Message "warning potential spyware operation&

GeoGeo - 24 déc. 2007 à 01:49
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 - 14 févr. 2008 à 00:57
Bonjour à tous,
comme de nombreuses personnes avant moi j'ai un problème avec ce message "warning potential spyware operation" qui vient toujours me déranger.
Apparement tout le monde a trouver une solution, mais moi j'ai rien compris à la procédure à suivre. Pouvez-vous m'éxpliquer clairement chaques étapes à suivres ?
Merci beaucoup par avance.
A voir également:

65 réponses

Réponse 1 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
24 déc. 2007 à 05:09
Bonsoir DIID

A mon sens, SDFix n est pas a utiliser avant d avoir eu un rapport HijackThis qui prouve l utilité de celui ci...

Tuto : "générer un rapport" http://pageperso.aol.fr/balltrap34/demohijack.htm

Commence par envoyer a DIID un rapport HijackThis, fais ce qui suit :

HijackThis

Télécharge hijackthis sur ton bureau.


Ferme toutes les autres fenêtres, tous les autres programmes. Pas de connexion Internet.

Double clique dessus pour lancer l installation . Accepte la licence qui va apparaître par " I agree" .

Puis clique sur "Do a system scan and save a logfile"

Ferme hijackThis et fait un copier-coller du rapport en entier et poste le ici en réponse.

Note : le rapport se trouve dans c:\Program Files\Trend Micro\HijackThis

Salut.
1
Réponse 2 / 65
Utilisateur anonyme
24 déc. 2007 à 02:09
Salut,
> Télécharge SDFix sur ton bureau

>Ouvre le dossier SDFix qui à été créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
- Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
- Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
- Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse

A+
0
Réponse 3 / 65
GeoGeo
24 déc. 2007 à 13:21
Bonjour à tous et merci pour votre aide,
j'ai suivi les instructions de "Le sioux", voilà mon rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:16:12, on 24/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\CmWatch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\srvreg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autos.exe
C:\WINDOWS\system32\winsos.exe
C:\WINDOWS\system32\shovth.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\reg.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\proper.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D27987B8-7244-4DE0-AE10-39B826B492F1} - C:\WINDOWS\system32\bronto.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKCU\..\Run: [StartUp] C:\WINDOWS\Temp\checkmem.exe /optimize speed
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: infos.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: autos.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 4 / 65
GeoGeo
24 déc. 2007 à 13:52
Au fait, j'en profite aussi pour vous dire que en même temps que ce message a commencé à apparaitre j'ai également eu le droit à des restrictions en vigueur sur mon panneau de configuration. Donc si c'est lié et que vous pouvez également m'aider je serait ravi ! Merci beaucoup !!!!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
24 déc. 2007 à 19:22
Bonsoir GeoGeo

Tout cela est lié, le fautif : SmitFraud

Besoin d'un autre rapport avant de passer au nettoyage.

SmitfraudFix de S!Ri, balltrap34 et moe31

Télécharge SmitfraudFix de S!Ri, balltrap34 et moe31

http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe le puis

* Installe le à la racine de C

Tu crees un nouveau dossier, via clic droit "créer /nouveau dossier que tu nommes SmitfraudFix --> C:\SmitfraudFix

Regarde un exemple a E ) « Faire un répertoire dédié » https://forum.pcastuces.com/sujet.asp?f=25&s=3902

* double clic sur l'exe pour le décompresser et lancer le fix.
Utilisation ----- option 1 - Recherche :
* Double clique sur smitfraudfix.cmd
* Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
* Poste le rapport ici


process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

@ suivre
0
Réponse 6 / 65
GeoGeo
24 déc. 2007 à 19:58
Merci,
j'éspère que j'ai procédé correctement, voilà le rapport :

SmitFraudFix v2.274

Rapport fait à 19:53:32,65, 24/12/2007
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\proper.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\srvreg.exe
C:\WINDOWS\system32\shovth.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\reg.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\bronto.dll PRESENT !
C:\WINDOWS\system32\proper.exe PRESENT !
C:\WINDOWS\system32\winter.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Guisse


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Guisse\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

C:\DOCUME~1\Guisse\MENUDM~1\PROGRA~1\DMARRA~1\infos.exe PRESENT !
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\autos.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Guisse\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\wowfx.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/1000 PM Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6C1AD0EB-FE5E-4CA8-BD9A-197A2DFB0187}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6C1AD0EB-FE5E-4CA8-BD9A-197A2DFB0187}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6C1AD0EB-FE5E-4CA8-BD9A-197A2DFB0187}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin



Merci encore, et joyeux noël.
0
Réponse 7 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
24 déc. 2007 à 20:12
Re

Let's go ;)


1) Redémarre en mode sans échec

Regarde ici si besoin avant ici : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

2) SmitfraudFix de S!Ri, balltrap34 et moe31

* Double clique sur Smitfraudfix.cmd
* Sélectionne 2 pour supprimer les fichiers responsables de l'infection.

A la question Voulez-vous nettoyer le registre ? répondre O (oui) afin de débloquer le fond d'écran et supprimer les clés de démarrage automatique de l'infection.
Le fix déterminera si le fichier wininet.dll est infecté.

A la question Corriger le fichier infecté ? répondre O (oui) pour remplacer le fichier corrompu.
* Redémarre en mode normal et poste le rapport ici

N.B.: Cette étape élimine les fichiers infectieux détectés à l'étape #1
Note L'option 2 de l'outil supprime le fond d'écran !

3) Rapports

Fais redémarrer ton PC et poste le rapport de SmitFraudFix et un nouveau rapport HijackThis stp et dis moi si tu constate des améliorations ...

