Sujet Précédent Sujet Suivant

Au secours j'ai un virus cid

Fermé
valouchka - 28 avril 2008 à 13:25
BloodyAngel Messages postés 1479 Date d'inscription mardi 21 juin 2005 Statut Contributeur Dernière intervention 21 juin 2018 - 28 avril 2008 à 13:30
Bonjour,
je vous transmet le rapport de mon scan comme vous le conseiller sur le site pourriez vous m'en dire plus pour que je puisse m'en debarrasser?
Merci d'avance
SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

Running on: Windows XP PROFESSIONAL Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS
SystemScan file: C:\Documents and Settings\HP_Administrateur\Mes documents\sys579.exe
Running in: User mode
Date: 28/04/2008
Time: 13:12:35

Output limited to:
-Recent files
-Registry Run Keys
-Scheduled jobs
-Services and Drivers (all)
-Suspicious Files
-Include HIJACKTHIS.log

===================== RECENT FILES =====================

Showing files newer than 60 days

----- recent files in C:\
28/03/2008 20:00:08 (DIR) 0 byte 31 days old -- System Volume Information
28/03/2008 20:02:56 211 byte 31 days old -- BOOT.BAK
28/03/2008 20:03:58 (DIR) 0 byte 31 days old -- Documents and Settings
28/03/2008 20:06:51 (DIR) 0 byte 31 days old -- cmdcons
28/03/2008 20:06:52 291 byte 31 days old -- boot.ini
29/03/2008 10:21:15 (DIR) 0 byte 30 days old -- hp
30/03/2008 23:16:59 (DIR) 0 byte 29 days old -- RECYCLER
03/04/2008 17:57:02 (DIR) 0 byte 25 days old -- temp
06/04/2008 16:12:25 (DIR) 0 byte 22 days old -- Binaries
08/04/2008 20:17:00 51295 byte 20 days old -- Installer.log
27/04/2008 02:26:50 11577888 byte 1 days old -- upload_moi_NOM-FB9B15D2723.tar.gz
27/04/2008 02:26:55 43496 byte 1 days old -- resultat.txt
28/04/2008 08:56:18 1509949440 byte 0 days old -- pagefile.sys
28/04/2008 08:56:20 (DIR)1005113344 byte 0 days old -- hiberfil.sys
28/04/2008 13:00:54 (DIR) 0 byte 0 days old -- Program Files
28/04/2008 13:06:43 (DIR) 0 byte 0 days old -- WINDOWS

