Personne ne veut m aider? - Page 2

desole mais je vais bosse cette nuit !!
impossible d ouvrir comboxfix deja dit pourtant?? pour la suite ferait demain a+

re tu as bien bosse cette nuit lol
bon j aitoujours la meme chose sur hijackthis en mode sans echec et mode normal les fichiers sont toujours là bz.............
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:34, on 03/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [PhiBtn] C:\Windows\System32\Drivers\PhiBtn.exe
O4 - HKLM\..\Run: [TrayMin900] C:\Windows\System32\Drivers\Tray900.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

bein.........par moment il ramone par moment il court
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:14:11, on 03/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\drivers\Phibtn.exe
C:\Windows\System32\drivers\Tray900.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [PhiBtn] C:\Windows\System32\Drivers\PhiBtn.exe
O4 - HKLM\..\Run: [TrayMin900] C:\Windows\System32\Drivers\Tray900.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

chalut!!! tu me reconnais ? plus de nouvelles veut il dire bonnes nouvelles ?pour te reconforter une fois mon pc va bien et a d autres moment il est plutot lent pour un 2048mo ondirait qu il cherche sans arret car il tourne en permanence comme s il y avait un autorun qui l obligeait a tourner?????

desole je devait t envoyer ce que j avais trouve
~~ Arguments ~~

# Détections 05/03/2008 11:33:04,17 - C:\Users\eric\Desktop\GenProc\outil

Rustok: le 05/03/2008 à 11:33:04,20 pe386 present!

# Détections 05/03/2008 11:35:55,31 - C:\Users\eric\Desktop\GenProc\outil

Rustok: le 05/03/2008 à 11:35:55,43 pe386 present!

greu;;;;;;;;;;;;;;;;;;;;;;;;; j ai eu un ecran bleu pendant le scan : windows a detecte une errreur et va cesser avant d endommager votre pc?????
j ai refait un scan et voici voila the rapport il a des malwares?????OUF BEURK LOL
GMER 1.0.14.14116 - http://www.gmer.net
Rootkit scan 2008-03-05 12:44:36
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

SSDT 8DBA754C ZwCreateThread
SSDT 8DBA7538 ZwOpenProcess
SSDT 8DBA753D ZwOpenThread
SSDT 8DBA7547 ZwTerminateProcess
SSDT 8DBA7542 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.14 ----

.text ntoskrnl.exe!ZwQueryLicenseValue + D41 81C46239 1 Byte [ 06 ]
.text ntoskrnl.exe!_alloca_probe + 164 81C560B4 4 Bytes [ 4C, 75, BA, 8D ]
.text ntoskrnl.exe!_alloca_probe + 334 81C56284 4 Bytes [ 38, 75, BA, 8D ]
.text ntoskrnl.exe!_alloca_probe + 350 81C562A0 4 Bytes [ 3D, 75, BA, 8D ]
.text ntoskrnl.exe!_alloca_probe + 574 81C564C4 4 Bytes [ 47, 75, BA, 8D ]
.text ntoskrnl.exe!_alloca_probe + 5D4 81C56524 4 Bytes [ 42, 75, BA, 8D ]

---- User code sections - GMER 1.0.14 ----

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3700] kernel32.dll!SetUnhandledExceptionFilter 7621D187 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)

---- Devices - GMER 1.0.14 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF dynamique/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF dynamique/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)

---- Registry - GMER 1.0.14 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion@CurrentVersion 6.0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion@CurrentBuildNumber 6000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion@ProductName Windows Vista (TM) Home Premium
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@CacheSizeInMB 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@CacheStatus 2
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@USBVersion 131072
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@ReadSpeedKBs 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@WriteSpeedKBs 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@PhysicalDeviceSizeMB 305242
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@RecommendedCacheSizeMB 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@HasSlowRegions 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@DoRetestDevice 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@DeviceStatus 1
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\BNmþ@LastTestedTime 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@CacheSizeInMB 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@CacheStatus 2
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@USBVersion 131072
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@ReadSpeedKBs 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@WriteSpeedKBs 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@PhysicalDeviceSizeMB 57270
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@RecommendedCacheSizeMB 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@HasSlowRegions 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@DoRetestDevice 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@DeviceStatus 1
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\énl@LastTestedTime 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@c!s!r!\30!t!`!\24!\24!j!r!t!\22!c!i!s!\30! 71230

---- EOF - GMER 1.0.14 ----

a greu !!!!! bon bon bon voila le resultat de combo ; par contre j ai eu beau chercher je n ai pas trouve la methode pour reduire les privileges (pas doue certainementl) beurk!!!!!!
ComboFix 08-03-04.5 - eric 2008-03-05 13:45:58.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1350 [GMT 1:00]
Endroit: C:\Users\eric\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\drivers\Phibtn.exe
C:\Windows\system32\drivers\Tray900.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-05 to 2008-03-05 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-02 18:51 --------- d---a-w C:\ProgramData\TEMP
2008-03-01 19:55 --------- d-----w C:\Program Files\Trend Micro
2008-03-01 19:52 --------- d-----w C:\Program Files\BitComet
2008-03-01 15:42 166,223,614 ----a-w C:\Windows\System32\Sauv.reg
2008-03-01 14:05 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-28 12:48 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-02-27 13:29 --------- d-----w C:\ProgramData\Avira
2008-02-27 13:29 --------- d-----w C:\Program Files\Avira
2008-02-27 02:01 --------- d-----w C:\Program Files\Windows Live
2008-02-26 17:36 4,492 ----a-w C:\Windows\System32\tmp.reg
2008-02-24 20:01 --------- d-----w C:\ProgramData\WLInstaller
2008-02-24 14:46 --------- d-----w C:\ProgramData\Lavasoft
2008-02-24 14:46 --------- d-----w C:\Program Files\Lavasoft
2008-02-24 14:45 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-23 22:34 --------- d-----w C:\Program Files\Conduit
2008-02-23 14:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-21 11:15 --------- d-----w C:\Program Files\orange
2008-02-21 10:10 --------- d-----w C:\Program Files\SpywareBlaster
2008-02-21 10:04 --------- d-----w C:\Program Files\Google
2008-02-19 10:09 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-02-18 14:59 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-18 14:36 691,545 ----a-w C:\Windows\unins000.exe
2008-02-18 12:58 --------- d-----w C:\Program Files\Java
2008-02-18 12:57 --------- d-----w C:\Program Files\Common Files\Java
2008-02-17 08:41 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-16 20:28 --------- d-----w C:\ProgramData\Ahead
2008-02-16 20:27 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-16 20:23 --------- d-----w C:\ProgramData\Nero
2008-02-16 19:55 --------- d-----w C:\Program Files\Combined Community Codec Pack
2008-02-15 17:22 --------- d-----w C:\ProgramData\Corel
2008-02-15 16:08 --------- d-----w C:\ProgramData\Yahoo! Companion
2008-02-15 14:07 --------- d-----w C:\Program Files\CA Yahoo! Anti-Spy
2008-02-15 14:05 --------- d-----w C:\Program Files\Common Files\Scanner
2008-02-14 18:03 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-02-14 18:03 --------- d-----w C:\Program Files\Windows Live Favorites
2008-02-14 18:03 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-14 17:59 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-14 17:54 --------- d-----w C:\Program Files\Philips
2008-02-14 17:50 --------- d-----w C:\Program Files\DivX
2008-02-14 17:49 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-02-14 17:34 --------- d-----w C:\Program Files\CCleaner
2008-02-14 17:33 --------- d-----w C:\Program Files\Yahoo!
2008-02-14 16:09 --------- d-----w C:\Program Files\VideoLAN
2008-02-12 20:09 174 --sha-w C:\Program Files\desktop.ini
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Sidebar
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Mail
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Defender
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Calendar
2008-02-12 19:46 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-12 19:46 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-12 19:39 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-12 19:39 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-12 19:39 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-12 19:39 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-02-12 19:39 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-12 19:39 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-12 19:39 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-12 19:39 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-12 19:39 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-02-12 19:37 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-12 19:37 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-12 19:37 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-12 19:37 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-12 19:37 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-12 19:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-12 19:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-12 19:34 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-12 19:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-12 19:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-12 19:34 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-12 19:29 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-12 19:29 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-12 19:29 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-12 19:29 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-12 19:26 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-12 17:45 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-02-12 17:44 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2008-02-12 17:44 376,320 ----a-w C:\Windows\System32\winsrv.dll
2008-02-12 17:42 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-02-12 17:41 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-02-12 17:41 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-02-12 17:41 414,208 ----a-w C:\Windows\System32\msscp.dll
2008-02-12 17:41 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-02-12 17:41 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2008-02-12 17:40 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2008-02-12 17:40 63,488 ----a-w C:\Windows\system32\drivers\mpsdrv.sys
2008-02-12 17:40 61,952 ----a-w C:\Windows\System32\cmifw.dll
2008-02-12 17:40 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2008-02-12 17:40 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2008-02-12 17:40 23,040 ----a-w C:\Windows\system32\drivers\tunnel.sys
2008-02-12 17:40 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2008-02-12 17:40 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2008-02-12 17:40 15,360 ----a-w C:\Windows\system32\drivers\TUNMP.SYS
2008-02-12 17:39 104,448 ----a-w C:\Windows\System32\DWWIN.EXE
2008-02-12 17:38 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2008-02-12 17:37 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-02-12 17:36 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-02-12 17:36 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2008-02-12 17:36 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2008-02-12 17:36 39,936 ----a-w C:\Windows\System32\slcinst.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-12 18:34 1232896]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:34 2159104 C:\Windows\System32\oobefldr.dll]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-02-20 09:37 171448]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 14:13 4018176 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-09 07:44 1025320]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 17:12 90112]
"QuickFinder Scheduler"="C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-03 04:21 83568]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 07:23 102400]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-27 14:35 249896]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{AC1D89E7-04A0-4F54-B2B7-05F46BC17A9A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"{8AD15277-53DE-4F08-A68A-10BF3D065072}"= UDP:27118:BitComet 27118 TCP
"{83BA7B21-039E-478B-B617-3052D6597A2F}"= TCP:27118:BitComet 27118 UDP
"{74C852BC-5529-49EA-B0DC-768A8264C50D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"TCP Query User{4E73E819-2DAC-4B7B-8C7A-7BEF7B84020B}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{9B968D8D-0031-4AE7-9885-BC5ED76D705C}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2media.sys [2006-11-20 15:14]
R0 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sd.sys [2006-11-17 13:58]
R2 RapiMgr;Connectivité de l'appareil Windows Mobile;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 WcesComm;Connectivité de l'appareil Windows Mobile 2003;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
R3 camdrv41;Philips SPC 900NC PC Camera;C:\Windows\system32\DRIVERS\camdrv41.sys [2007-05-04 09:45]
R3 NETw3v32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 09:42]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-24 21:46]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-14 18:03:22 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-05 13:46:59
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-05 13:47:25
ComboFix-quarantined-files.txt 2008-03-05 12:47:24
.
2008-03-05 10:16:09 --- E O F ---

yes je peux essayer le pc pour l instant il vit encore mais ca ne saurait durer s il continue a m embeter lol

sorry sorry mlle excuses c deja bien que tu m aides !! mais quand meme lol
bon ton truc pas url no found error 404
et de plus j ai fait une analye avec spyware doctor et il m atrouve des trucs que je peux pas eliminer versio free

malgre lintallation de roqueremover quand je l installe j ai un message:component COMCTL32.OCX or one of its dependencies not correctly registered:a file is missing or invalid
charabia for me lol

bin bin bin voila et voili ras avec rogueremover et j ai fait par erreur un about buster plus rapport spyware doctor que tu verras interresant dis moi la verite il faut l achever lol
AboutBuster 6.07
Scan started on [05/03/2008] at [22:47:18]
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 22:51:14



AboutBuster 6.07
Scan started on [05/03/2008] at [22:47:18]
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 22:51:14