@ suivre

Bon réveillon et Joyeux Noel !
0
Réponse 8 / 65
GeoGeo
25 déc. 2007 à 17:01
Merci beaucoup,
Après avoir tout fait ce que vous m'avez dit les restrictions sont toujours présentes, le message "warning..." est apparut en français maintenant !
Voilà les rapports (en premier le SmitFraudFix puis le HijackThis:


------------------------------- Rapport SmitFraudFix :

SmitFraudFix v2.274

Rapport fait à 15:57:38,64, 25/12/2007
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


192.168.200.3 ad.doubleclick.net
192.168.200.3 ad.fastclick.net
192.168.200.3 ads.fastclick.net
192.168.200.3 atdmt.com
192.168.200.3 awaps.net
192.168.200.3 banner.fastclick.net
192.168.200.3 banners.fastclick.net
192.168.200.3 click.atdmt.com
192.168.200.3 clicks.atdmt.com
192.168.200.3 engine.awaps.net
192.168.200.3 fastclick.net
192.168.200.3 ftp.avp.ch
192.168.200.3 ftp.kasperskylab.ru
192.168.200.3 updates5.kaspersky-labs.com
192.168.200.3 www.awaps.net
192.168.200.3 www.symantec.com
192.168.200.3 www.viruslist.ru

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\system32\bronto.dll supprimé
C:\WINDOWS\system32\proper.exe supprimé
C:\WINDOWS\system32\winter.exe supprimé
C:\DOCUME~1\Guisse\MENUDM~1\PROGRA~1\DMARRA~1\infos.exe supprimé
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\autos.exe supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6C1AD0EB-FE5E-4CA8-BD9A-197A2DFB0187}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6C1AD0EB-FE5E-4CA8-BD9A-197A2DFB0187}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6C1AD0EB-FE5E-4CA8-BD9A-197A2DFB0187}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


------------------------------- Rapport HijackThis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:06:00, on 25/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\srvreg.exe
C:\WINDOWS\system32\shovth.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\suspend.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKLM\..\Run: [Medichi] medichi.exe
O4 - HKLM\..\Run: [Medichi2] medichi2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [StartUp] C:\WINDOWS\Temp\checkmem.exe /optimize speed
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 9 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
25 déc. 2007 à 19:48
Bonsoir Geogeo

On s'occupera des restrictions dans peu de temps ;)

Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redémarreras en mode sans échec)
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) Télécharge

* SDFix d' AndyManchesta

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. N y touche pas pour l instant.

2) Redémarre en mode sans échec

Regarde ici si besoin avant ici : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

3) SDFix
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
· Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

4) Rapports :

Poste un nouveau rapport HijackThis et le rapport de SDFix en réponse.

@ suivre
0
Réponse 10 / 65
GeoGeo
25 déc. 2007 à 23:10
Voilà les rapports :

----------------------------------------------------- SDFix :


SDFix: Version 1.119

Run by Guisse on 25/12/2007 at 12:40

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Infected beep.sys Found!

beep.sys File Locations:

"C:\WINDOWS\system32\dllcache\beep.sys" 37888 24/12/2007 13:32
"C:\WINDOWS\system32\drivers\beep.sys" 37888 24/12/2007 13:32

Infected File Listed Below:

C:\WINDOWS\system32\dllcache\beep.sys
C:\WINDOWS\system32\drivers\beep.sys

Trojan File copied to Backups Folder
Attempting to replace beep.sys with original version...

Original beep.sys Restored


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\Documents and Settings\Guisse\Application Data\antivirus.exe - Deleted
C:\autorun.inf - Deleted
C:\WINDOWS\system\System.exe - Deleted
C:\WINDOWS\system32\drivers\drivers.exe - Deleted
C:\WINDOWS\system32\Setup\setup.exe - Deleted
C:\WINDOWS\system32\system32.exe - Deleted
C:\WINDOWS\system32\winsn.exe - Deleted
C:\WINDOWS\system32\winsos.exe - Deleted
C:\WINDOWS\Temp\temp.exe - Deleted
C:\WINDOWS\windows.exe - Deleted




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1333.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-25 13:04:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:1f,06,55,ec,af,87,c5,b7,b3,ec,16,15,8b,a7,4e,60,85,79,2e,56,73,..
"p0"="J:\Logiciel\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,35,59,f7,ee,c2,35,0e,7d,fd,4b,3f,b3,13,8a,86,20,cb,..
"khjeh"=hex:90,8c,c4,77,d9,1e,61,cb,21,da,62,78,24,5f,31,08,d8,0c,51,7f,a3,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0e,c5,5c,08,70,d5,23,a3,72,08,8d,04,b0,a4,1c,78,50,88,4d,06,f1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:1f,06,55,ec,af,87,c5,b7,b3,ec,16,15,8b,a7,4e,60,85,79,2e,56,73,..
"p0"="J:\Logiciel\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,35,59,f7,ee,c2,35,0e,7d,fd,4b,3f,b3,13,8a,86,20,cb,..
"khjeh"=hex:90,8c,c4,77,d9,1e,61,cb,21,da,62,78,24,5f,31,08,d8,0c,51,7f,a3,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0e,c5,5c,08,70,d5,23,a3,72,08,8d,04,b0,a4,1c,78,50,88,4d,06,f1,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\xd8\x2022\x20ac|\xff\xff\xff\xff\22\x2022\x20ac|\xf9\x20229~\2]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\Software\Adobe\FeatureSubscriptions\DVAAdobeDocMeta\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\Registered"

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 2


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Documents and Settings\\Guisse\\LimeWire\\LimeWire.exe"="C:\\Documents and Settings\\Guisse\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe:*:Enabled:Studio"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\webcamXP\\webcamXP.exe"="C:\\Program Files\\webcamXP\\webcamXP.exe:*:Disabled:webcamXP 2007"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019"