----- recent files in C:\WINDOWS\
28/03/2008 19:57:05 (DIR) 0 byte 31 days old -- repair
28/03/2008 19:59:35 4502 byte 31 days old -- regopt.log
28/03/2008 20:00:13 1604 byte 31 days old -- DtcInstall.log
28/03/2008 20:00:20 2739 byte 31 days old -- sessmgr.setup.log
28/03/2008 20:03:11 493 byte 31 days old -- setuperr.log
28/03/2008 20:03:15 1134779 byte 31 days old -- setuplog.txt
28/03/2008 20:05:57 1178 byte 31 days old -- OEWABLog.txt
28/03/2008 20:06:18 (DIR) 0 byte 31 days old -- I386
28/03/2008 20:06:32 178 byte 31 days old -- DHCPUPG.LOG
28/03/2008 20:06:39 (DIR) 0 byte 31 days old -- setup.pss
28/03/2008 20:06:40 283 byte 31 days old -- UPGRADE.TXT
28/03/2008 20:06:51 16683 byte 31 days old -- WINNT32.LOG
28/03/2008 20:06:52 266 byte 31 days old -- wsdu.log
28/03/2008 20:15:34 (DIR) 0 byte 31 days old -- ftpcache
29/03/2008 04:54:19 (DIR) 0 byte 30 days old -- assembly
29/03/2008 04:54:19 (DIR) 0 byte 30 days old -- Offline Web Pages
29/03/2008 04:54:38 (DIR) 0 byte 30 days old -- SMINST
29/03/2008 11:57:03 (DIR) 0 byte 30 days old -- Help
29/03/2008 12:04:47 (DIR) 0 byte 30 days old -- $NtUninstallKB898461$
29/03/2008 12:04:51 7131 byte 30 days old -- KB898461.log
29/03/2008 12:05:03 2869 byte 30 days old -- KB928843.log
29/03/2008 12:22:15 21645 byte 30 days old -- KB890859.log
29/03/2008 12:22:19 19320 byte 30 days old -- KB944653.log
29/03/2008 12:22:23 20065 byte 30 days old -- KB914389.log
29/03/2008 12:22:27 20502 byte 30 days old -- KB920683.log
29/03/2008 12:22:31 20596 byte 30 days old -- KB943055.log
29/03/2008 12:22:35 20963 byte 30 days old -- KB935839.log
29/03/2008 12:22:41 289826 byte 30 days old -- msxml4-KB936181-enu.LOG
29/03/2008 12:22:44 20805 byte 30 days old -- KB896428.log
29/03/2008 12:22:50 22632 byte 30 days old -- KB913580.log
29/03/2008 12:23:04 12541 byte 30 days old -- KB923689.log
29/03/2008 12:23:07 22550 byte 30 days old -- KB905749.log
29/03/2008 12:23:11 22482 byte 30 days old -- KB943485.log
29/03/2008 12:23:15 22843 byte 30 days old -- KB935840.log
29/03/2008 12:23:19 33368 byte 30 days old -- KB920213.log
29/03/2008 12:23:32 53398 byte 30 days old -- KB944533.log
29/03/2008 12:23:36 30885 byte 30 days old -- KB938127.log
29/03/2008 12:23:42 32331 byte 30 days old -- KB900725.log
29/03/2008 12:23:47 29776 byte 30 days old -- KB888302.log
29/03/2008 12:23:51 40899 byte 30 days old -- KB941568.log
29/03/2008 12:23:55 32391 byte 30 days old -- KB926255.log
29/03/2008 12:24:00 37569 byte 30 days old -- KB918118.log
29/03/2008 12:24:05 32501 byte 30 days old -- KB941202.log
29/03/2008 12:24:09 30736 byte 30 days old -- KB923191.log
29/03/2008 12:24:13 43737 byte 30 days old -- KB932168.log
29/03/2008 12:24:17 34177 byte 30 days old -- KB905414.log
29/03/2008 12:24:21 39086 byte 30 days old -- KB917344.log
29/03/2008 12:24:26 35396 byte 30 days old -- KB914388.log
29/03/2008 12:24:32 35091 byte 30 days old -- KB919007.log
29/03/2008 12:24:42 25493 byte 30 days old -- KB941569.log
29/03/2008 12:24:46 35653 byte 30 days old -- KB930178.log
29/03/2008 12:24:48 (DIR) 0 byte 30 days old -- $NtUninstallKB942763$
29/03/2008 12:24:51 46495 byte 30 days old -- KB942763.log
29/03/2008 12:24:56 36831 byte 30 days old -- KB920872.log
29/03/2008 12:25:00 34635 byte 30 days old -- KB926436.log
29/03/2008 12:25:04 35088 byte 30 days old -- KB890046.log
29/03/2008 12:25:08 34951 byte 30 days old -- KB918439.log
29/03/2008 12:25:11 38167 byte 30 days old -- KB920670.log
29/03/2008 12:25:16 35373 byte 30 days old -- KB929123.log
29/03/2008 12:25:33 30353 byte 30 days old -- KB913800.log
29/03/2008 12:25:38 37343 byte 30 days old -- KB925902.log
29/03/2008 12:25:43 29126 byte 30 days old -- KB910437.log
29/03/2008 12:25:55 26718 byte 30 days old -- KB925398.log
29/03/2008 12:25:58 37416 byte 30 days old -- KB938829.log
29/03/2008 12:26:02 36864 byte 30 days old -- KB946026.log
29/03/2008 12:26:07 29789 byte 30 days old -- KB927891.log
29/03/2008 12:26:11 37365 byte 30 days old -- KB941644.log
29/03/2008 12:26:15 43244 byte 30 days old -- KB924496.log
29/03/2008 12:26:19 37037 byte 30 days old -- KB931261.log
29/03/2008 12:26:23 38438 byte 30 days old -- KB924270.log
29/03/2008 12:26:29 39080 byte 30 days old -- KB900485.log
29/03/2008 12:26:33 39120 byte 30 days old -- KB896423.log
29/03/2008 12:26:37 36513 byte 30 days old -- KB924667.log
29/03/2008 12:26:40 39220 byte 30 days old -- KB938828.log
29/03/2008 12:26:45 39714 byte 30 days old -- KB936021.log
29/03/2008 12:26:49 40216 byte 30 days old -- KB911280.log
29/03/2008 12:26:54 40833 byte 30 days old -- KB923980.log
29/03/2008 12:26:58 41323 byte 30 days old -- KB893756.log
29/03/2008 12:27:03 40629 byte 30 days old -- KB920685.log
29/03/2008 12:27:07 32618 byte 30 days old -- KB933729.log
29/03/2008 12:27:11 27989 byte 30 days old -- KB923723.log
29/03/2008 12:27:15 42238 byte 30 days old -- KB899591.log
29/03/2008 12:27:20 41924 byte 30 days old -- KB901017.log
29/03/2008 12:27:24 43548 byte 30 days old -- KB942840.log
29/03/2008 12:27:28 42359 byte 30 days old -- KB911927.log
29/03/2008 12:27:33 33116 byte 30 days old -- KB935448.log
29/03/2008 12:27:40 44545 byte 30 days old -- KB931784.log
29/03/2008 12:27:47 44108 byte 30 days old -- KB928255.log
29/03/2008 12:27:53 45151 byte 30 days old -- KB937894.log
29/03/2008 12:27:57 43930 byte 30 days old -- KB923414.log
29/03/2008 12:28:02 45723 byte 30 days old -- KB922819.log
29/03/2008 12:28:10 36079 byte 30 days old -- KB943460.log
29/03/2008 12:28:15 45315 byte 30 days old -- KB927802.log
29/03/2008 12:28:20 48665 byte 30 days old -- KB927779.log
29/03/2008 12:28:24 49326 byte 30 days old -- KB899587.log
29/03/2008 12:29:38 (DIR) 0 byte 30 days old -- msagent
29/03/2008 12:30:02 316640 byte 30 days old -- WMSysPr9.prx
29/03/2008 12:42:12 7908 byte 30 days old -- KB936782.log
29/03/2008 12:42:26 8543 byte 30 days old -- KB930494.log
29/03/2008 12:42:52 12688 byte 30 days old -- KB930916.log
29/03/2008 12:42:56 12594 byte 30 days old -- KB916595.log