PC Tools Spyware Doctor

Date

Status
05/03/2008 22:42:59:173
Service démarré
Service Spyware Doctor démarré
05/03/2008 22:42:59:266
État d'OnGuard
Tous les modules OnGuard étaient activés
05/03/2008 22:42:59:781
Résultats d'Immunizer
La section ActiveX a été immunisée. Aucun élément n'a été traité.
05/03/2008 22:44:06:710
Analyse démarrée
Type d'analyse - Intelli-Scan
05/03/2008 22:44:31:992
Une infection a été détectée sur cet ordinateur
Nom de la menace - Trojan-PWS.Tanspy
Type - Registry Key
Degré de risque - Haut
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\load
05/03/2008 22:44:33:497
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware, combofix_wow
05/03/2008 22:44:33:498
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware, Runs
05/03/2008 22:44:33:499
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware, snapshot
05/03/2008 22:44:33:499
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware
05/03/2008 22:44:33:515
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME, NextInstance
05/03/2008 22:44:33:517
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Service
05/03/2008 22:44:33:519
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Legacy
05/03/2008 22:44:33:521
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, ConfigFlags
05/03/2008 22:44:33:522
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Class
05/03/2008 22:44:33:524
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, ClassGUID
05/03/2008 22:44:33:525
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, DeviceDesc
05/03/2008 22:44:33:527
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Capabilities
05/03/2008 22:44:33:528
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000\Control
05/03/2008 22:44:33:529
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000
05/03/2008 22:44:33:530
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME
05/03/2008 22:44:33:538
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
05/03/2008 22:44:33:539
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
05/03/2008 22:44:33:539
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
05/03/2008 22:44:33:540
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
05/03/2008 22:44:33:541
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
05/03/2008 22:44:33:542
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum, 0
05/03/2008 22:44:33:543
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum, Count
05/03/2008 22:44:33:544
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum, NextInstance
05/03/2008 22:44:33:544
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum
05/03/2008 22:44:33:544
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
05/03/2008 22:44:34:116
Une infection a été détectée sur cet ordinateur
Nom de la menace - Dialer.Instant_Access
Type - Registry Value
Degré de risque - Haut
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0, goicfboogidikkejccmclpieicihhlpo jimddp
05/03/2008 22:44:39:718
Analyse terminée
Type d'analyse - Intelli-Scan
Eléments traités - 51404
Menaces détectées - 3
Infections détectées - 27
Infections ignorées - 0
05/03/2008 22:46:19:261
Service arrêté
Service Spyware Doctor arrêté
05/03/2008 22:46:37:907
Service démarré
Service Spyware Doctor démarré
05/03/2008 22:46:38:723
État d'OnGuard
Tous les modules OnGuard étaient activés
05/03/2008 22:46:39:798
Résultats d'Immunizer
La section ActiveX a été immunisée. Aucun élément n'a été traité.
05/03/2008 22:46:51:341
Analyse démarrée
Type d'analyse - Intelli-Scan
05/03/2008 22:47:05:160
Une infection a été détectée sur cet ordinateur
Nom de la menace - Trojan-PWS.Tanspy
Type - Registry Key
Degré de risque - Haut
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\load
05/03/2008 22:47:06:627
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware, combofix_wow
05/03/2008 22:47:06:628
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware, Runs
05/03/2008 22:47:06:629
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware, snapshot
05/03/2008 22:47:06:630
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\swearware
05/03/2008 22:47:06:649
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME, NextInstance
05/03/2008 22:47:06:651
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Service
05/03/2008 22:47:06:652
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Legacy
05/03/2008 22:47:06:654
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, ConfigFlags
05/03/2008 22:47:06:655
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Class
05/03/2008 22:47:06:657
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, ClassGUID
05/03/2008 22:47:06:659
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, DeviceDesc
05/03/2008 22:47:06:661
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000, Capabilities
05/03/2008 22:47:06:663
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000\Control
05/03/2008 22:47:06:664
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME\0000
05/03/2008 22:47:06:665
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CATCHME
05/03/2008 22:47:06:674
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
05/03/2008 22:47:06:675
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
05/03/2008 22:47:06:675
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
05/03/2008 22:47:06:678
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
05/03/2008 22:47:06:679
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
05/03/2008 22:47:06:680
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum, 0
05/03/2008 22:47:06:681
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum, Count
05/03/2008 22:47:06:682
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Value
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum, NextInstance
05/03/2008 22:47:06:682
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme\Enum
05/03/2008 22:47:06:683
Une infection a été détectée sur cet ordinateur
Nom de la menace - Application.NirCmd
Type - Registry Key
Degré de risque - Info
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
05/03/2008 22:47:07:334
Une infection a été détectée sur cet ordinateur
Nom de la menace - Dialer.Instant_Access
Type - Registry Value
Degré de risque - Haut
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0, goicfboogidikkejccmclpieicihhlpo jimddp
05/03/2008 22:47:14:406
Une infection a été détectée sur cet ordinateur
Nom de la menace - Adware.Zango_Search_Assistant
Type - Registry Value
Degré de risque - Info
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}\iexplore, Type
05/03/2008 22:47:14:409
Une infection a été détectée sur cet ordinateur
Nom de la menace - Adware.Zango_Search_Assistant
Type - Registry Value
Degré de risque - Info
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}\iexplore, Flags
05/03/2008 22:47:14:412
Une infection a été détectée sur cet ordinateur
Nom de la menace - Adware.Zango_Search_Assistant
Type - Registry Value
Degré de risque - Info
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}\iexplore, Count
05/03/2008 22:47:14:414
Une infection a été détectée sur cet ordinateur
Nom de la menace - Adware.Zango_Search_Assistant
Type - Registry Value
Degré de risque - Info
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}\iexplore, Time
05/03/2008 22:47:14:416
Une infection a été détectée sur cet ordinateur
Nom de la menace - Adware.Zango_Search_Assistant
Type - Registry Key
Degré de risque - Info
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}\iexplore
05/03/2008 22:47:14:418
Une infection a été détectée sur cet ordinateur
Nom de la menace - Adware.Zango_Search_Assistant
Type - Registry Key
Degré de risque - Info
Infection - HKEY_USERS\S-1-5-21-33213548-1936941300-370140305-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
05/03/2008 22:50:58:481
Analyse terminée
Type d'analyse - Intelli-Scan
Eléments traités - 125187
Menaces détectées - 4
Infections détectées - 33
Infections ignorées - 0

ok a demain bonne nuit

bin voila chu revenu qué quon fait hein copain lol

bonjour, je comprends pas ton message il me concerne j avais l habitude de traiter avec dlld lol
peut tu preciser pour clean up et ou on le trouve?

hey t la tu m adresse un message et hop plus personne lol!!!

chalut tu as eu un concurent lol bin voila que pc de m....!!!lol j ai fait c que tu as dit; pas beau le resultat rien ne va et toi tu as trouve pour spyware doctor hier heum!!!! lol bon voila les resultats toujours la defenza

C:\Program Files\Defenza moved successfully.

OTMoveIt2 v1.0.20 log created on 03062008_122329
[ScanOption]
ScanType=2
IsClean=0
CleanType=0
Custom=15
AllFile=1
TimeScanSec=0
[History]
scanrun=15
spydetected=4
[ScanResult]
StartTime=15
StopTime=Feb 23, 2008,11:23
ResultScan1=0
ResultInfect1=0
ResultLevel1=0
ResultScan2=78143
ResultInfect2=2
ResultLevel2=2
ResultScan3=62085
ResultInfect3=2
ResultLevel3=0
ResultScan4=0
ResultInfect4=0
ResultLevel4=2
[QuarantineSettng]
Folder=
[Schedule]
Scan=11:53:36
Update=Friday
UseSchedule=1
date=1
hour=0
Minute=4
[AlertMessage]
History=Dec12,2006
[Schedule_Scan]
Enable=true
Frequency=Weekly
Weekly=EveryWeek
StartTime=0:4:0
WeekDay01=true
[Schedule_Update]
Enable=false
[Schedule_Setting]
nexttime=Feb 24, 2008 00:04
[Schedule_Weekly]
weeks=0
weekday=0


File/Folder C:\Program Files\Defenza not found.

OTMoveIt2 v1.0.20 log created on 03062008_124444

voichi ce que me dit mon pc (plus pour longtemps lol) quand je veut desintaller defenza erreur de chargement c:/program1/common1/instal1/profes1/runtime/0701/intel132/ctor.dll. le module specifie est introuvable

au fait bon app!!!

ho comment y cause lol bon sa demarre mal windows me dit que je n ai pas l autorisation pour acceder a zuninstaller
fait ch;;;;;;;;;;;lol

desole je ne comprend as comment telecharger elbagla?????

hou il faut que je me magne car je vais au cine voir bienvenue chez les ch'tis alors ne t inquiete pas maman lol je reviens dans la soiree si je n ai pas jete mon pc .que c complique la vie alors que tout pourez etre si merveilleux heu la je m egare lol lol a plus !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

desole mais qu est ce que tu m as mis comme lien bzi;;;;;;;;;;;;;;;;lol impossible c est tous des petits dossiers ouf lol

desole j ai ete trop vite bon je l ai trouve et fait ce que tu m as dit
je comprends ton desaroi mais moi je ne comprend pas grand chose a tout ce que l on a fait mon pc est malade ou pas ???? comment je fait pour nettoyer toutes les traces qui restent de ce que l on a fait depuis ces jours ne me laisse pas tombe tu as l air de toucher dans ce domaine ou dit moi la verite je dois faire le deuil de mon pc lol
ComboFix 08-03-05.3 - eric 2008-03-06 21:55:39.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1303 [GMT 1:00]
Endroit: C:\Users\eric\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\koos.exe
C:\Windows\system32\kprof
C:\Windows\system32\poof

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-06 to 2008-03-06 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-06 20:59 --------- d---a-w C:\PROGRA~2\TEMP
2008-03-06 17:37 --------- d-----w C:\Program Files\Navilog1
2008-03-06 13:08 --------- d-----w C:\Program Files\Spyware Doctor
2008-03-06 12:52 --------- d-----w C:\Program Files\SpywareGuard
2008-03-05 16:39 --------- d-----w C:\Program Files\SpywareBlaster
2008-03-05 16:25 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-05 16:22 --------- d-----w C:\Program Files\Java
2008-03-05 15:59 --------- d-----w C:\Program Files\Common Files\Java
2008-03-01 19:52 --------- d-----w C:\Program Files\BitComet
2008-03-01 15:42 166,223,614 ----a-w C:\Windows\System32\Sauv.reg
2008-02-28 12:48 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-02-27 13:29 --------- d-----w C:\Program Files\Avira
2008-02-27 13:29 --------- d-----w C:\PROGRA~2\Avira
2008-02-27 02:01 --------- d-----w C:\Program Files\Windows Live
2008-02-26 17:36 4,492 ----a-w C:\Windows\System32\tmp.reg
2008-02-24 20:01 --------- d-----w C:\PROGRA~2\WLInstaller
2008-02-24 14:46 --------- d-----w C:\Program Files\Lavasoft
2008-02-24 14:46 --------- d-----w C:\PROGRA~2\Lavasoft
2008-02-24 14:45 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-23 22:34 --------- d-----w C:\Program Files\Conduit
2008-02-23 14:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-21 11:15 --------- d-----w C:\Program Files\orange
2008-02-21 10:04 --------- d-----w C:\Program Files\Google
2008-02-19 10:09 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-02-18 14:59 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-18 14:36 691,545 ----a-w C:\Windows\unins000.exe
2008-02-17 08:41 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-16 20:28 --------- d-----w C:\PROGRA~2\Ahead
2008-02-16 20:27 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-16 20:23 --------- d-----w C:\PROGRA~2\Nero
2008-02-16 19:55 --------- d-----w C:\Program Files\Combined Community Codec Pack
2008-02-15 17:22 --------- d-----w C:\PROGRA~2\Corel
2008-02-15 16:08 --------- d-----w C:\PROGRA~2\Yahoo! Companion
2008-02-15 14:07 --------- d-----w C:\Program Files\CA Yahoo! Anti-Spy
2008-02-15 14:05 --------- d-----w C:\Program Files\Common Files\Scanner
2008-02-14 18:03 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-02-14 18:03 --------- d-----w C:\Program Files\Windows Live Favorites
2008-02-14 18:03 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-14 17:59 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-14 17:54 --------- d-----w C:\Program Files\Philips
2008-02-14 17:50 --------- d-----w C:\Program Files\DivX
2008-02-14 17:49 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-02-14 17:34 --------- d-----w C:\Program Files\CCleaner
2008-02-14 17:33 --------- d-----w C:\Program Files\Yahoo!
2008-02-14 16:09 --------- d-----w C:\Program Files\VideoLAN
2008-02-12 20:09 174 --sha-w C:\Program Files\desktop.ini
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Sidebar
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Mail
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Defender
2008-02-12 20:05 --------- d-----w C:\Program Files\Windows Calendar
2008-02-12 19:46 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-12 19:46 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-12 19:39 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-12 19:39 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-12 19:39 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-12 19:39 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-02-12 19:39 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-12 19:39 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-12 19:39 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-12 19:39 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-12 19:39 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-02-12 19:37 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-12 19:37 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-12 19:37 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-12 19:37 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-12 19:37 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-12 19:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-12 19:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-12 19:34 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-12 19:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-12 19:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-12 19:34 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-12 19:29 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-12 19:29 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-12 19:29 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-12 19:29 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-12 19:26 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-12 17:45 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-02-12 17:44 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2008-02-12 17:44 376,320 ----a-w C:\Windows\System32\winsrv.dll
2008-02-12 17:42 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-02-12 17:41 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-02-12 17:41 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-02-12 17:41 414,208 ----a-w C:\Windows\System32\msscp.dll
2008-02-12 17:41 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-02-12 17:41 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2008-02-12 17:40 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2008-02-12 17:40 63,488 ----a-w C:\Windows\system32\drivers\mpsdrv.sys
2008-02-12 17:40 61,952 ----a-w C:\Windows\System32\cmifw.dll
2008-02-12 17:40 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2008-02-12 17:40 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2008-02-12 17:40 23,040 ----a-w C:\Windows\system32\drivers\tunnel.sys
2008-02-12 17:40 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2008-02-12 17:40 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2008-02-12 17:40 15,360 ----a-w C:\Windows\system32\drivers\TUNMP.SYS
2008-02-12 17:39 104,448 ----a-w C:\Windows\System32\DWWIN.EXE
2008-02-12 17:38 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2008-02-12 17:37 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-02-12 17:36 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-02-12 17:36 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-12 18:34 1232896]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:34 2159104 C:\Windows\System32\oobefldr.dll]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-02-20 09:37 171448]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-20 14:13 4018176 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-09 07:44 1025320]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 17:12 90112]
"QuickFinder Scheduler"="C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-03 04:21 83568]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 07:23 102400]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-27 14:35 249896]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-02-01 12:55 1103240]