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

Wed 19 Dec 2007 89,088 ..SH. --- "C:\F82EC657.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Config.Msi\Config.Msi.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Downloaded Videos\Downloaded Videos.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Downloads\Downloads.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Mes t‚l‚chargements\Mes t‚l‚chargements.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\SmitfraudFix\SmitfraudFix.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Documents and Settings\Guisse\Guisse.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\Worms Armageddon - New Edition.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Mes Documents\Excel\Excel.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\AppPatch\AppPatch.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Cursors\Cursors.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Debug\Debug.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\EHome\EHome.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Help.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\ime.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Media\Media.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\msagent\msagent.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\network diagnostic\network diagnostic.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Registration\Registration.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\repair\repair.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\security\security.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SHELLNEW\SHELLNEW.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\SoftwareDistribution.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\srchasst\srchasst.exe"
Wed 19 Dec 2007 89,088 ..SH. --- "C:\WINDOWS\system32\shovth.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\twain_32\twain_32.exe"
Wed 17 Oct 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Documents and Settings\Guisse\Bureau\Bureau.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Documents and Settings\Guisse\Incomplete\Incomplete.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Documents and Settings\Guisse\Shared\Shared.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\DATA.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DXLayouts\DXLayouts.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\FESfx\FESfx.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\graphics.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\ReadMe\ReadMe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\Tweaks\Tweaks.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\User.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\SysFiles\SysFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\Vista Inspirat 2.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Cache\MSDERelASP4\MSDERelASP4.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Downloaded Installations\{1325121E-7DD9-4F29-87AF-BD524658E50B}\{1325121E-7DD9-4F29-87AF-BD524658E50B}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Downloaded Installations\{8B452438-5E8A-4745-B0F5-48B4AC0CAFEC}\{8B452438-5E8A-4745-B0F5-48B4AC0CAFEC}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Downloaded Installations\{FC906D5C-91F9-4DA4-A765-6DCBB669F317}\{FC906D5C-91F9-4DA4-A765-6DCBB669F317}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Driver Cache\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\imjp8_1\imjp8_1.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\imkr6_1\imkr6_1.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\shared\shared.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\java\classes\classes.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\java\Packages\Packages.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\Framework.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\msagent\chars\chars.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\msagent\intl\intl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\{AA936DF4-2B08-4B1F-B071-72192E287704}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Themes.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\security\Database\Database.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\security\logs\logs.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\security\templates\templates.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ServicePackFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\AuthCabs\AuthCabs.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\Download.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\EventCache\EventCache.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\WebSetup\WebSetup.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\srchasst\chars\chars.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\1033\1033.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\1036\1036.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot2\CatRoot2.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Com\Com.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\config\config.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ias\ias.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\icsxml\icsxml.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Lang\Lang.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\npp\npp.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\oobe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ras\ras.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Restore\Restore.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\RTCOM\RTCOM.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\URTTemp\URTTemp.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\usmt\usmt.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\wbem.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Temp\IntelChip\IntelChip.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Temp\WLXPL_DX\WLXPL_DX.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Temp\_avast4_\_avast4_.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\twain_32\N067U\N067U.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\twain_32\snp2std\snp2std.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\amd64_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_fdbc5a54\amd64_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_fdbc5a54.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0\amd64_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9d1c6ce0.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\amd64_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6e02dfe5\amd64_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6e02dfe5.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\amd64_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_c351f8e3\amd64_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_c351f8e3.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\amd64_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9e223a7a\amd64_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_9e223a7a.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Manifests\Manifests.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_fr-FR_9d8c4a39\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_fr-FR_9d8c4a39.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1873_x-ww_7d39bb85\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1873_x-ww_7d39bb85.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1891_x-ww_7d3bbc01\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1891_x-ww_7d3bbc01.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3d\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3d.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a.exe"
Tue 16 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Documents and Settings\Guisse\Bureau\100OLYMP\100OLYMP.exe"
Sat 30 Apr 2005 4,348 A..H. --- "C:\Documents and Settings\Guisse\Mes documents\Sauvegarde de la licence\drmv1key.bak"
Fri 16 Dec 2005 20 A..H. --- "C:\Documents and Settings\Guisse\Mes documents\Sauvegarde de la licence\drmv1lic.bak"
Sat 30 Apr 2005 400 A.SH. --- "C:\Documents and Settings\Guisse\Mes documents\Sauvegarde de la licence\drmv2key.bak"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Documents and Settings\Guisse\My Documents\My Videos\My Videos.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Gfx\Gfx.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Image\Image.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\ImgHoles\ImgHoles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Mission\Mission.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\Resource.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Streams\Streams.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\1UpMenu\1UpMenu.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\Background Stuff\Background Stuff.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\ButtonBorders\ButtonBorders.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\CreateTeam\CreateTeam.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\gameoptions.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiFill.seq\GrafittiFill.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiUndo.seq\GrafittiUndo.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiEdit.seq\GrafittiEdit.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiBin.seq\GrafittiBin.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiBorder.seq\GrafittiBorder.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiBrushSize.seq\GrafittiBrushSize.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiCircles.seq\GrafittiCircles.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiExit.seq\GrafittiExit.