29/03/2008 12:43:00 7014 byte 30 days old -- KB886185.log
29/03/2008 12:43:06 10043 byte 30 days old -- KB922582.log
29/03/2008 12:44:16 1183 byte 30 days old -- ie7_main.log
29/03/2008 12:45:43 34328 byte 30 days old -- spupdsvc.log
29/03/2008 13:13:15 (DIR) 0 byte 30 days old -- SoftwareDistribution
29/03/2008 13:14:12 6665 byte 30 days old -- KB892130.log
29/03/2008 22:14:37 (DIR) 0 byte 30 days old -- Downloaded Program Files
30/03/2008 01:42:05 6860 byte 29 days old -- KB926251.log
30/03/2008 20:25:38 28734 byte 29 days old -- wmsetup.log
02/04/2008 08:53:21 (DIR) 0 byte 26 days old -- CSC
03/04/2008 17:50:55 (DIR) 0 byte 25 days old -- Profiles
03/04/2008 17:57:02 (DIR) 0 byte 25 days old -- msapps
03/04/2008 17:59:11 (DIR) 0 byte 25 days old -- ShellNew
03/04/2008 18:00:16 (DIR) 0 byte 25 days old -- Fonts
03/04/2008 18:00:47 379 byte 25 days old -- ODBC.INI
05/04/2008 16:42:43 (DIR) 0 byte 23 days old -- system
06/04/2008 16:11:29 268 byte 22 days old -- System.ini
06/04/2008 16:42:05 (DIR) 0 byte 22 days old -- PrefsLM01
06/04/2008 16:42:05 (DIR) 0 byte 22 days old -- prefTransLM20
07/04/2008 09:51:55 373967 byte 21 days old -- setupact.log
08/04/2008 16:57:09 (DIR) 0 byte 20 days old -- security
08/04/2008 20:16:22 159 byte 20 days old -- Directx.log
09/04/2008 16:59:50 128627 byte 19 days old -- hpoins11.dat.temp
09/04/2008 18:45:41 157 byte 19 days old -- WININIT.INI
09/04/2008 19:08:36 (DIR) 0 byte 19 days old -- twain_32
09/04/2008 19:14:36 129249 byte 19 days old -- hpoins11.dat
10/04/2008 00:52:24 13981 byte 18 days old -- KB945553.log
10/04/2008 00:52:29 14676 byte 18 days old -- KB944338.log
10/04/2008 00:53:18 13973 byte 18 days old -- KB948590.log
10/04/2008 00:53:26 14173 byte 18 days old -- KB941693.log
10/04/2008 00:53:38 46570 byte 18 days old -- updspapi.log
10/04/2008 00:53:41 36056 byte 18 days old -- KB947864.log
10/04/2008 00:53:41 1374 byte 18 days old -- imsins.BAK
10/04/2008 00:53:42 (DIR) 0 byte 18 days old -- $hf_mig$
10/04/2008 00:53:45 245110 byte 18 days old -- msmqinst.log
10/04/2008 00:53:45 38210 byte 18 days old -- msgsocm.log
10/04/2008 00:53:45 43701 byte 18 days old -- ehOCGen.log
10/04/2008 00:53:45 11854 byte 18 days old -- KB948881.log
10/04/2008 00:53:45 98243 byte 18 days old -- MedCtrOC.log
10/04/2008 00:53:45 353095 byte 18 days old -- tsoc.log
10/04/2008 00:53:45 38303 byte 18 days old -- tabletoc.log
10/04/2008 00:53:45 265353 byte 18 days old -- comsetup.log
10/04/2008 00:53:45 159672 byte 18 days old -- ntdtcsetup.log
10/04/2008 00:53:45 89305 byte 18 days old -- plusoc.log
10/04/2008 00:53:45 373158 byte 18 days old -- ocgen.log
10/04/2008 00:53:45 771149 byte 18 days old -- FaxSetup.log
10/04/2008 00:53:45 42126 byte 18 days old -- ocmsn.log
10/04/2008 00:53:45 881244 byte 18 days old -- iis6.log
10/04/2008 00:53:45 146993 byte 18 days old -- netfxocm.log
10/04/2008 00:53:45 1374 byte 18 days old -- imsins.log
10/04/2008 08:27:01 608 byte 18 days old -- win.ini
24/04/2008 00:00:18 295 byte 4 days old -- projRecent.lst
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB885250$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB886185$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB885836$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB873339$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB885835$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $MSI31Uninstall_KB893803v2$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB883667$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB887742$
26/04/2008 00:03:03 (DIR) 0 byte 2 days old -- $NtUninstallKB887472$
26/04/2008 00:03:04 (DIR) 0 byte 2 days old -- $NtUninstallKB890175$
26/04/2008 00:03:04 (DIR) 0 byte 2 days old -- $NtUninstallKB890046$
26/04/2008 00:03:04 (DIR) 0 byte 2 days old -- $NtUninstallKB890859$
26/04/2008 00:03:04 (DIR) 0 byte 2 days old -- $NtUninstallKB892050$
26/04/2008 00:03:04 (DIR) 0 byte 2 days old -- $NtUninstallKB888113$
26/04/2008 00:03:04 (DIR) 0 byte 2 days old -- $NtUninstallKB891781$
26/04/2008 00:03:04 (DIR) 0 byte 2 days old -- $NtUninstallKB888302$
26/04/2008 00:03:05 (DIR) 0 byte 2 days old -- $NtUninstallKB896358$
26/04/2008 00:03:05 (DIR) 0 byte 2 days old -- $NtUninstallKB896422$
26/04/2008 00:03:05 (DIR) 0 byte 2 days old -- $NtUninstallKB896423$
26/04/2008 00:03:05 (DIR) 0 byte 2 days old -- $NtUninstallKB893066$
26/04/2008 00:03:05 (DIR) 0 byte 2 days old -- $NtUninstallKB893357$
26/04/2008 00:03:05 (DIR) 0 byte 2 days old -- $NtUninstallKB893756$
26/04/2008 00:03:05 (DIR) 0 byte 2 days old -- $NtUninstallKB896424$
26/04/2008 00:03:06 (DIR) 0 byte 2 days old -- $NtUninstallKB900485$
26/04/2008 00:03:06 (DIR) 0 byte 2 days old -- $NtUninstallKB900725$
26/04/2008 00:03:06 (DIR) 0 byte 2 days old -- $NtUninstallKB899591$
26/04/2008 00:03:06 (DIR) 0 byte 2 days old -- $NtUninstallKB896428$
26/04/2008 00:03:06 (DIR) 0 byte 2 days old -- $NtUninstallKB899587$
26/04/2008 00:03:07 (DIR) 0 byte 2 days old -- $NtUninstallKB904706$
26/04/2008 00:03:07 (DIR) 0 byte 2 days old -- $NtUninstallKB905414$
26/04/2008 00:03:07 (DIR) 0 byte 2 days old -- $NtUninstallKB902400$
26/04/2008 00:03:07 (DIR) 0 byte 2 days old -- $NtUninstallKB901017$
26/04/2008 00:03:07 (DIR) 0 byte 2 days old -- $NtUninstallKB901214$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB910437$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB910393$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB911562$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB911280$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB906569$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB905749$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB908531$
26/04/2008 00:03:08 (DIR) 0 byte 2 days old -- $NtUninstallKB908519$
26/04/2008 00:03:09 (DIR) 0 byte 2 days old -- $NtUninstallKB912024$
26/04/2008 00:03:09 (DIR) 0 byte 2 days old -- $NtUninstallKB912067$
26/04/2008 00:03:09 (DIR) 0 byte 2 days old -- $NtUninstallKB911565$
26/04/2008 00:03:09 (DIR) 0 byte 2 days old -- $NtUninstallKB911927$