C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35 360448]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{AC1D89E7-04A0-4F54-B2B7-05F46BC17A9A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"{8AD15277-53DE-4F08-A68A-10BF3D065072}"= UDP:27118:BitComet 27118 TCP
"{83BA7B21-039E-478B-B617-3052D6597A2F}"= TCP:27118:BitComet 27118 UDP
"{74C852BC-5529-49EA-B0DC-768A8264C50D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"TCP Query User{4E73E819-2DAC-4B7B-8C7A-7BEF7B84020B}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{9B968D8D-0031-4AE7-9885-BC5ED76D705C}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2media.sys [2006-11-20 15:14]
R0 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sd.sys [2006-11-17 13:58]
R2 RapiMgr;Connectivité de l'appareil Windows Mobile;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 WcesComm;Connectivité de l'appareil Windows Mobile 2003;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
R3 camdrv41;Philips SPC 900NC PC Camera;C:\Windows\system32\DRIVERS\camdrv41.sys [2007-05-04 09:45]
R3 NETw3v32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 09:42]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-24 21:46]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-06 21:59:24
Windows 6.0.6000 NTFS

detected NTDLL code modification:
ZwClose

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\o2flash.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\conime.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-06 22:01:51 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-06 21:01:43
ComboFix2.txt 2008-03-06 20:51:51
.
2008-03-05 10:16:09 --- E O F ---

bonjour ca va en ce vendredi jour du poisson lol tu cogite a mon probleme!!!!je ne peut helas qu attendre ta reponse

SALUT c de l humour j espere je t ai dit que je ne peut plus remettre mon compte d utilisateur pourquoi!!!quand je le coche ca ne reste pas et c de nouveau decoche!!!! pour le msnfix acces refuse pourquoi!!de plus j ai toujours un message detection de boite de dialogue et quand je clique dessus il me dit un programme ne peut afficher un message
sur le bureau:

desole mais j ai tout poste a dlld j ai 10 objets en quarentaine chez avira comment les supprimer !!! de plus avira m indique come virus exp/ani.gen

plus personne ??? bon je crois que je vais aller me coucher!!!

bonsoir a vous deux je ne suis plus malade merci lol mais mon pc oui impossible de remettre mon compte d utilisateur et virus detecte par avira et toutes ses m..... SUR MON PC excuse green day je voulais t envoyer ce message mais j ai glisse lol
virus nome :EXP/ani.gen voici le rapport de avira
de plus j ai toujours un message de detection de boite de dialogue: chemin d acces au programme:c:/programmes files /
internet explorer/svchost.exe
ce probleme se produit en raison d une incompatibilite partielle avec windows vista;pour plus d informations veuillez contacter le fabricant du programme ou du peripherique


AntiVir PersonalEdition Classic
Report file date: 2008-03-07 22:42

Scanning for 1134936 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: SYSTEM
Computer name: PC-DE-ERIC

Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 13:35:07
ANTIVIR2.VDF : 7.0.2.181 1993728 Bytes 2008-02-24 13:35:07
ANTIVIR3.VDF : 7.0.2.243 197632 Bytes 2008-03-06 13:38:50
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 2008-03-01 13:32:21
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-02-27 13:35:07
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-03-07 22:42

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
Scan process 'infocard.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'conime.exe' - '1' Module(s) have been scanned
Scan process 'UI0Detect.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'sgbhp.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sgmain.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'wmdc.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PSIService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'o2flash.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
69 processes with 69 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '7' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDZTSBXM\Ms06046[1].htm
[DETECTION] Contains detection pattern of the exploits EXP/HTML.Ascii.4
[INFO] The file was moved to '4801ba81.qua'!
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9JDV7PT\Ms07004[1].js
[DETECTION] Contains detection pattern of the exploits EXP/JS.MS07-004
[INFO] The file was moved to '4801ba86.qua'!
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZDEM9KR3\ani[1].c
[DETECTION] Contains detection pattern of the exploits EXP/Ani.Gen
[INFO] The file was moved to '483aba85.qua'!
Begin scan in 'D:\' <RECOVER>


End of the scan: 2008-03-07 23:13
Used time: 30:29 min

The scan has been done completely.

10817 Scanning directories
267835 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
3 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
267832 Files not concerned
3305 Archives were scanned
2 Warnings
0 Notes

heu avira a mis en quarentaine 10 objets comment je fait pour les supprimer?