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiInvert.seq\GrafittiInvert.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiImport.seq\GrafittiImport.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\GrafittiTunnels.seq\GrafittiTunnels.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\HostJoinScreen.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\Intro\Intro.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MainMenu\MainMenu.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\MapedMisc.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MissionMenu\MissionMenu.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\Multiplay\Multiplay.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\NetworkMenu\NetworkMenu.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\optionsmenu\optionsmenu.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\OptionsSpecial\OptionsSpecial.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\palettes\palettes.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\ServerLobby\ServerLobby.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\TeamInfo\TeamInfo.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\water\water.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\WeaponEditor\WeaponEditor.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Capture\Capture.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Flags\Flags.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Games\Games.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Graves\Graves.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Import\Import.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\SavedLevels\SavedLevels.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Speech.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Teams\Teams.exe"
Mon 5 May 2003 348,160 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\AACMP4.EXE"
Thu 7 Feb 2002 94,208 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpaccodec.dll"
Fri 2 Feb 2001 40,960 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\lpac_codec_api.dll"
Tue 13 Apr 2004 212,992 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\OFR.EXE"
Fri 17 Jan 2003 278,528 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PNCRT.dll"
Mon 5 May 2003 16,384 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\RMADEC.EXE"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\Help\Help.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\iColorFolder.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\Icons\Icons.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\PackFiles\PackFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\ResFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResHacker\ResHacker.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\Tools\Tools.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UninstFiles\UninstFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\Wallpapers\Wallpapers.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\htmlTour\htmlTour.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\mmTour\mmTour.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\WindowsMediaPlayer.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\chsime\applets\applets.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\CHTIME\Applets\Applets.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\imjp8_1\applets\applets.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\imjp8_1\DICTS\DICTS.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\imkr6_1\applets\applets.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\shared\res\res.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\java\Packages\Data\Data.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\v1.0.3705.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\v1.1.4322.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\v2.0.50727.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Binaries\Binaries.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Config\Config.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Database\Database.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\DataColl\DataColl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Indices\Indices.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Logs\Logs.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\OfflineCache.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\PackageStore\PackageStore.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\System.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\UploadLB\Binaries\Binaries.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\UploadLB\Config\Config.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Inspirat2\Inspirat2.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Luna\Luna.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Vista\Vista.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\7971f918-a847-4430-9279-4a52d1efe18d.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\Logs.exe"
Fri 26 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT5.tmp"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\d3c2d09b276caa4aac6cb42653aaddc6\d3c2d09b276caa4aac6cb42653aaddc6.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\Default.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\7971F918-A847-4430-9279-4A52D1EFE18D.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\9482F4B4-E343-43B6-B170-9A65BC822C77.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\srchasst\mui\040C\040C.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\config\systemprofile\systemprofile.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\DirectX\Dinput\Dinput.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\drivers\etc\etc.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\IME\CINTLGNT\CINTLGNT.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\IME\PINTLGNT\PINTLGNT.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\IME\TINTLGNT\TINTLGNT.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Macromed\Flash\Flash.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\MsDtc\Trace\Trace.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\mui\000C\000C.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\mui\0409\0409.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\mui\040C\040C.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\actsetup\actsetup.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\error\error.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\icserror\icserror.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\isperror\isperror.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\regerror\regerror.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\setup\setup.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\spool\PRINTERS\PRINTERS.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\AutoRecover\AutoRecover.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\Logs\Logs.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\Performance\Performance.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\Repository\Repository.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\xml\xml.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\amd64_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_beca5f1f\amd64_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_beca5f1f.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\amd64_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_d780e993\amd64_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_d780e993.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\amd64_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_6f34654e\amd64_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_6f34654e.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\amd64_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_dd406c19\amd64_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_dd406c19.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\amd64_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_2aad8370\amd64_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_2aad8370.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e\x86_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.6.0.Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_x-ww_527a1c68\x86_policy.6.0.Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_x-ww_527a1c68.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Documents and Settings\Guisse\LimeWire\themes\red_theme\red_theme.exe"
Tue 7 Aug 2007 1,081,344 A..H. --- "C:\Documents and Settings\Guisse\Mes documents\Geoffrey\Rapport Thomas BEPA\~WRD0001.tmp"
Sat 30 Apr 2005 4,348 A..H. --- "C:\Documents and Settings\Guisse\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Wed 2 Nov 2005 20 A..H. --- "C:\Documents and Settings\Guisse\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Sat 30 Apr 2005 400 A.SH. --- "C:\Documents and Settings\Guisse\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Sat 30 Apr 2005 4,348 A..H. --- "C:\Documents and Settings\Guisse\Mes documents\Sauvegarde de la licence\Sauvegarde de la licence\drmv1key.bak"
Sun 26 Nov 2006 20 A..H. --- "C:\Documents and Settings\Guisse\Mes documents\Sauvegarde de la licence\Sauvegarde de la licence\drmv1lic.bak"