26/04/2008 00:03:10 (DIR) 0 byte 2 days old -- $NtUninstallKB912919$
26/04/2008 00:03:10 (DIR) 0 byte 2 days old -- $NtUninstallKB912812$
26/04/2008 00:03:11 (DIR) 0 byte 2 days old -- $NtUninstallKB913580$
26/04/2008 00:03:11 (DIR) 0 byte 2 days old -- $NtUninstallKB913800$
26/04/2008 00:03:11 (DIR) 0 byte 2 days old -- $NtUninstallKB912945$
26/04/2008 00:03:12 (DIR) 0 byte 2 days old -- $NtUninstallKB914389$
26/04/2008 00:03:12 (DIR) 0 byte 2 days old -- $NtUninstallKB917344$
26/04/2008 00:03:12 (DIR) 0 byte 2 days old -- $NtUninstallKB916595$
26/04/2008 00:03:12 (DIR) 0 byte 2 days old -- $NtUninstallKB914388$
26/04/2008 00:03:13 (DIR) 0 byte 2 days old -- $NtUninstallKB918439$
26/04/2008 00:03:13 (DIR) 0 byte 2 days old -- $NtUninstallKB918118$
26/04/2008 00:03:13 (DIR) 0 byte 2 days old -- $NtUninstallKB919007$
26/04/2008 00:03:14 (DIR) 0 byte 2 days old -- $NtUninstallKB920685$
26/04/2008 00:03:14 (DIR) 0 byte 2 days old -- $NtUninstallKB920683$
26/04/2008 00:03:14 (DIR) 0 byte 2 days old -- $NtUninstallKB920213$
26/04/2008 00:03:14 (DIR) 0 byte 2 days old -- $NtUninstallKB920670$
26/04/2008 00:03:15 (DIR) 0 byte 2 days old -- $NtUninstallKB923414$
26/04/2008 00:03:15 (DIR) 0 byte 2 days old -- $NtUninstallKB923689$
26/04/2008 00:03:15 (DIR) 0 byte 2 days old -- $NtUninstallKB923191$
26/04/2008 00:03:15 (DIR) 0 byte 2 days old -- $NtUninstallKB920872$
26/04/2008 00:03:15 (DIR) 0 byte 2 days old -- $NtUninstallKB922582$
26/04/2008 00:03:15 (DIR) 0 byte 2 days old -- $NtUninstallKB922819$
26/04/2008 00:03:16 (DIR) 0 byte 2 days old -- $NtUninstallKB924496$
26/04/2008 00:03:16 (DIR) 0 byte 2 days old -- $NtUninstallKB924270$
26/04/2008 00:03:16 (DIR) 0 byte 2 days old -- $NtUninstallKB923723$
26/04/2008 00:03:16 (DIR) 0 byte 2 days old -- $NtUninstallKB923980$
26/04/2008 00:03:17 (DIR) 0 byte 2 days old -- $NtUninstallKB925902$
26/04/2008 00:03:17 (DIR) 0 byte 2 days old -- $NtUninstallKB925398_WMP64$
26/04/2008 00:03:17 (DIR) 0 byte 2 days old -- $NtUninstallKB924667$
26/04/2008 00:03:18 (DIR) 0 byte 2 days old -- $NtUninstallKB927779$
26/04/2008 00:03:18 (DIR) 0 byte 2 days old -- $NtUninstallKB927802$
26/04/2008 00:03:18 (DIR) 0 byte 2 days old -- $NtUninstallKB927891$
26/04/2008 00:03:18 (DIR) 0 byte 2 days old -- $NtUninstallKB926251$
26/04/2008 00:03:18 (DIR) 0 byte 2 days old -- $NtUninstallKB926255$
26/04/2008 00:03:18 (DIR) 0 byte 2 days old -- $NtUninstallKB926436$
26/04/2008 00:03:19 (DIR) 0 byte 2 days old -- $NtUninstallKB930494$
26/04/2008 00:03:19 (DIR) 0 byte 2 days old -- $NtUninstallKB930916$
26/04/2008 00:03:19 (DIR) 0 byte 2 days old -- $NtUninstallKB931261$
26/04/2008 00:03:19 (DIR) 0 byte 2 days old -- $NtUninstallKB928255$
26/04/2008 00:03:19 (DIR) 0 byte 2 days old -- $NtUninstallKB929123$
26/04/2008 00:03:19 (DIR) 0 byte 2 days old -- $NtUninstallKB930178$
26/04/2008 00:03:20 (DIR) 0 byte 2 days old -- $NtUninstallKB931784$
26/04/2008 00:03:20 (DIR) 0 byte 2 days old -- $NtUninstallKB935448$
26/04/2008 00:03:20 (DIR) 0 byte 2 days old -- $NtUninstallKB935839$
26/04/2008 00:03:20 (DIR) 0 byte 2 days old -- $NtUninstallKB932168$
26/04/2008 00:03:20 (DIR) 0 byte 2 days old -- $NtUninstallKB933729$
26/04/2008 00:03:21 (DIR) 0 byte 2 days old -- $NtUninstallKB936782_WMP10$
26/04/2008 00:03:21 (DIR) 0 byte 2 days old -- $NtUninstallKB937894$
26/04/2008 00:03:21 (DIR) 0 byte 2 days old -- $NtUninstallKB938127$
26/04/2008 00:03:21 (DIR) 0 byte 2 days old -- $NtUninstallKB935840$
26/04/2008 00:03:21 (DIR) 0 byte 2 days old -- $NtUninstallKB936021$
26/04/2008 00:03:22 (DIR) 0 byte 2 days old -- $NtUninstallKB938828$
26/04/2008 00:03:22 (DIR) 0 byte 2 days old -- $NtUninstallKB941202$
26/04/2008 00:03:22 (DIR) 0 byte 2 days old -- $NtUninstallKB938829$
26/04/2008 00:03:22 (DIR) 0 byte 2 days old -- $NtUninstallKB941568$
26/04/2008 00:03:22 (DIR) 0 byte 2 days old -- $NtUninstallKB941644$
26/04/2008 00:03:22 (DIR) 0 byte 2 days old -- $NtUninstallKB941693$
26/04/2008 00:03:22 (DIR) 0 byte 2 days old -- $NtUninstallKB941569$
26/04/2008 00:03:23 (DIR) 0 byte 2 days old -- $NtUninstallKB943460$
26/04/2008 00:03:23 (DIR) 0 byte 2 days old -- $NtUninstallKB943485$
26/04/2008 00:03:23 (DIR) 0 byte 2 days old -- $NtUninstallKB943055$
26/04/2008 00:03:23 (DIR) 0 byte 2 days old -- $NtUninstallKB942840$
26/04/2008 00:03:23 (DIR) 0 byte 2 days old -- $NtUninstallKB944338$
26/04/2008 00:03:24 (DIR) 0 byte 2 days old -- $NtUninstallKB945553$
26/04/2008 00:03:24 (DIR) 0 byte 2 days old -- $NtUninstallKB944653$
26/04/2008 00:03:24 (DIR) 0 byte 2 days old -- $NtUninstallKB944533$
26/04/2008 00:03:25 (DIR) 0 byte 2 days old -- $NtUninstallKB946026$
26/04/2008 00:03:25 (DIR) 0 byte 2 days old -- $NtUninstallKB948881$
26/04/2008 00:03:25 (DIR) 0 byte 2 days old -- $NtUninstallKB947864$
26/04/2008 00:03:25 (DIR) 0 byte 2 days old -- $NtUninstallKB948590$
26/04/2008 01:34:22 691545 byte 2 days old -- unins000.exe
26/04/2008 01:39:14 2567 byte 2 days old -- unins000.dat
27/04/2008 15:27:29 (DIR) 0 byte 1 days old -- Tasks
27/04/2008 22:26:29 (DIR) 0 byte 1 days old -- system32
27/04/2008 22:53:25 (DIR) 0 byte 1 days old -- WinSxS
27/04/2008 22:53:26 (DIR) 0 byte 1 days old -- Installer
27/04/2008 22:53:59 (DIR) 0 byte 1 days old -- inf
28/04/2008 08:54:47 1029349 byte 0 days old -- setupapi.log
28/04/2008 08:55:19 32298 byte 0 days old -- SchedLgU.Txt
28/04/2008 08:55:19 836 byte 0 days old -- bthservsdp.dat
28/04/2008 08:56:22 2048 byte 0 days old -- bootstat.dat
28/04/2008 08:56:37 50 byte 0 days old -- wiaservc.log
28/04/2008 08:56:42 159 byte 0 days old -- wiadebug.log
28/04/2008 08:56:45 (DIR) 0 byte 0 days old -- Registration
28/04/2008 08:56:45 0 byte 0 days old -- 0.log
28/04/2008 12:53:18 2020884 byte 0 days old -- WindowsUpdate.log
28/04/2008 13:04:25 (DIR) 0 byte 0 days old -- Temp
28/04/2008 13:06:43 1409 byte 0 days old -- QTFont.for
28/04/2008 13:06:43 54156 byte 0 days old -- QTFont.qfn
28/04/2008 13:11:21 (DIR) 0 byte 0 days old -- Prefetch

