité pour Windows XP (KB956802)
Mise à jour de sécurité pour Windows XP (KB956803)
Mise à jour de sécurité pour Windows XP (KB956841)
Mise à jour de sécurité pour Windows XP (KB957095)
Mise à jour de sécurité pour Windows XP (KB957097)
Mise à jour de sécurité pour Windows XP (KB958215)
Mise à jour de sécurité pour Windows XP (KB958644)
Mise à jour de sécurité pour Windows XP (KB960714)
Launch Manager
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Mozilla Firefox (3.0.5)
MSN
Pilotes de stockage de masse de Creative
Navilog1 3.7.1
NVIDIA Drivers
ObjectDock
Picasa 2
Microsoft Office Professional Plus 2007
Quake III Arena Point Release 1.32
QuickTime 3.0
Ready for Pushback V2_10 Full Version
Services Off-line de Home'Bank 4.03
Adobe Flash Player 9 ActiveX
SpeedFan (remove only)
Stearman and Eagle Field Scenery for FS2004
Synaptics Pointing Device Driver
Creative System Information
TmNationsForever
TrackMania Sunrise Extreme 1.5.1
Microsoft Train Simulator
Utilitaires Sierra
VideoLAN VLC media player 0.8.6i
Windows Genuine Advantage Notifications (KB905474)
Wilco Fleet : A380
WinCustomize Browser
Windows Media Format Runtime
Archiveur WinRAR
Microsoft Windows Media Video 9 VCM
Xbox 360 Controller for Windows
Boeing 247D for FS2004
WD Diagnostics
EPSON CardMonitor
Acer eLock Management
NTI CD & DVD-Maker
QuickTime
AutoUpdate
Google Earth
Acer eSettings Management
Windows Live Sign-in Assistant
Adobe Photoshop CS2
PIF DESIGNER2.1
Creative MediaSource
FSNavigator
J2SE Runtime Environment 5.0 Update 8
MSXML 4.0 SP2 (KB927978)
Apple Mobile Device Support
TIPCI
Acer OrbiCam
Acer eDataSecurity Management
O&O Defrag Professional Edition
iTunes
Acer ePower Management
MP3 Player Utilities 1.47
TRS2007
Les Sims™ 2 Kit design Cuisine et Salle de bain
PowerDVD
Apple Software Update
Windows Media Player Firefox Plugin
LightScribe 1.4.97.1
Memeo AutoBackup
Les Sims 2 Fun en Famille Kit
Nero 7 Ultra Edition
Les Sims™ 2 IKEA® Home Design Kit
Les Sims 2
Acer ePerformance Management
Microsoft Visual C++ 2005 Redistributable
Les Sims 2 : La bonne affaire
DivX Codec
MSXML 4.0 SP2 (KB954430)
QFolder
DivX Player
SWAT 4
The Sims 2 University
Microsoft Software Update for Web Folders (French) 12
Microsoft Office Professional Plus 2007
Microsoft Office Access MUI (French) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office InfoPath MUI (French) 2007
Microsoft Office Shared MUI
0
Réponse 15 / 15
kidoug Messages postés 83 Date d'inscription samedi 2 juin 2007 Statut Membre Dernière intervention 17 février 2010 13
9 janv. 2009 à 12:31
ah oui petite precision que vous avez pu constater sur e rapport l'antivirus a changer j'ai viré avg et j'ai mi avast a la place
avg m'avait faid des erreur lors de scan et avait mis des fichier windiws dans son vault telle que rundll32.exe ainsi que des fichier d'information de volume
0
mik
10 janv. 2009 à 21:36
tu aurais du faire un message "plus long"

sinon j'ai le meme probleme et je n'arrive pas du tout a trouver de solution.
0

Discussions similaires

C'est quoi le site qui remplace coco chat
TP3 -
bazfile -

2 réponses
Coco chat connexion sur mobile, le tchat est fermé ?
Pisceneo -
brucine -

24 réponses