Mon 30 Jan 2006 488 A.SH. --- "C:\Documents and Settings\Guisse\Mes documents\Sauvegarde de la licence\Sauvegarde de la licence\drmv2key.bak"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\-Beach\-Beach.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\-Desert\-Desert.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\-Farm\-Farm.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\-Forest\-Forest.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\-Hell\-Hell.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Art\Art.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Cheese\Cheese.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Construction\Construction.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Desert\Desert.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Dungeon\Dungeon.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Easter\Easter.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Forest\Forest.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Fruit\Fruit.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Gulf\Gulf.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Hell\Hell.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Hospital\Hospital.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Jungle\Jungle.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Manhattan\Manhattan.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Medieval\Medieval.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Music\Music.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Pirate\Pirate.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Snow\Snow.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Space\Space.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Sports\Sports.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Tentacle\Tentacle.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Time\Time.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Tools\Tools.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Tribal\Tribal.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Custom\Urban\Urban.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\-Beach\-Beach.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\-Desert\-Desert.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\-Farm\-Farm.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\-Forest\-Forest.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\-Hell\-Hell.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Art\Art.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Cheese\Cheese.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Construction\Construction.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Desert\Desert.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Dungeon\Dungeon.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Easter\Easter.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Forest\Forest.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Fruit\Fruit.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Gulf\Gulf.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Hell\Hell.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Hospital\Hospital.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Jungle\Jungle.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Manhattan\Manhattan.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Medieval\Medieval.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Music\Music.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Pirate\Pirate.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Snow\Snow.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Space\Space.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Sports\Sports.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Tentacle\Tentacle.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Time\Time.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Tools\Tools.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Tribal\Tribal.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Level\Urban\Urban.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\DUTCH\DUTCH.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\ENGLISH\ENGLISH.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\FRENCH\FRENCH.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\GERMAN\GERMAN.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\ITALIAN\ITALIAN.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\Portuguese\Portuguese.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\SPANISH\SPANISH.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Resource\SWEDISH\SWEDISH.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\User\Fanfare\Fanfare.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Water\Blue\Blue.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Water\Green\Green.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Water\Purple\Purple.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Water\Red\Red.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Water\yellow\yellow.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\Wav\Effects\Effects.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\CreateTeam\CPUPlayers\CPUPlayers.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\CreateTeam\Graves\Graves.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\CreateTeam\Specials\Specials.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\CratePercentage\CratePercentage.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\HealthCrate\HealthCrate.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\HotseatDelay\HotseatDelay.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\MineFuse.tga\MineFuse.tga.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\Objects\Objects.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\RetreatTime\RetreatTime.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\RopeRetreat\RopeRetreat.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\RoundTime\RoundTime.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\Stockpiling\Stockpiling.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\SuddenDeathModes\SuddenDeathModes.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\TurnTime\TurnTime.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\WaterRiseSpeed\WaterRiseSpeed.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\winsrequired\winsrequired.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\gameoptions\WormEnergy\WormEnergy.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\Allies\Allies.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\BigReadyBulb.seq\BigReadyBulb.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\Handicap\Handicap.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\ReadyYN.seq\ReadyYN.seq.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\RoundTime\RoundTime.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\Teleport\Teleport.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\TurnTime\TurnTime.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\winsrequired\winsrequired.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\WormEnergy\WormEnergy.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\HostJoinScreen\WormsInTeam\WormsInTeam.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\Borders\Borders.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\BridgeCount\BridgeCount.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\brushes\brushes.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\ObjectCount\ObjectCount.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\PieBig\PieBig.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\PieSmall\PieSmall.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\MapedMisc\SmallWater\SmallWater.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\Multiplay\PieSmall\PieSmall.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\NetworkMenu\DataTransferframes\DataTransferframes.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\NetworkMenu\WormnetFrames\WormnetFrames.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\ServerLobby\flags\flags.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\ServerLobby\WormnetFrames\WormnetFrames.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\WeaponEditor\Ammo\Ammo.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\WeaponEditor\Crates\Crates.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\WeaponEditor\Delay\Delay.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\graphics\WeaponEditor\Power\Power.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Flags\Default\Default.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Ace Ventura\Ace Ventura.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Africaan\Africaan.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Age of Empires\Age of Empires.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\American\American.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Angry Scots\Angry Scots.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Australian\Australian.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Brak\Brak.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Brooklyn\Brooklyn.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Brummie\Brummie.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Bugs Bunny\Bugs Bunny.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Cad\Cad.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Cyberworms\Cyberworms.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Daffy Duck\Daffy Duck.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Danish-Pyrus\Danish-Pyrus.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Double-Oh-Seven\Double-Oh-Seven.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Drill Sergeant\Drill Sergeant.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Dutch\Dutch.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\FFX\FFX.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Finnish\Finnish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Formula One\Formula One.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\French\French.exe"
Wed 19 Dec 2007 89,088 ...H. ---
0
Réponse 11 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
25 déc. 2007 à 23:33
Re