C:\Windows\images.zip J AI TROUVE CA §§§§
C:\Users\eric\AppData\Local\Temp\NewPicture*.zip
C:\Windows\scvhost.exe
C:\Windows\system32\microsoft.exe
C:\Windows\scvhost.exe
C:\Windows\system32\npcsvc.exe
C:\Windows\system32\npssvc.exe
C:\Windows\system32\nspsvc.exe
C:\Users\eric\AppData\Local\Temp\services.msnfix
C:\Users\eric\AppData\Local\Temp\winlogon.msnfix
C:\Users\eric\AppData\Roaming\addon.dat
C:\Users\eric\AppData\Roaming\inside.exe
C:\Users\eric\AppData\Roaming\Microsoft\Windows\fkoym.exe
C:\Users\eric\AppData\Roaming\WinTouch\wintouch.cfg
C:\Users\eric\AppData\Roaming\WinTouch\WinTouch.exe
C:\Users\eric\AppData\Roaming\WinTouch\WTUninstaller.exe
C:\Users\Public\DOCUME~1\Settings\config.ini
C:\Users\Public\DOCUME~1\Settings\partnership.dll
C:\Users\Public\DOCUME~1\Settings\partnership.dll.msnfix
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Carlson\carlton
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Delsim\del.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Microsoft Office.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Yazzle1560OinAdmin.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Yazzle1560OinUninstaller.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\carlton
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Antivirus32.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ashDisp.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ashServ.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\atimvex.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\atrvmmx.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\bios.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\biosvaisefude.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\BRISA.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\bsyys.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\bsyys.scr
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\carlton
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ccssrss.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\cmd.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Computador.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Diup.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\dll.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\dllvirtual.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\eixdrv.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ExAlien.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\fbguad.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\firefoxx.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Flash.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\GbpSvc.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\gtaltg.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\HelpDesk.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Hide32.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\hork.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\icpldrvx.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\imglog.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\InstallHelp.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\javaupd.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\javsu.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\juchek.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\jvasu.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\JVM0.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\jvms.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\klpp.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\logon.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\lsssas.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\mdll.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\messengerr.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\messenup.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\messgrr.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\mhtsvho.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\mjavas.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msdoc.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msdoss.com
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msm.cmd
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msmsgxs.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\MSN_MSS.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msnconf.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\MSNENVIA.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msnfile.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msng.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msnmsg.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msnmsgr.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\msnsgs.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\mxjxde.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\My_Love.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Ndtstat.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\norton32.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ntvvm.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\pdvsym.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\qtapp.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Quicktime Music.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\regfixxsx.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\registtry.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\remote.cmd
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\repara_ae.bat
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Rg2catbd.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\rundl32.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\rxnetq.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\smss.scr
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\svchost.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\svchostss.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\svhossst.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\svhost.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\svmrhos.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\sxrork.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\sxrsym.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\syst.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\system32.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\systemdll.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\task.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\taskmgrrr.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Tasks.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\udll.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\verifysystemtitle.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\voieup.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\voiork.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\wbnnt.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\wcktts.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\wepaint.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Win XP.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\win.scr
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Windows Update.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\windows32.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Windows32.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\WindowsUpdate.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\windowsupdate.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\WindowsUpdate.scr
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\Winhost.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\winupdbc.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\WMedPlayer.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\wrdmgr.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\wrloginpro.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\wsnctfy.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\wuaucltt.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ying.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\yong.exe
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ZaZ.exe
C:\Users\eric\Desktop\aindateamo.exe
C:\Users\eric\Desktop\cartao.exe
C:\Users\eric\Desktop\cartaozinho.exe
C:\Users\eric\Desktop\mensagem__amor.exe
C:\Users\eric\Desktop\photo.exe
C:\Users\eric\Desktop\portal.exe
C:\Users\eric\Desktop\software\aindateamo.udd
C:\Windows\Fonts\svchost.exe
C:\i.mages.zip
C:\Program Files\\Driver32x\bradesco.exe
C:\Program Files\\Driver32x\caixa.exe
C:\Program Files\7za.exe
C:\Program Files\a.txt
C:\Program Files\Adobe\AdobeLanc.exe
C:\Program Files\Ajuda.exe
C:\Program Files\Amor.exe
C:\Program Files\Bifrost\klog.dat
C:\Program Files\Bifrost\server.exe
C:\Program Files\Bifrost\sys32.exe
C:\Program Files\Cica.exe
C:\Program Files\Common Files\System\SystemUpgrade.exe
C:\Program Files\Common Files\Yazzle1560OinAdmin.exe
C:\Program Files\Config\Config.exe
C:\Program Files\dll.exe
C:\Program Files\dllvirtual.exe
C:\Program Files\dllwin.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\Driver32x\bb.exe
C:\Program Files\Driver32x\iek.exe
C:\Program Files\Driver32x\install\wweb.exe
C:\Program Files\Driver32x\itau.exe
C:\Program Files\Driver32x\live.exe
C:\Program Files\Driver32x\msgex.exe
C:\Program Files\Driver32x\net.exe
C:\Program Files\Driver32x\nsvcrmx.exe
C:\Program Files\Driver32x\nsvcrmx.exe
C:\Program Files\Driver32x\rds.exe
C:\Program Files\Driver32x\Readme.exe
C:\Program Files\Driver32x\real.exe
C:\Program Files\Driver32x\santanderbanespa.exe
C:\Program Files\Driver32x\sendchat.exe
C:\Program Files\Driver32x\varios.exe
C:\Program Files\Driver32x\vcdg.bat
C:\Program Files\ExAlien.exe
C:\Program Files\Favoritos.exe
C:\Program Files\fer.exe
C:\Program Files\Fichiers communs\Carlson\carlton
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe
C:\Program Files\Firewall.exe
C:\Program Files\Flash.exe
C:\Program Files\GbPlugin\GbpSvc.exe
C:\Program Files\GbPlugin\mdll.exe
C:\Program Files\GbPlugin\msng.exe
C:\Program Files\GbPlugin\Ndtstat.exe
C:\Program Files\GbPlugin\Rg2catbd.exe
C:\Program Files\GbPlugin\udll.exe
C:\Program Files\GbPlugin\yong.exe
C:\Program Files\GbpSvc.exe
C:\Program Files\help.exe
C:\Program Files\HelpDesk.exe
C:\Program Files\icpldrvx.exe
C:\Program Files\iexplorer.exe
C:\Program Files\iixplorer1.exe
C:\Program Files\iixplorer2.exe
C:\Program Files\ildredr.exe