----- recent files in C:\WINDOWS\Downloaded Program Files\

----- recent files in C:\WINDOWS\system\
28/04/2008 09:00:53 182 byte 0 days old -- hpsysdrv.DAT

----- recent files in C:\WINDOWS\system32\
20/03/2008 10:09:22 1845376 byte 39 days old -- win32k.sys
28/03/2008 19:59:58 (DIR) 0 byte 31 days old -- CatRoot
28/03/2008 20:03:12 1063 byte 31 days old -- $winnt$.inf
28/03/2008 20:05:59 (DIR) 0 byte 31 days old -- pcintro
28/03/2008 23:00:17 (DIR) 0 byte 31 days old -- NtmsData
28/03/2008 23:16:41 85 byte 31 days old -- LuResult.txt
29/03/2008 11:56:45 (DIR) 0 byte 30 days old -- SoftwareDistribution
29/03/2008 12:04:48 (DIR) 0 byte 30 days old -- PreInstall
29/03/2008 12:24:48 138354 byte 30 days old -- TZLog.log
29/03/2008 12:52:06 3121 byte 30 days old -- CONFIG.NT
29/03/2008 22:17:55 (DIR) 0 byte 30 days old -- Macromed
03/04/2008 09:18:15 (DIR) 0 byte 25 days old -- appmgmt
06/04/2008 07:56:20 19836024 byte 22 days old -- MRT.exe
06/04/2008 16:09:42 3287 byte 22 days old -- qtplugin.log
06/04/2008 16:12:02 (DIR) 0 byte 22 days old -- QuickTime
08/04/2008 14:00:27 53572 byte 20 days old -- perfc009.dat
08/04/2008 14:00:27 64724 byte 20 days old -- perfc00C.dat
08/04/2008 14:00:27 381828 byte 20 days old -- perfh009.dat
08/04/2008 14:00:27 956504 byte 20 days old -- PerfStringBackup.INI
08/04/2008 14:00:27 446984 byte 20 days old -- perfh00C.dat
08/04/2008 20:19:10 4150 byte 20 days old -- lvcoinst.log
10/04/2008 00:53:40 (DIR) 0 byte 18 days old -- dllcache
10/04/2008 08:26:11 289296 byte 18 days old -- FNTCACHE.DAT
11/04/2008 23:18:26 (DIR) 0 byte 17 days old -- FxsTmp
24/04/2008 19:56:50 58952 byte 4 days old -- MsgPlusLoader.dll
25/04/2008 23:43:39 1158 byte 3 days old -- wpa.dbl
28/04/2008 08:26:40 (DIR) 0 byte 0 days old -- CatRoot2
28/04/2008 08:54:48 (DIR) 0 byte 0 days old -- drivers
28/04/2008 08:54:49 (DIR) 0 byte 0 days old -- config
28/04/2008 08:56:40 43531 byte 0 days old -- nvapps.xml

----- recent files in C:\WINDOWS\system32\drivers\
28/03/2008 20:05:36 1817 byte 31 days old -- 103C_HP_CPC_RF767AA-ABF a1605.fr_YC_0Pavi_QCNH639_E64FRemMPA2_48_INODUSM3_SASUSTek Computer INC._V1.05_B3.07_T060802_WXP2_L40C_M959_J160_7AMD_8Athlon 64_92.2_#080328_N_Z_G10DE0241_OHL-DT-ST DVDRRW GSA-H20L_DHWP264C.MRK
28/04/2008 13:10:29 (DIR) 0 byte 0 days old -- etc

----- recent files in C:\WINDOWS\temp\
28/03/2008 20:00:04 (DIR) 0 byte 31 days old -- Temporary Internet Files
28/03/2008 20:00:04 (DIR) 0 byte 31 days old -- Historique
09/04/2008 18:49:31 16384 byte 19 days old -- Perflib_Perfdata_674.dat
26/04/2008 00:02:54 (DIR) 0 byte 2 days old -- Cookies
27/04/2008 15:19:41 16384 byte 1 days old -- Perflib_Perfdata_664.dat
28/04/2008 08:56:26 16384 byte 0 days old -- Perflib_Perfdata_660.dat
28/04/2008 13:03:19 (DIR) 0 byte 0 days old -- _avast4_