Je vais finir de regarder ton rapport tout a l heure mais j aurai voulu un nouveau rapport Hijackthis stp.

@ suivre
0
Réponse 12 / 65
GeoGeo
26 déc. 2007 à 01:36
désolé en fait le forum a coupé mon message (trop long) voilà la fin du rapport SDFix suivi du rapport HijackThis :

Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Futurama\Futurama.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Geezer\Geezer.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\German\German.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Goofed\Goofed.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Greek\Greek.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Grim\Grim.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Hispanic\Hispanic.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Hoagie\Hoagie.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Hungarian\Hungarian.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Irish\Irish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Italian\Italian.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Jock\Jock.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Kamikaze\Kamikaze.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Kidz\Kidz.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Ludek Sobota\Ludek Sobota.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Mafia\Mafia.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Mortal Kombat\Mortal Kombat.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Norwegian\Norwegian.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Pirates of Caribbean\Pirates of Caribbean.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Polish\Polish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Portuguese\Portuguese.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Rasta\Rasta.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Redneck\Redneck.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Rushki\Rushki.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Russian\Russian.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Scouser\Scouser.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Simpsons\Simpsons.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Smooth Babe\Smooth Babe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Soul Man\Soul Man.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Spanish\Spanish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Stiff Upper Lip\Stiff Upper Lip.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Stooges\Stooges.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Swedish\Swedish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Team17 Test\Team17 Test.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Terminator\Terminator.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\The Raj\The Raj.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Thespian\Thespian.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Troll\Troll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Tykes\Tykes.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\US Sports\US Sports.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Wacky\Wacky.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Whoopsie\Whoopsie.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\User\Speech\Wideboy\Wideboy.exe"
Sun 21 Jul 2002 45,056 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\AC3\AC3ENC.DLL"
Wed 20 Feb 2002 98,304 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\AC3\AZID.DLL"
Fri 11 Apr 2003 73,766 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\atrc3260.dll"
Fri 11 Apr 2003 45,099 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\auth3260.dll"
Fri 11 Apr 2003 65,575 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\cook3260.dll"
Fri 11 Apr 2003 102,437 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv13260.dll"
Fri 11 Apr 2003 176,165 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv23260.dll"
Fri 11 Apr 2003 208,935 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv33260.dll"
Fri 11 Apr 2003 217,127 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\drv43260.dll"
Tue 15 Apr 2003 976,896 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnen3260.dll"
Fri 11 Apr 2003 348,203 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnvi3260.dll"
Fri 11 Apr 2003 53,289 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\pnxr3260.dll"
Fri 11 Apr 2003 45,101 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\ramf3260.dll"
Fri 11 Apr 2003 135,213 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rare3260.dll"
Mon 14 Oct 2002 57,344 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rims3290.dll"
Fri 11 Apr 2003 163,885 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmff3260.dll"
Mon 14 Oct 2002 737,280 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmse3290.dll"
Mon 14 Oct 2002 245,760 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rmwr3260.dll"
Fri 11 Apr 2003 245,805 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rnlt3260.dll"
Mon 14 Oct 2002 245,760 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rorw3290.dll"
Mon 14 Oct 2002 114,688 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtae3290.dll"
Mon 14 Oct 2002 65,536 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtin3290.dll"
Mon 14 Oct 2002 163,840 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rtve3290.dll"
Fri 11 Apr 2003 45,093 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv103260.dll"
Fri 11 Apr 2003 98,341 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv203260.dll"
Fri 11 Apr 2003 94,247 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv303260.dll"
Fri 11 Apr 2003 90,151 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rv403260.dll"
Fri 11 Apr 2003 159,785 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\rvre3260.dll"
Mon 14 Oct 2002 102,400 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\sipr3260.dll"
Fri 11 Apr 2003 61,485 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\smpl3260.dll"
Fri 11 Apr 2003 106,541 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\vsrl3260.dll"
Fri 11 Apr 2003 86,061 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\xmlp3261.dll"
Fri 11 Apr 2003 159,787 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Common\zipf3260.dll"
Sun 23 Feb 2003 64,512 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPDEC.EXE"
Sat 26 Oct 2002 79,360 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\MusePack\MPPENC.EXE"
Mon 4 Mar 2002 352,299 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\AACENC.EXE"
Mon 5 May 2003 348,160 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\AACMP4.EXE"
Mon 4 Mar 2002 221,184 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\FASTENC.EXE"
Thu 6 Sep 2001 688,128 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\PsyTEL\IA32MATH.DLL"
Fri 14 Feb 2003 910,152 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Shorten\CYGWIN1.DLL"
Sun 20 Apr 2003 60,928 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Shorten\SHORTEN.EXE"
Wed 8 Oct 2003 75,264 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Speex\speexdec.exe"
Wed 8 Oct 2003 77,312 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\Speex\speexenc.exe"
Tue 18 Feb 2003 103,936 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\WavPack\WAVPACK.EXE"
Tue 18 Feb 2003 102,912 ...H. --- "C:\Program Files\Fichiers communs\Ahead\AudioPlugins\WavPack\WVUNPACK.EXE"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\doc\doc.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\10_cmdial32.dll\10_cmdial32.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\11_console.dll\11_console.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\12_credui.dll\12_credui.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\13_desk.cpl\13_desk.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\14_explorer.exe\14_explorer.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\15_fontext.dll\15_fontext.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\16_hdwwiz.cpl\16_hdwwiz.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\17_helpctr.exe\17_helpctr.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\18_hotplug.dll\18_hotplug.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\19_inetcpl.cpl\19_inetcpl.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\1_access.cpl\1_access.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\20_inetcplc.dll\20_inetcplc.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\21_intl.cpl\21_intl.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\22_joy.cpl\22_joy.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\23_keymgr.dll\23_keymgr.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\24_logon.scr\24_logon.scr.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\25_main.cpl\25_main.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\26_migwiz.exe\26_migwiz.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\27_mmsys.cpl\27_mmsys.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\28_moricons.dll\28_moricons.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\29_msgina.dll\29_msgina.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\2_ahui.exe\2_ahui.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\30_mshtml.dll\30_mshtml.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\31_mspaint.exe\31_mspaint.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\32_mstask.dll\32_mstask.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\33_mstscax.dll\33_mstscax.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\34_mydocs.dll\34_mydocs.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\35_narrator.exe\35_narrator.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\36_ncpa.cpl\36_ncpa.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\37_netid.dll\37_netid.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\38_netshell.dll\38_netshell.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\39_newdev.dll\39_newdev.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\3_appwiz.cpl\3_appwiz.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\40_notepad.exe\40_notepad.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\41_ntshrui.dll\41_ntshrui.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\42_nusrmgr.cpl\42_nusrmgr.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\43_occache.dll\43_occache.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\44_powercfg.cpl\44_powercfg.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\45_printui.dll\45_printui.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\46_rasdlg.dll\46_rasdlg.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\47_regedit.exe\47_regedit.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\48_shdoclc.dll\48_shdoclc.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\49_shdocvw.dll\49_shdocvw.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\4_batmeter.dll\4_batmeter.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\50_shell32.dll\50_shell32.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\51_shimgvw.dll\51_shimgvw.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\52_shlwapi.dll\52_shlwapi.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\53_sndrec32.exe\53_sndrec32.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\54_sndvol32.exe\54_sndvol32.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\55_stobject.dll\55_stobject.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\56_sysdm.cpl\56_sysdm.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\57_sysocmgr.exe\57_sysocmgr.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\58_syssetup.dll\58_syssetup.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\59_taskmgr.exe\59_taskmgr.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\5_browseui.dll\5_browseui.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\60_telephon.cpl\60_telephon.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\61_themeui.dll\61_themeui.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\62_timedate.cpl\62_timedate.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\63_url.dll\63_url.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\64_urlmon.dll\64_urlmon.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\65_webcheck.dll\65_webcheck.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\66_wiaacmgr.exe\66_wiaacmgr.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\67_wiashext.dll\67_wiashext.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\68_wininet.dll\68_wininet.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\69_WINNTBBU.DLL\69_WINNTBBU.DLL.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\6_cabview.dll\6_cabview.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\70_winsrv.dll\70_winsrv.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\71_wscui.cpl\71_wscui.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\72_wuauclt.exe\72_wuauclt.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\73_wuauclt1.exe\73_wuauclt1.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\74_wuaucpl.cpl\74_wuaucpl.cpl.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\75_xpsp2res.dll\75_xpsp2res.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\76_zipfldr.dll\76_zipfldr.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\77_logonui.exe\77_logonui.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\78_iexplore.exe\78_iexplore.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\79_msimn.exe\79_msimn.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\7_calc.exe\7_calc.