C:\Program Files\InetGet2\emg.exe
C:\Program Files\InetGet2\emg.exe
C:\Program Files\InetGet2\emg.exe.lzma
C:\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
C:\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
C:\Program Files\InetGet2\Installeur.exe
C:\Program Files\inetget2\installeur.exe
C:\Program Files\InetGet2\Installeur.exe
C:\Program Files\InetGet2\Installeur.exe.lzma
C:\Program Files\InetGet2\WinTouchInstaller_channel1.exe
C:\Program Files\Insider\Insider.exe
C:\Program Files\Insider\Insider.exe.lzma
C:\Program Files\Insider\UnInstall.exe
C:\Program Files\Insider\UnInstall.exe.lzma
C:\Program Files\installer.js
C:\Program Files\Instant Driver\install\wweb.exe
C:\Program Files\Instant Driver\trmninwn.exe
C:\Program Files\Instant Driver\vcdg.bat
C:\Program Files\Internet Explorer\bb.exe
C:\Program Files\Internet Explorer\desc.exe
C:\Program Files\Internet Explorer\loadie.exe
C:\Program Files\Internet Explorer\mezenoca77798.exe
C:\Program Files\Internet Explorer\realplayerp.exe
C:\Program Files\ISM2\ISMPack7.exe
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\jsload32\mwnming.exe
C:\Program Files\jsload32\nsvcrmx.exe
C:\Program Files\klog.dat
C:\Program Files\login.scr
C:\Program Files\Logun.exe
C:\Program Files\MapEDC\IDE.stt
C:\Program Files\MapEDC\MapEDC.exe
C:\Program Files\mdll.exe
C:\Program Files\messenger.exe
C:\Program Files\Messenger\msmsg.exe
C:\Program Files\Messenger\Msnmsgr.exe
C:\Program Files\mexe*.exe
C:\Program Files\Microsoft Office Update\file.exe
C:\Program Files\microsoft studio files\asw34.bat
C:\Program Files\microsoft studio files\bradesco.bxz
C:\Program Files\microsoft studio files\bradesco.exe
C:\Program Files\microsoft studio files\caixa.bxz
C:\Program Files\microsoft studio files\caixa.exe
C:\Program Files\Microsoft Studio Files\file.exe
C:\Program Files\Microsoft Studio Files\fttlo33.ko
C:\Program Files\microsoft studio files\iek.exe
C:\Program Files\microsoft studio files\itau.bxz
C:\Program Files\microsoft studio files\itau.exe
C:\Program Files\microsoft studio files\locaweb.bxz
C:\Program Files\Microsoft Studio Files\lsass.exe
C:\Program Files\microsoft studio files\msgex.exe
C:\Program Files\microsoft studio files\net.bxz
C:\Program Files\microsoft studio files\net.exe
C:\Program Files\microsoft studio files\nossacaixa.bxz
C:\Program Files\microsoft studio files\nossacaixa.exe
C:\Program Files\microsoft studio files\notfir0006dfjf541.dll
C:\Program Files\microsoft studio files\pcname.drv
C:\Program Files\microsoft studio files\pv.exe
C:\Program Files\microsoft studio files\readme.exe
C:\Program Files\microsoft studio files\real.bxz
C:\Program Files\microsoft studio files\real.exe
C:\Program Files\microsoft studio files\registro.bxz
C:\Program Files\microsoft studio files\santanderbanespa.bxz
C:\Program Files\microsoft studio files\santanderbanespa.exe
C:\Program Files\microsoft studio files\sdrivw.exe
C:\Program Files\microsoft studio files\sec\fx.reg
C:\Program Files\microsoft studio files\sec\ref-allu
C:\Program Files\microsoft studio files\sec\ref-commonfiles
C:\Program Files\microsoft studio files\sec\ref-profile
C:\Program Files\microsoft studio files\sec\ref-programfiles
C:\Program Files\microsoft studio files\sec\ref-startup
C:\Program Files\microsoft studio files\sec\ref-sysdrive
C:\Program Files\microsoft studio files\sec\ref-system
C:\Program Files\microsoft studio files\sec\ref-system32
C:\Program Files\microsoft studio files\sec\ref-temp
C:\Program Files\microsoft studio files\sec\ref-wincommon
C:\Program Files\microsoft studio files\sec\ref-windows
C:\Program Files\microsoft studio files\sendchat.exe
C:\Program Files\microsoft studio files\tmp84667.txt
C:\Program Files\microsoft studio files\varios.exe
C:\Program Files\Microsoft Studio Files\vcdg.bat
C:\Program Files\microsoft studio files\vcdg.bat
C:\Program Files\microsoft studio files\wininfo1.vxd
C:\Program Files\Microsoft Studio Files\Winlsass32.exe
C:\Program Files\microsoft studio files\winvxhfythg34a.rd
C:\Program Files\Microsoft Update\bradesco.exe
C:\Program Files\Microsoft Update\caixa.exe
C:\Program Files\Microsoft Update\iek.exe
C:\Program Files\Microsoft Update\itau.exe
C:\Program Files\Microsoft Update\live.exe
C:\Program Files\Microsoft Update\live.txt
C:\Program Files\Microsoft Update\mnwinvx.exe
C:\Program Files\Microsoft Update\msgex.exe
C:\Program Files\Microsoft Update\net.exe
C:\Program Files\Microsoft Update\nossacaixa.exe
C:\Program Files\Microsoft Update\Readme.exe
C:\Program Files\Microsoft Update\real.exe
C:\Program Files\Microsoft Update\santanderbanespa.exe.exe
C:\Program Files\Microsoft Update\sec\fx.reg
C:\Program Files\Microsoft Update\sendchat.exe
C:\Program Files\Microsoft Update\varios.exe
C:\Program Files\Microsoft Update\wininfo1.vxd
C:\Program Files\Microsoft\svhost32.exe
C:\Program Files\Movie Maker\ja_era_hehe.exe
C:\Program Files\MSN Gaming Zone\mero455101.dll
C:\Program Files\MSN Gaming Zone\mero455101.dll
C:\Program Files\MSN Gaming Zone\meze*.exe
C:\Program Files\MSN Messenger Guiños\instalar guiños.exe
C:\Program Files\MSN Messenger\instalar guiños.exe
C:\Program Files\MSN Messenger\msn.com
C:\Program Files\msn_livers.exe
C:\Program Files\msng.exe
C:\Program Files\msnmsg.exe
C:\Program Files\My_Love.exe
C:\Program Files\Ndtstat.exe
C:\Program Files\NetMeeting\klog.dat
C:\Program Files\NetMeeting\maisumviado.exe
C:\Program Files\NoDNS\NoDNS.exe
C:\Program Files\NoDNS\UnInstall.exe
C:\Program Files\nsnimage\nsvcrmx.exe
C:\Program Files\orkut.scr
C:\Program Files\outloo~1\express.exe
C:\Program Files\outloo~1\update.exe
C:\Program Files\outlook express\express.exe
C:\Program Files\Outlook Express\inyourface.exe
C:\Program Files\Outlook Express\OutlookEx.exe
C:\Program Files\Outlook Express\setup40.exe
C:\Program Files\Perfect.exe
C:\Program Files\photopaint.exe
C:\Program Files\QdrModule\QdrModule9.exe
C:\Program Files\Real.dll
C:\Program Files\regedti.exe
C:\Program Files\rem.exe
C:\Program Files\Remove.exe
C:\Program Files\Rg2catbd.exe
C:\Program Files\rm.exe
C:\Program Files\Router\Router.exe
C:\Program Files\router\router.exe
C:\Program Files\Router\UnInstall.exe
C:\Program Files\schoty.cmd
C:\Program Files\service.bat
C:\Program Files\smss.exe
C:\Program Files\SOUND.exe
C:\Program Files\spiider.exe
C:\Program Files\svchost.exe
C:\Program Files\svchost.lnk
C:\Program Files\System\CDRom.exe
C:\Program Files\System\Flash.exe
C:\Program Files\System\Windows32.exe
C:\Program Files\Tasks.exe
C:\Program Files\Temporary\InsiDERIns.exe
C:\Program Files\Temporary\InsiDERInst.exe
C:\Program Files\Temporary\kernInst.exe
C:\Program Files\Temporary\wininstall.exe
C:\Program Files\TTX.exe
C:\Program Files\udll.exe
C:\Program Files\update.exe
C:\Program Files\usnsvcu.exe
C:\Program Files\VTTimers.exe
C:\Program Files\Wapp.exe
C:\Program Files\Widows.exe
C:\Program Files\WinAble\winable.exe
C:\Program Files\Windows32.exe
C:\Program Files\windows32.exe
C:\Program Files\WindowsUpdate.exe
C:\Program Files\WindowsUpdate.scr
C:\Program Files\winINI.exe
C:\Program Files\winpop\uninstall.exe
C:\Program Files\WinPop\UnInstall.exe.lzma
C:\Program Files\winpop\winpop.exe
C:\Program Files\WinPop\winpop.exe.lzma
C:\Program Files\Wm2emt.exe
C:\Program Files\wmplay.exe
C:\Program Files\Words\UnInstall.exe
C:\Program Files\Words\Words.exe
C:\Program Files\xinside\xinside.exe
C:\Program Files\xInsIDE\xInsIDE.exe
C:\Program Files\yong.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ashDisp.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ashServ.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\avgccc.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\bios.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\bsyys.scr
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ccssrss.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\cmd.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Computador.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\dll.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\eixdrv.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ExAlien.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\fbguad.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\firefoxx.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Flash.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\InstallHelp.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\javsu.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\juchek.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\klpp.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\logon.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\lsssas.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\messengerr.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\messgrr.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\msm.cmd
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\msnmsgr.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\My_Love.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\norton32.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ntvvm.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\pdvsym.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\qtapp.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\qupdate.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\regfixxsx.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\registtry.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\remote.cmd
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\repara_ae.bat
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\rundl32.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\rxnetq.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\smss.scr
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\svchost.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\svchostss.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\svhost.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\sxrork.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\sxrsym.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\system32.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\task.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\taskmgrrr.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Tasks.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\voieup.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\voiork.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\wepaint.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Win XP.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Windows Update.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Windows32.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\windowsupdate.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Winhost.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\winupdbc.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WMedPlayer.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\wrloginpro.exe