----- recent files in C:\Program Files\
28/03/2008 20:15:37 (DIR) 0 byte 31 days old -- Free
29/03/2008 12:22:40 (DIR) 0 byte 30 days old -- MSXML 4.0
29/03/2008 12:25:15 (DIR) 0 byte 30 days old -- Outlook Express
29/03/2008 12:32:45 (DIR) 0 byte 30 days old -- IncrediMail
29/03/2008 12:51:52 (DIR) 0 byte 30 days old -- Alwil Software
29/03/2008 19:10:11 (DIR) 0 byte 30 days old -- Intel Desktop Board
30/03/2008 01:42:02 (DIR) 0 byte 29 days old -- Windows Media Player
30/03/2008 20:42:23 (DIR) 0 byte 29 days old -- AxBx
31/03/2008 08:48:56 (DIR) 0 byte 28 days old -- MSN
03/04/2008 16:34:39 (DIR) 0 byte 25 days old -- Snapshot Viewer
03/04/2008 16:34:54 (DIR) 0 byte 25 days old -- Microsoft Office
03/04/2008 17:57:02 (DIR) 0 byte 25 days old -- microsoft frontpage
04/04/2008 20:47:27 (DIR) 0 byte 24 days old -- Messenger
06/04/2008 16:09:54 (DIR) 0 byte 22 days old -- QuickTime
06/04/2008 16:10:25 (DIR) 0 byte 22 days old -- PIXELA
06/04/2008 16:11:50 (DIR) 0 byte 22 days old -- OLYMPUS
06/04/2008 16:13:12 (DIR) 0 byte 22 days old -- InstallShield Installation Information
06/04/2008 16:35:57 (DIR) 0 byte 22 days old -- Google
06/04/2008 23:28:21 (DIR) 0 byte 22 days old -- Picasa2
08/04/2008 20:14:57 (DIR) 0 byte 20 days old -- Labtec
08/04/2008 20:15:29 (DIR) 0 byte 20 days old -- Fichiers communs
08/04/2008 20:16:22 (DIR) 0 byte 20 days old -- directx
09/04/2008 09:02:12 (DIR) 0 byte 19 days old -- Photo Story 3 for Windows
09/04/2008 19:08:57 (DIR) 0 byte 19 days old -- HP
09/04/2008 19:08:58 (DIR) 0 byte 19 days old -- Hewlett-Packard
09/04/2008 21:48:50 (DIR) 0 byte 19 days old -- JPEG Compression
10/04/2008 00:53:21 (DIR) 0 byte 18 days old -- Microsoft CAPICOM 2.1.0.2
10/04/2008 00:53:38 (DIR) 0 byte 18 days old -- Internet Explorer
23/04/2008 23:55:17 (DIR) 0 byte 5 days old -- LM Version-2.5-F
26/04/2008 11:49:56 (DIR) 0 byte 2 days old -- Windows Live Toolbar
27/04/2008 15:19:34 (DIR) 0 byte 1 days old -- Spybot - Search & Destroy
27/04/2008 15:26:13 (DIR) 0 byte 1 days old -- drawshow
27/04/2008 23:34:02 (DIR) 0 byte 1 days old -- eMule
28/04/2008 13:00:54 (DIR) 0 byte 0 days old -- Trend Micro

----- recent files in C:\Program Files\Fichiers communs\
29/03/2008 10:20:41 (DIR) 0 byte 30 days old -- Symantec Shared
30/03/2008 23:16:58 (DIR) 0 byte 29 days old -- Hewlett-Packard
03/04/2008 16:36:57 (DIR) 0 byte 25 days old -- Designer
03/04/2008 17:59:15 (DIR) 0 byte 25 days old -- System
08/04/2008 20:16:01 (DIR) 0 byte 20 days old -- Logitech
27/04/2008 22:53:25 (DIR) 0 byte 1 days old -- Microsoft Shared

----- recent files in C:\Documents and Settings\HP_Administrateur\Application Data\
28/03/2008 20:15:36 (DIR) 0 byte 31 days old -- Macromedia
28/03/2008 20:17:43 (DIR) 0 byte 31 days old -- AdobeUM
28/03/2008 22:56:22 (DIR) 0 byte 31 days old -- HPQ
29/03/2008 22:18:08 (DIR) 0 byte 30 days old -- Adobe
30/03/2008 23:00:22 (DIR) 0 byte 29 days old -- MSNInstaller
30/03/2008 23:21:27 (DIR) 0 byte 29 days old -- HP
01/04/2008 12:07:14 160 byte 27 days old -- wklnhst.dat
03/04/2008 16:33:52 (DIR) 0 byte 25 days old -- Microsoft Web Folders
06/04/2008 16:14:27 (DIR) 0 byte 22 days old -- OLYMPUS
08/04/2008 13:02:41 (DIR) 0 byte 20 days old -- Microsoft
27/04/2008 15:27:28 (DIR) 0 byte 1 days old -- drawshow