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\80_msoeres.dll\80_msoeres.dll.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\81_moviemk.exe\81_moviemk.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\8_cleanmgr.exe\8_cleanmgr.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\ResFiles\9_cmd.exe\9_cmd.exe.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Data\Data.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Docklets\Docklets.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Icons\Icons.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Languages\Languages.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\License_files\License_files.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Tools\Tools.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Data\Data.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Languages\Languages.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\License_files\License_files.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberAPI\UberAPI.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\Languages\Languages.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Audio.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\Cnt.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Css\Css.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Img.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Scr\Scr.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Video\Video.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\1033.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1036\1036.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\ASP.NETClientFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\CONFIG.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fr\fr.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\SHADOW1816.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\Updates.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\1033.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\ASP.NETWebAdminFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\CONFIG.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\Microsoft .NET Framework 2.0.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild\MSBuild.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RedistList\RedistList.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Cache.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Personal_32#040c\Personal_32#040c.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\blurbs.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatCtr.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\css\css.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\dialogs.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\DVDUpgrd.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrMsg.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\errors\errors.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\NetDiag.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\panels\panels.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\rc\rc.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Remote Assistance.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\scripts\scripts.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfo.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\UpdateCtr.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\d3c2d09b276caa4aac6cb42653aaddc6\update\update.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\html\dslmain\dslmain.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\html\iconnect\iconnect.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\html\isptype\isptype.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\html\mouse\mouse.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\html\sconnect\sconnect.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\mui\041e\041e.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\DriverFiles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\spool\drivers\color\color.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\spool\drivers\w32x86\w32x86.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\spool\prtprocs\w32x86\w32x86.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\mof\good\good.exe"
Sun 29 Apr 2007 389,120 A.SH. --- "C:\Documents and Settings\Guisse\Mes documents\Geoffrey\Remettre dans portable\Photos\SIVF1.tmp"
Wed 19 Dec 2007 89,088 ...H. --- "C:\Games\Worms Armageddon - New Edition\DATA\User\Speech\English\English.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\Help\_design\_css\_css.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\Help\_design\_img\_img.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\iColorFolder\skins\Vista Inspirat\Vista Inspirat.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Defaults\DefaultIcons\DefaultIcons.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Defaults\DefaultIndicator\DefaultIndicator.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Defaults\DefaultPoof\DefaultPoof.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Defaults\DefaultSkin\DefaultSkin.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Docklets\RocketClock\RocketClock.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Chinese\Chinese.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Czech\Czech.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\English\English.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\French\French.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\German\German.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Korean\Korean.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Polish\Polish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\shared\shared.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Spanish\Spanish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\TraditionalChinese\TraditionalChinese.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Turkish\Turkish.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Aero Milk\Aero Milk.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\AstroGlass\AstroGlass.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\AstroGrey\AstroGrey.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\AstroIron\AstroIron.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\AstroLife\AstroLife.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\AstroOrange\AstroOrange.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\AstroSteel\AstroSteel.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Blank\Blank.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Brushed\Brushed.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\CrystalXP.net\CrystalXP.net.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Inspirat\Inspirat.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Luminous\Luminous.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Milk1\Milk1.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Milk2\Milk2.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Minired\Minired.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Painting\Painting.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ProtoClay\ProtoClay.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ProtoGlass\ProtoGlass.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ProtoIron\ProtoIron.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ProtoSea\ProtoSea.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ProtoSky\ProtoSky.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ProtoSteel\ProtoSteel.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ProtoTree\ProtoTree.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Simply\Simply.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Special-RD\Special-RD.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ToonBLue\ToonBLue.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\Vista\Vista.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\VistaBlack\VistaBlack.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\WhiteCristal\WhiteCristal.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Skins\ZaKtoon\ZaKtoon.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Data\About\About.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iBounce\iBounce.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iZoom\iZoom.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Wav\Wav.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Btn\Btn.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\WMarks\WMarks.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI\0409\0409.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI\040C\040C.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\AppConfig\AppConfig.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Code\App_Code.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_Data\App_Data.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_GlobalResources\App_GlobalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Images\Images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Providers\Providers.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Security.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\Browsers\Browsers.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\0409.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\16x16.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\24x24.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\images\32x32\32x32.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\48x48.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Centers.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\Expando.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\subpanels.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\Common.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\Css.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\graphics.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Remote Assistance.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Inspirat2\Shell\AeroBlue\AeroBlue.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Inspirat2\Shell\AeroBlack\AeroBlack.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Inspirat2\Shell\ClassicXP\ClassicXP.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Inspirat2\Shell\NormalColor\NormalColor.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Luna\Shell\Homestead\Homestead.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\Metallic.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Luna\Shell\NormalColor\NormalColor.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Vista\Shell\NormalColor\NormalColor.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA12\VISTA12.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA2\VISTA2.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Vista\Shell\VISTA22\VISTA22.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\html\mouse\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\i386.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\spool\drivers\w32x86\3\3.exe"
Sun 17 Jun 2007 446,464 A.SH. --- "C:\Documents and Settings\Guisse\Mes documents\Photos\Photos ann‚e 2007\Mariage Flo-Claude\Mariage Claude1\SIV10.tmp"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Docklets\RocketClock\Images\Images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Chinese\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Czech\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\English\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\French\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\German\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Korean\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Polish\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\shared\flags\flags.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Spanish\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\TraditionalChinese\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\Help\Turkish\images\images.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iBounce\Source\Source.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iZoom\Source\Source.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\AppConfig\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Providers\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Permissions\Permissions.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Roles\Roles.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Users\Users.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Wizard\Wizard.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\Client.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Common.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\Server.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\33x16pie.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\47x24pie.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\Common.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\Css.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\7.0.6000.381.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Permissions\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Roles\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Users\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\Security\Wizard\App_LocalResources\App_LocalResources.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Common.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\Email.exe"
Wed 19 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited\Unsolicited.exe"