C:\Users\eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\wuaucltt.exe
C:\*-1-1148.exe
C:\*.JPG-msnimages.exe
C:\?.bat
C:\?.dat
C:\?.exe
C:\?.rar
C:\????packed_Pushbot.exe
C:\\bot.exe
C:\111z.exe
C:\1z48.exe
C:\2.exe
C:\3d3t4t8n7l.exe
C:\3xXx3.exe
C:\521785.txt
C:\5FB9C0*.EXE
C:\5t6j8b6k8f8.exe
C:\6i2n4r9g1l2.exe
C:\839D4E*.BIN
C:\8e3y4u4a9t9.exe
C:\8e9w3l6u1g1.exe
C:\9r2h2z5l7v8.exe
C:\a.bat
C:\acsdf.exe
C:\adas.exe
C:\ads1237.exe
C:\adsok.exe
C:\adv.exe
C:\aklr.exe
C:\alfxfa.exe
C:\Amigos.exe
C:\amor.exe
C:\animacao.scr
C:\Annoying crazy frog getting killed.pif
C:\apuguycg.exe
C:\asdf.exe
C:\asdfja.exe
C:\asds.exe
C:\audise.exe
C:\auto1.exe
C:\auto2.exe
C:\auto3.exe
C:\autorun.inf
C:\Autorun.inf
C:\AVG\Tools\csrss.scr
C:\AVG\Tools\svchost.exe
C:\AVG\Tools\taskmgr.exe
C:\AVG_BETA\DB\arquivo.txt
C:\AVG_BETA\Tools\csrss.scr
C:\AVG_BETA\Tools\msnmsgr.exe
C:\bedroom-thongs.pif
C:\bhij.exe
C:\blhhjtpx.exe
C:\bnjbvid.exe
C:\British National Party.jpg
C:\bs.exe
C:\btpaxole.dll
C:\calfxfa.exe
C:\Call.exe
C:\cartao.scr
C:\cebWXP.exe
C:\certmsje.dll
C:\cjlxhy.exe
C:\claro.exe
C:\cmd.exe
C:\Conf\13.bmp
C:\Conf\15.bmp
C:\Conf\3.jpg
C:\Conf\cax2.jpg
C:\Conf\info.gif
C:\Conf\logo.jpg
C:\Conf\ms.exe
C:\Conf\msm.cmd
C:\Conf\msm.exe
C:\Conf\msmFF.cmd
C:\Conf\msmho.cmd
C:\Conf\nc.gif
C:\Conf\nd.gif
C:\Conf\nn.gif
C:\Conf\NOVOBB.gif
C:\Conf\novobb.jpg
C:\Conf\novobb2.jpg
C:\Conf\novoSB.gif
C:\Conf\ork.cmd
C:\Conf\tec.jpg
C:\Conf\win.scr
C:\contato.exe
C:\Crazy-Frog.Html
C:\Crazy frog gets killed by train!.pif
C:\Crazy frog gets killed by train!.pif Fat Elvis! lol.pif
C:\crolyewo.exe
C:\csrs.txt
C:\csrss.exe
C:\ctl3diac.exe
C:\cuoqdkfk.exe
C:\cvbkwtb.exe
C:\d5t6j8b6k8f8.exe
C:\d8e9w3l6u1g1.exe
C:\DB\arquivo.txt
C:\dbeog.exe
C:\de6438.exe
C:\de64381.exe
C:\devic.pif
C:\device.exe
C:\devidc.pif
C:\diy.EXE
C:\dkotyrxbb.exe
C:\dll.exe
C:\dllwin.exe
C:\dnsajobe.dat
C:\dnsajobe.dll
C:\dnsajobe.exe
C:\download1591.exe
C:\dpl1npwm.dat
C:\dpl1npwm.dll
C:\dpl1npwm.exe
C:\dpv1bidi.dll
C:\Drunk_lol.pif
C:\ducvb.exe
C:\dydhcp.exe
C:\dyqhom.exe
C:\emai.exe
C:\email.inf
C:\Enviado.123
C:\er-1-1148.exe
C:\f6i2n4r9g1l2.exe
C:\famwssg.exe
C:\Fat Elvis! lol.pif
C:\fFa4vV0rR170S5S2.exe
C:\File.exe
C:\FLIPART.EXE
C:\flw334.dll
C:\fnjb.exe
C:\Foto.exe
C:\Foto_celular.scr
C:\Foto_celular.scr
C:\Foto_Celular.zip
C:\fotomensagem.exe
C:\fotos_posse.zip
C:\funny_pic.scr
C:\fypif.exe
C:\g4m9e5l1l5x5.exe
C:\g5c5i4x6e4h2.exe
C:\g7n4l2o4i4.exe
C:\g7n4l2o4i4v4.exe
C:\genbhnhl.exe
C:\GETDRIVE.EXE
C:\gfxpak.exe
C:\ggvqo.exe
C:\glcky.exe
C:\gnqb.exe
C:\grax.exe
C:\grmlvlvb.exe
C:\h1b9i6h4u6j1.exe
C:\hbsqu.exe
C:\hellmsn.exe
C:\hkdjqaxv.exe
C:\Hot.pif
C:\How a Blonde Eats a Banana...pif
C:\hptzb02.exe
C:\hxjr.exe
C:\hy.exe
C:\i-1-1148.exe
C:\i.exe
C:\i1-1148.exe
C:\i2n4r9g1.exe
C:\i2n4r9g1l.exe
C:\i2n4r9g1l2.exe
C:\icone.exe
C:\IE.exe
C:\ierro.exe
C:\iexplorer.exe
C:\IF.EXE
C:\image.jpg
C:\image001.exe
C:\img0012-www.photostorage.com
C:\ImpBIG.exe
C:\instalador de guiños y emoticonos.exe
C:\Install\Ghost.exe
C:\Install\install.exe
C:\Install_Messenger.exe
C:\inupdbc.exe
C:\ir-1-1148.exe
C:\IS.EXE
C:\is1511881.exe
C:\is151196.exe
C:\is151296.exe
C:\is77.exe
C:\Isass.scr
C:\it.exe
C:\it1.exe
C:\ixbxput.exe
C:\j7q1c4v1i6s4.exe
C:\Jennifer Lopez.scr
C:\jkrguy.exe
C:\jpb.exe
C:\jshxw.exe
C:\k3d3t4t8n7l.exe
C:\k3d3t4t8n7l8.exe
C:\kao.reg
C:\kbdnmfc4.dll
C:\KimMakihel.exe
C:\kkynn.exe
C:\kl.exe
C:\ksmmtq.exe
C:\kxhacvkl.exe
C:\lauro.exe
C:\LfjJGb.exe
C:\Lista.txt
C:\Lixo
C:\llka.exe
C:\LMAO.pif
C:\log.txt
C:\LOL that ur pic!.pif
C:\LOL.scr
C:\love_me.pif
C:\lsass.exe
C:\lspt.exe
C:\lsyvg.exe
C:\m1t4z1h1l7q5.exe
C:\m9w3l6u1g.exe
C:\m9w3l6u1g1.exe
C:\mcombo.exe
C:\Me on holiday!.pif
C:\megakl.exe
C:\melt.bat
C:\Mensagem.exe
C:\Message to n00b LARISSA.txt
C:\MESSAGE_TO_BROPIA.txt
C:\messenger.exe
C:\Messenger.exe
C:\Messenger2.exe
C:\Microsoft.exe
C:\mis contactos.txt
C:\Mis imágenes\yo_posse_007.jpg.exe
C:\mitm.exe
C:\Mona Lisa Wants Her Smile Back.pif
C:\mscdn.exe
C:\msfk.exe
C:\msi31.exe
C:\msm.cmd
C:\msm.exe
C:\msm.exe
C:\msn.exe
C:\MSN_Update1
C:\msn5v.exe
C:\msnmsg.exe
C:\msnmsgr.exe
C:\msnmsnr.scr
C:\msnsetup.exe
C:\msnsgrsv.exe
C:\msnsgrsv0201.exe
C:\msnsgrszs.exe
C:\MSNWA.exe
C:\mstest.exe
C:\mstray.exe
C:\My new photo!.pif
C:\my_photo2005.scr
C:\na.exe
C:\naked_drunk.pif
C:\naked_party.pif
C:\nefmufin.exe
C:\new_webcam.pif
C:\nmevscrr.exe
C:\nnpnvxjy.exe
C:\nod32.txt
C:\nwnmff_e*.exe
C:\nzl.exe
C:\o6l4u8f7p2g4.exe
C:\officexp.exe
C:\or-1-1148.exe
C:\orkut.exe
C:\orkut.scr
C:\osm.exe
C:\p3h2b3t3q1s9.exe
C:\p6g7j3w2g3f5.exe
C:\PastaImagens.exe
C:\phqhuo.exe
C:\pif.exe
C:\pr-1-1148.exe
C:\prkc.exe
C:\psapuman.exe
C:\psnppack.dll
C:\pushbot.bat
C:\qklxwxtc.exe
C:\qwere.exe
C:\raizw.exe
C:\rar.exe
C:\rar1.exe
C:\rar2.exe
C:\RECYCLER\msnservice.exe
C:\RECYCLER\nvscvse.exe
C:\RECYCLER\te32.exe
C:\RemotoMSN.txt
C:\review.txt
C:\ROFL.pif
C:\s10w.exe
C:\sad13l.exe
C:\sadan.avi.exe
C:\sadov.exe
C:\sample.exe
C:\sas2s.exe
C:\sdjfha.exe
C:\See my lesbian friends.pif
C:\see_this!!.scr
C:\sendwmdm.exe
C:\server.exe
C:\servico.exe
C:\sexy.exe
C:\sexy_bedroom.pif
C:\show.exe
C:\skew.exe
C:\Small.exe
C:\snsstect.exe
C:\so.exe
C:\SOUND32.exe
C:\start.bat
C:\stock.exe
C:\stock.htm
C:\stock2.exe
C:\Surat_Buat_Presiden.exe
C:\svbhost.exe
C:\SVCH0STll.exe
C:\svchost.exe
C:\svchost.scr
C:\svchost32.exe
C:\Svchosts.exe
C:\svcipa.exe
C:\svghost.exe
C:\svshost.exe
C:\sys.txt
C:\sysdzvz.exe
C:\syshwbx.exe
C:\syskmzx.exe
C:\sysneud.exe
C:\syssryh.exe
C:\system.exe
C:\System\iexplore.exe
C:\System\plugin.exe
C:\system1591.exe
C:\system1691.exe
C:\system1791.exe
C:\system2.exe
C:\system2525.exe
C:\system3.exe
C:\system32.exe
C:\system4.exe
C:\system5.exe
C:\sysvsln.exe
C:\sysyedg.exe
C:\szsvc.exe
C:\t4t8n7l.exe
C:\t7b8i6h6t6j13.exe
C:\text.reg
C:\The Cat And The Fan piccy.pif
C:\tim.exe
C:\tlrdhsgo.exe
C:\tmp.txt
C:\Tools\csrss.scr
C:\Topless in Mini Skirt! lol.pif
C:\ttgkdaab.exe
C:\tuwwp.exe
C:\u5g9p7x1h4a3.exe
C:\u8f7p2g4.exe
C:\ukbdtg.exe
C:\underware.pif
C:\up.exe
C:\upaq.exe
C:\update.exe
C:\updt.exe
C:\urdeuvmj.exe
C:\v6j4q5t1y4d3.exe
C:\vbhbnr.exe
C:\vgwiouqq.exe
C:\vhtml.exe
C:\video.exe
C:\vonner.exe
C:\vont.exe
C:\vr-1-1148.exe
C:\w3v6r2r2h3z5.exe
C:\Webcam.pif
C:\winbash.exe
C:\winbbs.exe
C:\windebug.log
C:\Windows Messeger.exe
C:\Windows Messenger.exe
C:\windows.cmd
C:\winfgt.exe
C:\winHelp.exe
C:\winhelp2.exe
C:\winhpi.exe
C:\winhsd.exe
C:\winimage.exe
C:\winlogin.exe
C:\winlogon.exe
C:\winlongonf.exe
C:\WINNT\ScktSrvr.exe
C:\WINNT\system\kl.dll
C:\WINNT\system\msmsgs.exe
C:\WINNT\system\msn.dat
C:\WINNT\system\msn.dll
C:\WINNT\system\smsc.exe
C:\WINNT\system\svchost.dat
C:\WINNT\system\xsmith.scr
C:\winpga.exe
C:\WinPH.exe
C:\winptz.exe
C:\winsfr.exe
C:\winspur.exe
C:\winsrt.exe
C:\wintqvw.exe
C:\wintskv.exe
C:\winupdaet.exe
C:\winupdate128.exe
C:\winupdate32.exe
C:\Winupdbc.exe
C:\winuping.exe
C:\winvrc.exe
C:\winxdzu.exe
C:\winXP.exe
C:\wkssmsjt.dll
C:\wldadisp.dat
C:\wldadisp.dll
C:\wldadisp.exe
C:\wndgffd.exe
C:\wnlsos.exe
C:\wpabaln.exe
C:\wr-1-1148.exe
C:\x.exe
C:\x7g3a8d6u.exe
C:\x7g3a8d6u4c1.exe
C:\x7g3a8d6uc1.exe
C:\Xerr0.exe
C:\xfafasfgx.exe
C:\xr-1-1148.exe
C:\xso.exe
C:\xvhgbnnt.exe
C:\y8o7w8b4f1q5.exe
C:\ykamvp.exe
C:\ylru.exe
C:\yz02.exe
C:\zordz.exe
C:\zr-1-1148.exe
C:\Users\eric\AppData\Local\Temp\*picture.zip
C:\Users\eric\AppData\Local\Temp\??.exe
C:\Users\eric\AppData\Local\Temp\_unins.bat
C:\Users\eric\AppData\Local\Temp\~ip.tmp
C:\Users\eric\AppData\Local\Temp\01-myspace.zip
C:\Users\eric\AppData\Local\Temp\1.html
C:\Users\eric\AppData\Local\Temp\1.html.$$$
C:\Users\eric\AppData\Local\Temp\1.stat
C:\Users\eric\AppData\Local\Temp\2238.EXE
C:\Users\eric\AppData\Local\Temp\800_zip_dump.scr
C:\Users\eric\AppData\Local\Temp\8165F.dmp
C:\Users\eric\AppData\Local\Temp\activ.exe
C:\Users\eric\AppData\Local\Temp\ADF.exe
C:\Users\eric\AppData\Local\Temp\allgg.exe
C:\Users\eric\AppData\Local\Temp\anjinhos.exe
C:\Users\eric\AppData\Local\Temp\bifrost.exe
C:\Users\eric\AppData\Local\Temp\camg-*.exe
C:\Users\eric\AppData\Local\Temp\camg-77798.exe
C:\Users\eric\AppData\Local\Temp\camg-77798.exe
C:\Users\eric\AppData\Local\Temp\carinhos.exe
C:\Users\eric\AppData\Local\Temp\ccAApp.exe
C:\Users\eric\AppData\Local\Temp\csr*.tmp
C:\Users\eric\AppData\Local\Temp\csrss.exe
C:\Users\eric\AppData\Local\Temp\debug.exe
C:\Users\eric\AppData\Local\Temp\DfSLdES
C:\Users\eric\AppData\Local\Temp\direct3d.exe
C:\Users\eric\AppData\Local\Temp\dllhost.exe
C:\Users\eric\AppData\Local\Temp\dm_0105.exe
C:\Users\eric\AppData\Local\Temp\drev.exe
C:\Users\eric\AppData\Local\Temp\DSC0045.zip
C:\Users\eric\AppData\Local\Temp\facebk*.zip
C:\Users\eric\AppData\Local\Temp\facebook*.zip
C:\Users\eric\AppData\Local\Temp\facebook.com*.zip
C:\Users\eric\AppData\Local\Temp\facebookpic*.zip
C:\Users\eric\AppData\Local\Temp\firefoxx.exe
C:\Users\eric\AppData\Local\Temp\foto-*.zip
C:\Users\eric\AppData\Local\Temp\foto*.zip
C:\Users\eric\AppData\Local\Temp\foto.zip
C:\Users\eric\AppData\Local\Temp\fotos.exe
C:\Users\eric\AppData\Local\Temp\fotosdigital.zip
C:\Users\eric\AppData\Local\Temp\g0ld.com
C:\Users\eric\AppData\Local\Temp\hkxqwfui.exe
C:\Users\eric\AppData\Local\Temp\hostwin.exe
C:\Users\eric\AppData\Local\Temp\ibguardr.exe
C:\Users\eric\AppData\Local\Temp\Image-005.JPEG.zip
C:\Users\eric\AppData\Local\Temp\image??.zip
C:\Users\eric\AppData\Local\Temp\image???.zip
C:\Users\eric\AppData\Local\Temp\img*.zip
C:\Users\eric\AppData\Local\Temp\IMG???.JPG.zip
C:\Users\eric\AppData\Local\Temp\imgfacebook*.zip
C:\Users\eric\AppData\Local\Temp\ipconfig.exe
C:\Users\eric\AppData\Local\Temp\iprint.exe
C:\Users\eric\AppData\Local\Temp\iPrint.exe
C:\Users\eric\AppData\Local\Temp\is581.exe
C:\Users\eric\AppData\Local\Temp\iservice.exe
C:\Users\eric\AppData\Local\Temp\isinst.exe
C:\Users\eric\AppData\Local\Temp\jjusched.exe