----- recent files in C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\
11/03/2008 16:15:30 2132 byte 48 days old -- index.html
28/03/2008 20:06:43 (DIR) 0 byte 31 days old -- pcd_scripts
29/03/2008 12:32:35 (DIR) 0 byte 30 days old -- IncrediMail
05/04/2008 14:17:54 (DIR) 0 byte 23 days old -- 46158828
06/04/2008 16:08:52 (DIR) 0 byte 22 days old -- _is40
06/04/2008 16:10:20 (DIR) 0 byte 22 days old -- bye49.tmp
06/04/2008 16:11:29 (DIR) 0 byte 22 days old -- {792630EF-4BF0-4AC3-998B-11FC905789D9}
06/04/2008 16:13:13 (DIR) 0 byte 22 days old -- {BA820A24-704B-428D-9904-71A10DAC1372}
06/04/2008 22:57:34 (DIR) 0 byte 22 days old -- Picasa2
09/04/2008 08:37:49 (DIR) 0 byte 19 days old -- VBE
09/04/2008 19:02:29 (DIR) 0 byte 19 days old -- _ISTMP2.DIR
09/04/2008 19:02:29 (DIR) 0 byte 19 days old -- _ISTMP1.DIR
24/04/2008 11:37:25 (DIR) 0 byte 4 days old -- msoclip1
24/04/2008 21:25:41 (DIR) 0 byte 4 days old -- _avast4_
26/04/2008 00:01:29 (DIR) 0 byte 2 days old -- ImInstaller
26/04/2008 00:01:30 (DIR) 0 byte 2 days old -- nsk9C.tmp
26/04/2008 00:01:30 (DIR) 0 byte 2 days old -- TempFolder.aaa
26/04/2008 00:01:31 (DIR) 0 byte 2 days old -- ~DEST
26/04/2008 00:07:41 (DIR) 0 byte 2 days old -- WLTB Custom Button Feeds
26/04/2008 01:36:07 50 byte 2 days old -- calog.txt
26/04/2008 02:07:49 46842 byte 2 days old -- 41fd_appcompat.txt
26/04/2008 11:50:55 24256 byte 2 days old -- Japanese.bin
26/04/2008 11:50:56 20101 byte 2 days old -- Korean.bin
26/04/2008 11:50:56 16913 byte 2 days old -- TradChin.bin
26/04/2008 11:50:56 22704 byte 2 days old -- Danish.bin
26/04/2008 11:50:56 25670 byte 2 days old -- Dutch.bin
26/04/2008 11:50:57 25684 byte 2 days old -- German.bin
26/04/2008 11:50:57 27330 byte 2 days old -- Italian.bin
26/04/2008 11:50:57 27178 byte 2 days old -- French.bin
26/04/2008 11:50:58 26062 byte 2 days old -- Russian.bin
26/04/2008 11:50:59 27689 byte 2 days old -- Spanish.bin
26/04/2008 11:50:59 24028 byte 2 days old -- SWEDISH.bin
26/04/2008 11:50:59 26187 byte 2 days old -- Portuguese.bin
26/04/2008 11:50:59 16374 byte 2 days old -- SimChin.bin
26/04/2008 11:50:59 21857 byte 2 days old -- English.bin
26/04/2008 11:51:00 20919 byte 2 days old -- Arabic.bin
26/04/2008 11:51:00 24147 byte 2 days old -- Polish.bin
26/04/2008 11:51:00 24999 byte 2 days old -- Portuguese(Brazil).bin
26/04/2008 11:51:00 21913 byte 2 days old -- Thai.bin
26/04/2008 11:51:00 24252 byte 2 days old -- Czech.bin
26/04/2008 11:51:00 19487 byte 2 days old -- Hebrew.bin
26/04/2008 11:51:00 26001 byte 2 days old -- Hungarian.bin
26/04/2008 11:51:00 22793 byte 2 days old -- Finnish.bin
26/04/2008 11:51:00 25003 byte 2 days old -- Greek.bin
26/04/2008 11:51:01 22194 byte 2 days old -- Turkish.bin
26/04/2008 11:51:01 21901 byte 2 days old -- Norwegian.bin
26/04/2008 11:51:09 1342 byte 2 days old -- MAR2.tmp
26/04/2008 11:51:09 1285 byte 2 days old -- MAR3.tmp
26/04/2008 11:51:11 47122 byte 2 days old -- DIO4.tmp
26/04/2008 11:51:47 47122 byte 2 days old -- DIO8.tmp
26/04/2008 16:20:55 47122 byte 2 days old -- DIO41.tmp
26/04/2008 17:23:56 70368 byte 2 days old -- CFO9BU0L.emf
27/04/2008 02:14:00 133 byte 1 days old -- STSB3.tmp
27/04/2008 02:15:18 450 byte 1 days old -- MSI881e5.LOG
27/04/2008 02:49:55 54012 byte 1 days old -- 3b43_appcompat.txt
27/04/2008 15:20:28 1285 byte 1 days old -- MAR5.tmp
27/04/2008 15:20:28 1342 byte 1 days old -- MAR4.tmp
27/04/2008 15:20:29 47122 byte 1 days old -- DIO6.tmp
27/04/2008 15:20:56 47122 byte 1 days old -- DIOA.tmp
27/04/2008 15:26:02 418816 byte 1 days old -- staD.exe
27/04/2008 20:34:34 133 byte 1 days old -- STSD4.tmp
27/04/2008 22:33:34 49152 byte 1 days old -- ~DF310D.tmp
27/04/2008 22:51:51 (DIR) 0 byte 1 days old -- is-OPJFE.tmp
27/04/2008 22:51:51 2154 byte 1 days old -- Setup Log 2008-04-27 #001.txt
27/04/2008 22:52:54 3593 byte 1 days old -- compatibility.log
27/04/2008 22:53:41 96 byte 1 days old -- rundll32.log
27/04/2008 22:53:58 915 byte 1 days old -- afw_setup.0
27/04/2008 22:56:15 68 byte 1 days old -- profiler.log
27/04/2008 22:56:15 4006 byte 1 days old -- op_config.log
27/04/2008 22:56:21 2526 byte 1 days old -- LavasoftFirewallInstall[1].log
27/04/2008 22:56:22 86852 byte 1 days old -- Setup Log 2008-04-27 #002.txt
27/04/2008 22:56:22 (DIR) 0 byte 1 days old -- is-ESD5U.tmp
27/04/2008 22:58:48 1285 byte 1 days old -- MAR7.tmp
27/04/2008 22:58:48 1342 byte 1 days old -- MAR6.tmp
27/04/2008 22:58:53 47122 byte 1 days old -- DIO9.tmp
27/04/2008 22:59:19 133 byte 1 days old -- STSC.tmp
27/04/2008 22:59:23 47122 byte 1 days old -- DIOD.tmp
28/04/2008 08:27:25 1285 byte 0 days old -- MAR9.tmp
28/04/2008 08:27:25 1342 byte 0 days old -- MAR8.tmp
28/04/2008 08:27:27 47122 byte 0 days old -- DIOB.tmp
28/04/2008 08:27:50 133 byte 0 days old -- STSF.tmp
28/04/2008 08:27:58 47122 byte 0 days old -- DIO10.tmp
28/04/2008 08:54:18 9377 byte 0 days old -- op_install.0
28/04/2008 08:54:37 6074 byte 0 days old -- _iu14D2N.log
28/04/2008 08:54:47 122 byte 0 days old -- afw_setup.log
28/04/2008 08:54:56 2848 byte 0 days old -- op_install.log
28/04/2008 08:56:49 1285 byte 0 days old -- MARB.tmp
28/04/2008 08:56:49 1342 byte 0 days old -- MARA.tmp
28/04/2008 08:57:19 47122 byte 0 days old -- DIOE.tmp
28/04/2008 08:57:40 47122 byte 0 days old -- DIO11.tmp
28/04/2008 09:06:42 49152 byte 0 days old -- ~DF8295.tmp
28/04/2008 09:06:53 917504 byte 0 days old -- MFPL7014.DLL
28/04/2008 09:10:22 (DIR) 0 byte 0 days old -- IM
28/04/2008 12:52:02 133 byte 0 days old -- STS43.tmp
28/04/2008 12:59:02 (DIR) 0 byte 0 days old -- nsu47.tmp
28/04/2008 12:59:02 16384 byte 0 days old -- ~DF6CF0.tmp
28/04/2008 13:06:44 310528 byte 0 days old -- hpodvd09.log
28/04/2008 13:10:56 16384 byte 0 days old -- ~DF7AAA.tmp
28/04/2008 13:10:56 (DIR) 0 byte 0 days old -- nst4D.tmp
28/04/2008 13:11:11 16384 byte 0 days old -- ~DF86CD.tmp
28/04/2008 13:11:11 68 byte 0 days old -- systemscan.ini
28/04/2008 13:11:11 (DIR) 0 byte 0 days old -- nsr4F.tmp