Finished!




HijackThis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:18:26, on 25/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\srvreg.exe
C:\WINDOWS\system32\shovth.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\reg.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Medichi] medichi.exe
O4 - HKLM\..\Run: [Medichi2] medichi2.exe
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [StartUp] C:\WINDOWS\Temp\checkmem.exe /optimize speed
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 13 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
26 déc. 2007 à 01:40
Re

Télécharge Zebrestore http://telechargement.zebulon.fr/233-zeb-restore.html

Met le dans un dossier sur ton bureau par exemple.

* Lance Zebrestore et coche les cases suivante :

Panneau de config
Policies
Fichier Hosts
Windows Update
Regedit

et clique sur le bouton "Restaurer".

Quitte le programme.

Et dis moi si ces fonctions remarchent ;-) ... essaye de régler l heure entre autre.

et dis moi si tu as d autres restrictions en vigueur sur ton PC .


Refais un nouveau rapport HijackThis stp, celui ci semble identique a celui avant le passage de SDFix et ce n'est pas logique ...

@ suivre
0
Réponse 14 / 65
GeoGeo
27 déc. 2007 à 12:50
Les réstrictions sont parties ! C'est géniale ! Merci beaucoup !

Voici un nouveau rapport HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:26, on 27/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\CmWatch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\VirusKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\srvreg.exe
C:\WINDOWS\system32\shovth.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CmCardRun] C:\WINDOWS\system32\CmWatch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Medichi] medichi.exe
O4 - HKLM\..\Run: [Medichi2] medichi2.exe
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2008 Pro Evaluation\VirusKeeper.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [StartUp] C:\WINDOWS\Temp\checkmem.exe /optimize speed
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O20 - AppInit_DLLs: murka.dat
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 15 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
27 déc. 2007 à 13:03
Bonjour Geogeo

Cool, mais cela ne durera peut être pas car il reste encore un sacré ménage a faire ...

Télécharge Combofix.exe de sUBs sur ton Bureau,

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Déconnecte toi du net et désactive ton antivirus pour que Combofix puisse s'exécuter normalement

Double clique sur Combofix.exe
Mets le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan
Lorsque le scan sera terminé, un rapport apparaîtra.

Poste le en réponse.

Note : Le rapport se trouve également là : C:\Combofix.txt+

@ suivre
0
Réponse 16 / 65
GeoGeo
27 déc. 2007 à 18:59
Re,
ya un problème, quand je double-clique sur le logiciel Combofix.exe et qu'après je met "éxectuer" rien ne se passe !
0
Réponse 17 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
28 déc. 2007 à 05:44
Bonsoir

Ok, on va faire autrement :

Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redémarreras en mode sans échec)
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) Télécharge

-- OTMoveIt de Old_Timer sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
N'y touche pas pour le moment.

-- CCleaner
https://www.ccleaner.com/ccleaner/download
Choisi de préférence la version SLIM-No Toolbar.
Installe-le en prenant soin de décocher les diverses options dont la barre Yahoo et la mise à jour.
Lance CCleaner puis Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Pour les autres paramètres, laisse-le avec ses réglages par défaut.
Ferme le programme pour l’instant.

-- La version d'essai d'AVG Anti-Spyware 7.5 depuis http://www.grisoft.com/doc/downloads-products/ww/crp/0?prd=triasw
Installe la puis...Lancer AVG Anti-Spyware.
Clique sur le menu Mise à jour.
Dans le paragraphe Mise à jour manuelle, cliquer sur le bouton Commencer la mise à jour.
Attends la fin de cette mise à jour puis ferme le programme.
Ne pas lancer d'analyse maintenant

2) Redémarre en mode sans échec

Regarde ici si besoin avant ici : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

3) Lance HijackThis.

Lance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Clique sur Scan Only et coche les lignes suivantes :

O4 - HKLM\..\Run: [Medichi] medichi.exe
O4 - HKLM\..\Run: [Medichi2] medichi2.exe
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe

Ferme toutes les autres fenêtres, tous les autres programmes.

Clique sur Fix Checked puis clique sur OK
Puis ferme hijackthis.

4) OTMoveIt de Old_Timer

Double clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.

C:\WINDOWS\system32\srvreg.exe
C:\WINDOWS\system32\medichi.exe
C:\WINDOWS\system32\medichi2.exe

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaîtra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression.
si c'est le cas accepte par Yes.

5) Lance AVG Anti-Spyware 7.5

--Réglages
Clique sur le menu Analyse (de la barre d'outils).
Clique sur l'onglet Paramètres.
Dans Comment réagir? clique sur Actions recommandées et choisir Quarantaine.
Dans Comment faire l'analyse ? et dans Programmes potentiellement dangereux, vérifier que toutes les cases soient cochées.
Dans Rapports cocher "générer un rapport après chaque analyse"

-- Scan
Dans l'onglet Analyse
Clique sur Analyse complète du système.
Important : Ne pas ouvrir de fenêtre, ne pas lancer de programme pendant l'exécution de AVG Anti-Spyware, car cela pourrait interférer avec le processus de recherche.
Cliquer sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.(C:\Programfiles\AVG Antispyware 7.5\Reports)

Tres important : A la fin de l'analyse, clique sur " Appliquer toutes les actions"

Puis ferme AVG Anti-Spyware.

6) Suppression de fichiers inutiles avec CCleaner

Lance CCleaner en double-cliquant sur son raccourci sur le bureau.
Puis dans le menu Nettoyeur
Clique sur Analyse (laisser travailler cela peut durer longtemps la 1ere fois)
Clique sur le bouton Lancer le nettoyage.
Clique une seconde fois sur le bouton Lancer le nettoyage puis ferme CCleaner.

7) Rapports

Fais redémarrer ton PC en mode normal puis poste en réponse :

* Le rapport d’OTMoveIt situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)

* Le rapport d'AVG Antispyware 7.5 (qui se trouve C:\Programfiles\AVG Antispyware 7.5\Reports)

* Un nouveau rapport HijackThis.

Bon courage, a plus.
0
Réponse 18 / 65
GeoGeo
2 janv. 2008 à 00:53
Bonsoir, désolé de ne pas avoir donné de nouvelles mais j'ai été absent ces jours ci.
J'ai un problème par rapport à AVG antispyware, je n'arrive pas à l'installer. Il me dit toujours que ça marche pas et qu'il faut que je réinstalle le logiciel. Je fait comment ?
0
Réponse 19 / 65
Utilisateur anonyme
2 janv. 2008 à 01:05
Salut GeoGeo et bien sûr Le sioux, bonne année à vous.

Essaye avec cette version : http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
0
Réponse 20 / 65
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
2 janv. 2008 à 03:34
Bonsoir géo géo

Salut DIID , meilleurs voeux a vous deux.

Geo geo desinstalle le et reinsatlle le , il arrive qu aAvg Antispyware soit "capricieux"

@ +
0

Discussions similaires

Facebook « Cette personne ne peut actuellement pas recevoir de message »
Cynamon -
Titia -

5 réponses
l'opération demandée necessite une elevation
audrey509 -
lulu -

6 réponses