C:\Users\eric\AppData\Local\Temp\koko.cmd
C:\Users\eric\AppData\Local\Temp\kookie.exe
C:\Users\eric\AppData\Local\Temp\llsaass.exe
C:\Users\eric\AppData\Local\Temp\load.exe
C:\Users\eric\AppData\Local\Temp\logs.exe
C:\Users\eric\AppData\Local\Temp\lsasss.exe
C:\Users\eric\AppData\Local\Temp\m1.txt.$$$
C:\Users\eric\AppData\Local\Temp\m2323M.exe
C:\Users\eric\AppData\Local\Temp\MBDownloader_*.exe
C:\Users\eric\AppData\Local\Temp\MBDownloader_876923.exe
C:\Users\eric\AppData\Local\Temp\MBDownloader_876923.exe
C:\Users\eric\AppData\Local\Temp\mensagem.exe
C:\Users\eric\AppData\Local\Temp\MG.exe
C:\Users\eric\AppData\Local\Temp\mispicturas.zip
C:\Users\eric\AppData\Local\Temp\mit5.tmp
C:\Users\eric\AppData\Local\Temp\mit5.tmp.cab
C:\Users\eric\AppData\Local\Temp\mshtml2.exe
C:\Users\eric\AppData\Local\Temp\mshtml2.exe
C:\Users\eric\AppData\Local\Temp\mshtml3.exe
C:\Users\eric\AppData\Local\Temp\mshtml3.exe
C:\Users\eric\AppData\Local\Temp\msmsgs.exe
C:\Users\eric\AppData\Local\Temp\msmsgs.exe
C:\Users\eric\AppData\Local\Temp\msnclient.exe
C:\Users\eric\AppData\Local\Temp\msnmsg.exe
C:\Users\eric\AppData\Local\Temp\msnmsg.exe
C:\Users\eric\AppData\Local\Temp\msnmsgr.exe
C:\Users\eric\AppData\Local\Temp\msnmsgs.exe
C:\Users\eric\AppData\Local\Temp\msnmsgs.exe
C:\Users\eric\AppData\Local\Temp\msnmsgs.exe
C:\Users\eric\AppData\Local\Temp\msnplus.exe
C:\Users\eric\AppData\Local\Temp\msnplus.exe
C:\Users\eric\AppData\Local\Temp\mst*.exe
C:\Users\eric\AppData\Local\Temp\mst455101.exe
C:\Users\eric\AppData\Local\Temp\myimage.zip
C:\Users\eric\AppData\Local\Temp\MyNewPics.zip
C:\Users\eric\AppData\Local\Temp\myPicture*.zip
C:\Users\eric\AppData\Local\Temp\myspace-pics.zip
C:\Users\eric\AppData\Local\Temp\Myspace*.zip
C:\Users\eric\AppData\Local\Temp\new-photos.zip
C:\Users\eric\AppData\Local\Temp\Newfacebook*.zip
C:\Users\eric\AppData\Local\Temp\NewYearsParty.zip
C:\Users\eric\AppData\Local\Temp\NNBar_VCSetup_*_LOG_IES_NoDMY_AFF.exe
C:\Users\eric\AppData\Local\Temp\NNBar_VCSetup_876923_LOG_IES_NoDMY_AFF.exe
C:\Users\eric\AppData\Local\Temp\nsa2.tmp
C:\Users\eric\AppData\Local\Temp\nsa2.tmp\System.dll
C:\Users\eric\AppData\Local\Temp\nsj1.tmp
C:\Users\eric\AppData\Local\Temp\nsj2.tmp
C:\Users\eric\AppData\Local\Temp\nsj2.tmp\System.dll
C:\Users\eric\AppData\Local\Temp\nts_000.tmp
C:\Users\eric\AppData\Local\Temp\nts3.tmp
C:\Users\eric\AppData\Local\Temp\nts4.tmp
C:\Users\eric\AppData\Local\Temp\nts5.tmp
C:\Users\eric\AppData\Local\Temp\nts6.tmp
C:\Users\eric\AppData\Local\Temp\ocx.out
C:\Users\eric\AppData\Local\Temp\pa_0105.exe
C:\Users\eric\AppData\Local\Temp\paulina_muere.exe
C:\Users\eric\AppData\Local\Temp\photo*.zip
C:\Users\eric\AppData\Local\Temp\Photo.exe
C:\Users\eric\AppData\Local\Temp\picturas.zip
C:\Users\eric\AppData\Local\Temp\pork.exe
C:\Users\eric\AppData\Local\Temp\pqokfkgksd.cmd
C:\Users\eric\AppData\Local\Temp\realsched.exe
C:\Users\eric\AppData\Local\Temp\removalfile.bat
C:\Users\eric\AppData\Local\Temp\RTHDCPL.exe
C:\Users\eric\AppData\Local\Temp\Saturdaynight.zip
C:\Users\eric\AppData\Local\Temp\scs14.tmp
C:\Users\eric\AppData\Local\Temp\scs15.tmp
C:\Users\eric\AppData\Local\Temp\second.exe
C:\Users\eric\AppData\Local\Temp\server.exe
C:\Users\eric\AppData\Local\Temp\serverivy.exe
C:\Users\eric\AppData\Local\Temp\service.exe
C:\Users\eric\AppData\Local\Temp\services.exe
C:\Users\eric\AppData\Local\Temp\Setup.exe
C:\Users\eric\AppData\Local\Temp\sistema32.com
C:\Users\eric\AppData\Local\Temp\spoolsv.exe
C:\Users\eric\AppData\Local\Temp\sscrx.scr
C:\Users\eric\AppData\Local\Temp\svcchhost.exe
C:\Users\eric\AppData\Local\Temp\svcghost.exe
C:\Users\eric\AppData\Local\Temp\svchost.dll
C:\Users\eric\AppData\Local\Temp\svchost.exe
C:\Users\eric\AppData\Local\Temp\svchost.exe
C:\Users\eric\AppData\Local\Temp\svhossst.exe
C:\Users\eric\AppData\Local\Temp\tosvid45.vxd
C:\Users\eric\AppData\Local\Temp\tug.php
C:\Users\eric\AppData\Local\Temp\un.bat
C:\Users\eric\AppData\Local\Temp\Update.exe
C:\Users\eric\AppData\Local\Temp\w1.txt.$$$
C:\Users\eric\AppData\Local\Temp\win.exe
C:\Users\eric\AppData\Local\Temp\winamp.exe
C:\Users\eric\AppData\Local\Temp\winlogon.exe
C:\Users\eric\AppData\Local\Temp\winnttemp100mr\wmplayers.exe
C:\Users\eric\AppData\Local\Temp\wintouch.cfg
C:\Users\eric\AppData\Local\Temp\wnupd.exe
C:\Users\eric\AppData\Local\Temp\wuaucltt.exe
C:\Users\eric\AppData\Local\Temp\z1.txt
C:\Users\eric\AppData\Local\TempARC64\video celular pscina hoje.scr
C:\Users\eric\??????.exe
C:\Users\eric\????????.exe
C:\Users\eric\\1-1148.exe
C:\Users\eric\061236.exe
C:\Users\eric\072765.exe
C:\Users\eric\1.exe
C:\Users\eric\1148.exe
C:\Users\eric\175023.exe
C:\Users\eric\1xslhkdid.exe
C:\Users\eric\2.exe
C:\Users\eric\310382.exe
C:\Users\eric\318876.exe
C:\Users\eric\420836.exe
C:\Users\eric\46732.exe
C:\Users\eric\503821.exe
C:\Users\eric\568625.exe
C:\Users\eric\826024.exe
C:\Users\eric\858112.exe
C:\Users\eric\amhzdc.exe
C:\Users\eric\ariant.txt
C:\Users\eric\athpvzrj.exe
C:\Users\eric\auto.txt
C:\Users\eric\dload.exe
C:\Users\eric\eg.exe
C:\Users\eric\egos.txt
C:\Users\eric\fumokabm.exe
C:\Users\eric\gvfcrsuf.exe
C:\Users\eric\iiguuolv.exe
C:\Users\eric\image.exe
C:\Users\eric\jdwaxmil.exe
C:\Users\eric\jkuqnqpo.exe
C:\Users\eric\kbavskvo.exe
C:\Users\eric\lhaj.txt
C:\Users\eric\lmwpfl.exe
C:\Users\eric\Local Settings\Application Data\addon.dat
C:\Users\eric\lvuegs.exe
C:\Users\eric\Modegreat.exe
C:\Users\eric\msdirectx.sys
C:\Users\eric\NETVISION.exe
C:\Users\eric\new.txt
C:\Users\eric\njpsmz.exe
C:\Users\eric\nnfiemap.exe
C:\Users\eric\omcnefan.exe
C:\Users\eric\oyraon.exe
C:\Users\eric\plpmya.exe
C:\Users\eric\qbspin.exe
C:\Users\eric\qhcbibeu.exe
C:\Users\eric\rgtlha.exe
C:\Users\eric\svbhost.exe
C:\Users\eric\svghost.exe
C:\Users\eric\svshost.exe
C:\Users\eric\swbheiyk.exe
C:\Users\eric\vamrgakg.exe
C:\Users\eric\vfcqqind.exe
C:\Users\eric\winxvc.exe
C:\Users\eric\wnstbiyn.exe
C:\Users\eric\yoaoux.exe
C:\Users\eric\yocpyckx.exe
C:\Windows\?tnoup.exe
C:\Windows\01.exe
C:\Windows\01.htm
C:\Windows\11.exe
C:\Windows\17PHolmes1148.exe
C:\Windows\22.exe
C:\Windows\33.exe
C:\Windows\44.exe
C:\Windows\a.bat
C:\Windows\a1.exe
C:\Windows\aas.scr
C:\Windows\abcd.exe
C:\Windows\Acronis.exe
C:\Windows\addins\svchost.exe
C:\Windows\admintxt.txt
C:\Windows\aIg.exe
C:\Windows\aimmsn.exe
C:\Windows\alg.exe
C:\Windows\alggx.exe
C:\Windows\anima.exe
C:\Windows\ansmtp.dll
C:\Windows\ansmtpbuild.dll
C:\Windows\Antivirus32.exe
C:\Windows\Arq.ini
C:\Windows\arqui1.exe
C:\Windows\arquivo.exe
C:\Windows\ashDisp.exe
C:\Windows\Ashdsp.exe
C:\Windows\AshleyHottie.zip
C:\Windows\ashServ.exe
C:\Windows\ashSv.exe
C:\Windows\astra.cmd
C:\Windows\athycxvvx.exe
C:\Windows\athydxvvx.exe
C:\Windows\athyhxvvx.exe
C:\Windows\athylxvvx.exe
C:\Windows\ati3evx.exe
C:\Windows\ati5vxxx.exe
C:\Windows\atrvmmx.exe
C:\Windows\audi.scr
C:\Windows\audise.exe
C:\Windows\av.exe
C:\Windows\avast.exe
C:\Windows\Avconsol.exe
C:\Windows\avgdos.exe
C:\Windows\avp.exe
C:\Windows\Avsgccs.scr
C:\Windows\b???.exe
C:\Windows\b122.exe
C:\Windows\b122.exe.bin
C:\Windows\bak\avconsol.exe
C:\Windows\bak\zap.exe
C:\Windows\Barack.obama.zip
C:\Windows\bass.exe
C:\Windows\beach.zip
C:\Windows\bloggermessenger.exe
C:\Windows\blue.exe
C:\Windows\bmp2jpeg.dll
C:\Windows\bohas.scr
C:\Windows\bootvid.dll
C:\Windows\browseui.exe
C:\Windows\bsyys.temp
C:\Windows\bsyys.tmp
C:\Windows\BushIsDumb!.zip
C:\Windows\BWJLM1334.ZIP
C:\Windows\C005_jpg.zip
C:\Windows\c8iu3h.log
C:\Windows\caixa.exe
C:\Windows\cartaos.exe
C:\Windows\ccSvcHst.exe
C:\Windows\CDSpeed.exe
C:\Windows\Cfreer.exe
C:\Windows\cftxith.exe
C:\Windows\charmmpxp.exe
C:\Windows\chcp.exe
C:\Windows\chirstmas-2007.zip
C:\Windows\chirstmas-2007.zip
C:\Windows\ChristmasParty.zip
C:\Windows\ChristmasPictures.zip
C:\Windows\cillah83.exe.zip
C:\Windows\clmcs.exe
C:\Windows\cmd.exe
C:\Windows\code.exe
C:\Windows\comctl64.dll
C:\Windows\Config\amsn.exe
C:\Windows\config\msnmsgr.exe
C:\Windows\config\sistema.exe
C:\Windows\config\svchost.exe
C:\Windows\Config\ying.exe
C:\Windows\cookies.ini
C:\Windows\coolpic.zip
C:\Windows\crss.exe
C:\Windows\crss7.exe
C:\Windows\csrs.scr
C:\Windows\csrss.exe
C:\Windows\csrss.scr
C:\Windows\cssr.exe
C:\Windows\ctfmon.exe
C:\Windows\Cursors\GbpSvc.exe
C:\Windows\Cursors\IEXPLORE.EXE
C:\Windows\Cursors\mdll.exe
C:\Windows\Cursors\msng.exe
C:\Windows\Cursors\Ndtstat.exe
C:\Windows\Cursors\Pbrushy.exe
C:\Windows\Cursors\Rg2catbd.exe
C:\Windows\Cursors\udll.exe
C:\Windows\Cursors\yong.exe
C:\Windows\Dance_dec_jpg.zip
C:\Windows\database.txt
C:\Windows\DCS515610.zip
C:\Windows\Debug\javaws.exe
C:\Windows\default.cmd
C:\Windows\demon.zip
C:\Windows\devic.exe
C:\Windows\devices.exe
C:\Windows\digicam2005.zip
C:\Windows\diskdruid.exe
C:\Windows\diskk.exe
C:\Windows\Diup.exe
C:\Windows\dll32
C:\Windows\dllwin.exe
C:\Windows\dllwin.scr
C:\Windows\documents.exe
C:\Windows\done.dll
C:\Windows\Downloaded Program Files\Appstart.exe
C:\Windows\Downloaded Program Files\explorer.exe
C:\Windows\Downloaded Program Files\swfsyl.gpc
C:\Windows\Downloaded Program Files\wscntfy.exe
C:\Windows\dydhcp.exe
C:\Windows\enviafrase.exe
C:\Windows\epwf4q.pif
C:\Windows\Expert_Corp.exe
C:\Windows\exploere.scr
C:\Windows\explorer.exe.tmp
C:\Windows\explorer_.exe
C:\Windows\F0538_jpg.zip
C:\Windows\F0563_jpg.zip
C:\Windows\fabbors.exe.zip
C:\Windows\fechamalintencionado.exe
C:\Windows\fer.exe
C:\Windows\Festas.zip
C:\Windows\festas.zip
C:\Windows\fggwkl.exe
C:\Windows\fggwok.exe
C:\Windows\fgrpkc.exe
C:\Windows\findx.exe
C:\Windows\fire.scr
C:\Windows\firefoxpgm.exe
C:\Windows\folder.exe
C:\Windows\fonts\AUNZIP32.dll
C:\Windows\fonts\AZIP32.dll
C:\Windows\Fonts\compactado.rar
C:\Windows\Fonts\Crack.exe
C:\Windows\Fonts\GbpSV.exe
C:\Windows\fonts\inetinfo.exe
C:\Windows\fonts\msnmsgr.exe
C:\Windows\fonts\mulherachada.exe
C:\Windows\Fonts\newbi.exe
C:\Windows\Fonts\newre.exe
C:\Windows\Fonts\nxzero1.exe
C:\Windows\fonts\OSSMTP.dll
C:\Windows\Fonts\svchost.exe
C:\Windows\fonts\taskmgr.exe
C:\Windows\Fonts\WinSend.exe
C:\Windows\Fonts\WinSend.rar
C:\Windows\formatsys.exe
C:\Windows\foto.exe
C:\Windows\fotos.exe
C:\Windows\fotos.scr
C:\Windows\fotos2.exe
C:\Windows\freshphotos.zip
C:\Windows\fuckin-around.zip
C:\Windows\funny.zip
C:\Windows\G038_jpg.rar
C:\Windows\G038_jpg.zip
C:\Windows\g7n4l2o4i4v4.exe
C:\Windows\GbpSvc.exe
C:\Windows\gdk.exe
C:\Windows\getps.exe
C:\Windows\gets.exe
C:\Windows\gl0b0.exe
C:\Windows\gordo1.exe
C:\Windows\gordo1.exe
C:\Windows\gordo2.exe
C:\Windows\gsmutx.exe
C:\Windows\gtaltg.exe
C:\Windows\hahahha.zip
C:\Windows\happy_new_year_pics2008.zip
C:\Windows\happy2008.exe
C:\Windows\Happy2008.zip
C:\Windows\Help.exe
C:\Windows\help.scr
C:\Windows\help\Isass.exe
C:\Windows\help\Issas.exe
C:\Windows\Help\korn.scr
C:\Windows\help\msnm.scr
C:\Windows\Help\orgut.scr
C:\Windows\help\svchost.exe
C:\Windows\Help\svhost.exe
C:\Windows\help\svhost.exe
C:\Windows\help\svhost.exe
C:\Windows\help\systemb.exe
C:\Windows\Help\systemb.exe
C:\Windows\help\unicox.exe
C:\Windows\helppo.exe
C:\Windows\here.exe
C:\Windows\HEREB.exe
C:\Windows\herebaby.exe
C:\Windows\Hide32.exe
C:\Windows\hinhem.scr
C:\Windows\hork.exe
C:\Windows\hostdll.exe
C:\Windows\Hostren.exe
C:\Windows\hot.exe
C:\Windows\hptzb02.exe
C:\Windows\hpztsb02.exe
C:\Windows\htssv32.exe
C:\Windows\i.exe
C:\Windows\i5fslg.scf
C:\Windows\ie.exe
C:\Windows\ieupdate.dat
C:\Windows\iexplore.exe
C:\Windows\iexplorer.exe
C:\Windows\iexplorer6.exe
C:\Windows\iexplorer7.exe
C:\Windows\IFinst27.exe
C:\Windows\imag091307.zip
C:\Windows\image09.zip
C:\Windows\images.zip
C:\Windows\images.zip
C:\Windows\ime\mssng.cmd
C:\Windows\ime\PIC30052007.JPEG
C:\Windows\ime\smxs.cmd
C:\Windows\IMG-0012.zip
C:\Windows\IMG-0024.zip
C:\Windows\IMG-3443.zip
C:\Windows\IMG-9404.zip
C:\Windows\IMG0024.zip
C:\Windows\img2007-12.zip
C:\Windows\img317.zip
C:\Windows\img4851.zip
C:\Windows\imgac157.zip
C:\Windows\imgrt.scr
C:\Windows\inf\dllhost.exe
C:\Windows\inf\infw.com
C:\Windows\inf\LSAS.exe
C:\Windows\inf\rdshost32.exe
C:\Windows\inf\svchost.exe
C:\Windows\inf\system1591.exe
C:\Windows\inf\wkssvr.exe
C:\Windows\infowshb.dll
C:\Windows\install.exe
C:\Windows\instr32.exe
C:\Windows\instr64.exe
C:\Windows\internt.exe
C:\Windows\Isass.exe
C:\Windows\jabbors.exe.zip
C:\Windows\janica_ingves.exe.zip
C:\Windows\java\expllorer.exe
C:\Windows\java\msgmsn.exe
C:\Windows\java\msmmsn.exe
C:\Windows\java\mw.exe
C:\Windows\java\Packages.cmd
C:\Windows\java\svchost.exe
C:\Windows\java\update.exe
C:\Windows\jdbgmgrnt.exe
C:\Windows\jitbv.exe
C:\Windows\jkotkama.exe.zip
C:\Windows\jpb.exe
C:\Windows\jshxw.exe
C:\Windows\junchep.exe
C:\Windows\juscheds.exe
C:\Windows\jusjava.exe
C:\Windows\justchd.exe
C:\Windows\jvms.exe
C:\Windows\katjohan.exe.zip
C:\Windows\kernel.exe
C:\Windows\kernels32.exe
C:\Windows\ko6bn9.bmp
C:\Windows\lastnight.zip
C:\Windows\LBTWiz.exe
C:\Windows\Lexplorer.exe
C:\Windows\lg.scr
C:\Windows\lillinygard.exe.zip
C:\Windows\LinksMode.dat
C:\Windows\linuxxp32.exe
C:\Windows\live.messenger.com
C:\Windows\lnk_dados_2.dll
C:\Windows\log46.txt
C:\Windows\loggon.exe
C:\Windows\login.dll
C:\Windows\logo1.gif
C:\Windows\Logun.exe
C:\Windows\lotta.keskinen.exe.zip
C:\Windows\lsas32.exe
C:\Windows\lsass.exe
C:\Windows\lsasss.exe
C:\Windows\lsnas.exe
C:\Windows\lspt.exe
C:\Windows\lssas.exe
C:\Windows\lssman.exe
C:\Windows\mac1.com
C:\Windows\mag091307.zip
C:\Windows\malhaazul.exe
C:\Windows\Marry_Christmas_jpg.zip
C:\Windows\maseg.exe.zip
C:\Windows\masvik.exe.zip
C:\Windows\mdfg4v.ge
C:\Windows\mdll.exe
C:\Windows\media\arquivo.exe
C:\Windows\media\arquivo.exe
C:\Windows\Media\Call32.exe
C:\Windows\Media\ExP.exe
C:\Windows\MEDIA\hp32.exe
C:\Windows\Media\hptools.exe
C:\Windows\media\messenger.exe
C:\Windows\media\messenger.exe
C:\Windows\MEDIA\microsoft.exe
C:\Windows\Media\microsoftware.exe
C:\Windows\media\plugin.exe
C:\Windows\Media\rundII32.exe
C:\Windows\Media\w7zip.exe
C:\Windows\Media\WinetWork.exe
C:\Windows\Media\WineWork.exe
C:\Windows\Media\WriteWork.exe
C:\Windows\Mensagem.exe
C:\Windows\mess -.exe
C:\Windows\messenger.exe
C:\Windows\messengerapp.exe
C:\Windows\mfvq4.e
C:\Windows\mfvq5.e
C:\Windows\mgrs.exe
C:\Windows\Microsoft.exe
C:\Windows\mjhor.exe
C:\Windows\mnsns.scr
C:\Windows\monitor1a.exe
C:\Windows\mono.exe
C:\Windows\mono.exe
C:\Windows\mouse32.vxd
C:\Windows\mrofinu*.exe
C:\Windows\mrofinu*.exe.tmp
C:\Windows\mrofinu.exe
C:\Windows\Mrshield.exe
C:\Windows\ms.exe
C:\Windows\msapp\bifserver.exe
C:\Windows\msapps\bifserver.exe
C:\Windows\msapps\modulo3.txt
C:\Windows\msapps\msinfo\msappts32.exe
C:\Windows\msconfig.exe
C:\Windows\msdnwin.exe
C:\Windows\msg.exe
C:\Windows\msgnlive.exe
C:\Windows\msgr.exe
C:\Windows\msimn.exe
C:\Windows\msmbw.exe
C:\Windows\MsmMsgr.exe
C:\Windows\msmsg.exe
C:\Windows\msmsgr.exe
C:\Windows\msmsgrs.exe
C:\Windows\msmsgrsu.exe
C:\Windows\msn.exe
C:\Windows\msn.vbs
C:\Windows\msn_profile.zip
C:\Windows\msnappm.exe
C:\Windows\msnbr.exe
C:\Windows\msng.exe
C:\Windows\msngr.exe
C:\Windows\msngsrs.exe
C:\Windows\msnimport.exe
C:\Windows\msnlogm.exe
C:\Windows\msnlogs.exe
C:\Windows\MsnMgr.exe
C:\Windows\msnmsg.exe
C:\Windows\msnmsgr.exe
C:\Windows\msnmsgr1.exe
C:\Windows\msnmsgr2.exe
C:\Windows\msnmsgs.exe
C:\Windows\msnmsgs.exe
C:\Windows\msnmsngr.exe
C:\Windows\msnmsnr.scr
C:\Windows\msnmsnr.tmp
C:\Windows\msnmssgr2.exe
C:\Windows\msnmsur.exe
C:\Windows\msnnsggr2.exe
C:\Windows\msnnsgrl.exe
C:\Windows\MSNP.exe
C:\Windows\msnupdate.zip
C:\Windows\MsnValue.exe
C:\Windows\mssoffice.tmp
C:\Windows\mssq.exe
C:\Windows\mssvc32.exe
C:\Windows\mstray.exe
C:\Windows\msword.exe
C:\Windows\msync.exe
C:\Windows\mtnoup.exe
C:\Windows\Mwsx.exe
C:\Windows\mxjxde.exe
C:\Windows\My-Pictures.zip
C:\Windows\My_Pictures2007
C:\Windows\My_Pictures2007.zip
C:\Windows\mycat.zip
C:\Windows\myphotos.zip
C:\Windows\mypicture2007.zip
C:\Windows\myspace-facebook.zip
C:\Windows\myspace.zip
C:\Windows\N039_jpg.zip
C:\Windows\n0tepad.exe
C:\Windows\N5881.zip
C:\Windows\naughtysantacostume.zip
C:\Windows\Ndtstat.exe
C:\Windows\New-Year2008-imgaes.zip
C:\Windows\new.exe
C:\Windows\newname.dat
C:\Windows\NewYearsEvePartyPictures.zip
C:\Windows\nod32.exe
C:\Windows\Nokia_19_jpg.zip
C:\Windows\Nokia_19_jpg.zip
C:\Windows\nomedoprograma.exe
C:\Windows\Norton.exe
C:\Windows\NOTEEPAD.exe
C:\Windows\ntmngr.exe
C:\Windows\ntrmv.exe
C:\Windows\nts.exe
C:\Windows\nucle.exe
C:\Windows\NvCpl.exe
C:\Windows\Nzil.exe
C:\Windows\ofice.exe
C:\Windows\okuta.exe
C:\Windows\orkut.scr
C:\Windows\ot8q4cp.bmp
C:\Windows\Outlook.exe
C:\Windows\p0017_jpg.zip
C:\Windows\Partizan.jpg
C:\Windows\party003.zip
C:\Windows\passt.scr
C:\Windows\patchxp21.exe
C:\Windows\PCHEALTER.exe
C:\Windows\pegalista.exe
C:\Windows\perfmon.exe
C:\Windows\photo album 2007.zip
C:\Windows\photo album.zip
C:\Windows\photo.zip
C:\Windows\photo_album 2007.zip
C:\Windows\photo_album2007.zip
C:\Windows\photos-webcam2007.zip
C:\Windows\photos.zip
C:\Windows\photos156.zip
C:\Windows\pias-mejl.exe.zip
C:\Windows\PIC20052007.JPEG
C:\Windows\pic48174.zip
C:\Windows\pics.zip
C:\Windows\PictureAlbum2007.zip
C:\Windows\pif.exe
C:\Windows\plick.exe
C:\Windows\ponto.DLL
C:\Windows\ponto.dll
C:\Windows\practivea.exe
C:\Windows\Prefetch\msmsgxs.exe
C:\Windows\Prefetch\msn.exe
C:\Windows\Prefetch\msn.exe
C:\Windows\princess_sandra_86.exe.zip
C:\Windows\pruas.exe
C:\Windows\pss\Flash.exe
C:\Windows\pss\Widows.exe
C:\Windows\ptrms.exe
C:\Windows\Qtime.exe
C:\Windows\rcimlby.exe
C:\Windows\rdfhost.dll
C:\Windows\rdihost.dll
C:\Windows\rds.exe
C:\Windows\rdshost.dll
C:\Windows\RECYCLER\systems.com
C:\Windows\regcleaner.exe
C:\Windows\regedit.com
C:\Windows\regedti.exe
C:\Windows\regserve.cmd
C:\Windows\regserve.exe
C:\Windows\regservee.exe
C:\Windows\regsvr.exe
C:\Windows\retadpu.exe
C:\Windows\retadpu.exe.bin
C:\Windows\retadpu420.exe
C:\Windows\revali.exe
C:\Windows\Rg2catbd.exe
C:\Windows\ributeslideshow.zip
C:\Windows\rica.exe
C:\Windows\rispac.exe
C:\Windows\rnxntup.exe
C:\Windows\rqqsnd.exe
C:\Windows\rtf.bat
C:\Windows\rtutvb5d.dll
C:\Windows\rundl132.exe
C:\Windows\Rundll.exe
C:\Windows\runlog.dat
C:\Windows\RVHOST.exe
C:\Windows\rw.dlt
C:\Windows\s.scr
C:\Windows\S_00305_jpg.zip
C:\Windows\S04_jpg.zip
C:\Windows\s1.exe
C:\Windows\sampaerio.exe
C:\Windows\scanisk.exe
C:\Windows\schost32.exe
C:\Windows\ScktSrvr.exe
C:\Windows\screenwin.scr
C:\Windows\scvhost.exe
C:\Windows\scvhosts.exe
C:\Windows\sdrive\kler.exe
C:\Windows\Secs2006.exe
C:\Windows\sendwmdm.exe
C:\Windows\September11thTribute.zip
C:\Windows\serbw.exe
C:\Windows\sercivo.exe
C:\Windows\serv5.exe
C:\Windows\servc32.dll
C:\Windows\server.exe
C:\Windows\serverletwindows.exe
C:\Windows\serverletwindowsl.exe
C:\Windows\servic.exe
C:\Windows\service.exe
C:\Windows\service.scr
C:\Windows\service2.scr
C:\Windows\service32.exe
C:\Windows\service32.exe
C:\Windows\servicee.exe
C:\Windows\servicejava.scr
C:\Windows\servicejava2.scr
C:\Windows\servicer.exe
C:\Windows\services.dll
C:\Windows\services.exe
C:\Windows\servicestub.exe
C:\Windows\servico.exe
C:\Windows\servidevice.exe
C:\Windows\servidevice.exe
C:\Windows\setdebugnt.exe
C:\Windows\SetPoint.exe
C:\Windows\Setup.exe
C:\Windows\sexy.zip
C:\Windows\sexypic.zip
C:\Windows\sfhgj.exe
C:\Windows\shDisp.exe
C:\Windows\shdosbei.dat
C:\Windows\shdosbei.dll
C:\Windows\shdosbei.exe
C:\Windows\siswin.exe
C:\Windows\sjbsmgm.exe
C:\Windows\sk.exe
C:\Windows\sk070725.exe
C:\Windows\smss.exe
C:\Windows\smss.scr
C:\Windows\smsss.exe
C:\Windows\SMTPList.dat
C:\Windows\sndrec32.exe
C:\Windows\softdwind.exe
C:\Windows\sokctes.dll
C:\Windows\sokctes.zip
C:\Windows\spiderpig.zip
C:\Windows\spolis.exe
C:\Windows\spooldr.exe
C:\Windows\spoolsv.exe
C:\Windows\srsmsn.exe
C:\Windows\srsttn.exe
C:\Windows\ssssm.exe
C:\Windows\SSVICHOSST.exe
C:\Windows\stDebug.exe
C:\Windows\Strad.exe
C:\Windows\SubjectList.dat
C:\Windows\super.exe
C:\Windows\SVCH0ST.exe
C:\Windows\svch0st.exe
C:\Windows\SVCH0STll.EXE
C:\Windows\Svcho0t.exe
C:\Windows\svchosk.exe
C:\Windows\svchost
C:\Windows\svchost.com
C:\Windows\svchost.dll
C:\Windows\svchost.exe
C:\Windows\svchost.exe
C:\Windows\svchost.scr
C:\Windows\svchost32.exe
C:\Windows\svchosta.exe
C:\Windows\svchostd.exe
C:\Windows\svchosts.dll
C:\Windows\svchosts.dll
C:\Windows\svchosts.exe
C:\Windows\svchosts.scr
C:\Windows\svchosts.tmp
C:\Windows\svcr.exe
C:\Windows\svcupdate.exe
C:\Windows\svhost.temp
C:\Windows\svhost.tmp
C:\Windows\svhost32.exe
C:\Windows\svschost.sys
C:\Windows\svxh.exe
C:\Windows\sys1.exe
C:\Windows\SysArc.exe
C:\Windows\SYSHOST.DLL
C:\Windows\sysnet32.exe
C:\Windows\syss_.exe
C:\Windows\syst.dat
C:\Windows\System.exe
C:\Windows\system\ashDisp.exe
C:\Windows\system\ashServ.exe
C:\Windows\system\ashSv.exe
C:\Wind

t là je ne sait plus quoi faire ami......................snif snif lol je vais devoir me resoudre a formater le disque hein copain!!!!!