===================== REGISTRY SCAN =====================


-----HKLM\Software\Microsoft\Windows\CurrentVersion\Run-----

[Run]
"PCDrProfiler"=""

[Run\OptionalComponents]

[Run\OptionalComponents\IMAIL]
"Installed"="1"

[Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[Run\OptionalComponents\MSFS]
"Installed"="1"

-----HKCU\Software\Microsoft\Windows\CurrentVersion\Run-----

[Run]
"Support Meta"="C:\DOCUME~1\HP_ADM~1\APPLIC~1\drawshow\nurb army vga.exe"

-----HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run-----

[Run]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-----

-----HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-----

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows-----

[Windows]
"AppInit_DLLs"=""

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad-----

[ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
#### HKCR\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
#### HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
#### HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32 @=expand:"%SystemRoot%\system32\webcheck.dll"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
#### HKCR\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\InprocServer32 @="C:\WINDOWS\system32\stobject.dll"

-----HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks-----

[ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
#### HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InprocServer32 @="shell32.dll"

-----HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-----

[Winlogon]
"Shell"="Explorer.exe"
"System"=""
"Userinit"="C:\WINDOWS\system32\userinit.exe,"
"VmApplet"="rundll32 shell32,Control_RunDLL \"sysdm.cpl\""
"UIHost"=expand:"logonui.exe"
"LogonType"=dword:00000000
"WinStationsDisabled"="0"

[Winlogon\GPExtensions]

[Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}]
"@="Sans fil"
"DllName"=expand:"gptext.dll"

[Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}]
"@="Folder Redirection"
"DllName"=expand:"fdeploy.dll"

[Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
"@="Quota du disque Microsoft"
"DllName"=expand:"dskquota.dll"

[Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}]
"@="Planificateur de paquets QoS"
"DllName"=expand:"gptext.dll"

[Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}]
"@="Scripts"
"DllName"=expand:"gptext.dll"

[Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}]
"@="Mappage de zones Internet Explorer"
"DllName"=expand:"iedkcs32.dll"

[Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
"DllName"=expand:"scecli.dll"
"@="Security"

[Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
"DllName"=expand:"iedkcs32.dll"
"@="Personnalisation de Internet Explorer"

[Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}]
"DllName"=expand:"scecli.dll"
"@="EFS recovery"

[Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}]
"@="Microsoft Offline Files"
"DllName"=expand:"%SystemRoot%\System32\cscui.dll"

[Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}]
"@="Installation de logiciel"
"DllName"=expand:"appmgmts.dll"

[Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}]
"@="Sécurité IP"
"DllName"=expand:"gptext.dll"

[Winlogon\Notify]

[Winlogon\Notify\crypt32chain]
"DllName"=expand:"crypt32.dll"

[Winlogon\Notify\cryptnet]
"DllName"=expand:"cryptnet.dll"

[Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"

[Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"

[Winlogon\Notify\Schedule]
"DllName"=expand:"wlnotify.dll"

[Winlogon\Notify\sclgntfy]
"DllName"=expand:"sclgntfy.dll"

[Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"

[Winlogon\Notify\termsrv]
"DllName"=expand:"wlnotify.dll"

[Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"

[Winlogon\SpecialAccounts]

[Winlogon\SpecialAccounts\UserList]
"HelpAssistant"=dword:00000000
"TsInternetUser"=dword:00000000
"SQLAgentCmdExec"=dword:00000000
"NetShowServices"=dword:00000000
"IWAM_"=dword:00010000
"IUSR_"=dword:00010000
"VUSR_"=dword:00010000
"ASPNET"=dword:00000000

-----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-----

[Winlogon]
"ParseAutoexec"="1"
"ExcludeProfileDirs"="Local Settings;Temporary Internet Files;Historique;Temp"
"BuildNumber"=dword:00000a28

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options-----

[Image File Execution Options\Your Image File Name Here without a path]
"Debugger"="ntsd -d"

-----HKLM\System\CurrentControlSet\Control\Session Manager\-----

[Session Manager]
"BootExecute"=multi:"autocheck autochk *\00\00"

[Session Manager\SubSystems]
"Windows"=expand:"%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16"

-----HKLM\SYSTEM\CurrentControlSet\Control\WOW-----

[WOW]
"cmdline"=expand:"%SystemRoot%\system32\ntvdm.exe"
"wowcmdline"=expand:"%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386"

-----HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run-----

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce-----

[RunOnce]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx-----

[RunOnceEx]

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices-----

-----HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce-----

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce-----

[RunOnce]

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx-----

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices-----

-----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run-----

-----HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce-----

-----HKLM\Software\Microsoft\Command Processor\Autorun-----

-----HKCU\Software\Microsoft\Command Processor\Autorun-----

-----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load-----

-----HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup-----

-----HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon-----

-----HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon-----

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce-----

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run-----

-----HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms-----

-----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler-----

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
#### HKCR\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InprocServer32 @=expand:"%SystemRoot%\system32\browseui.dll"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
#### HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InprocServer32 @=expand:"%SystemRoot%\system32\browseui.dll"

-----HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects-----

[Browser Helper Objects]

-----HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks-----

[URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=""
#### HKCR\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 @=expand:"%SystemRoot%\system32\shdocvw.dll"

-----HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig-----

-----HKCU\Control Panel\Desktop\-----

[Desktop]
"SCRNSAVE.EXE"="C:\WINDOWS\system32\logon.scr"

[Desktop\WindowMetrics]

-----HKEY_CLASSES_ROOT\exefile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\comfile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\batfile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\piffile\shell\open\command-----

[command]
@="\"%1\" %*"

-----HKEY_CLASSES_ROOT\scrFile\shell\open\command-----

[command]
@="\"%1\" /S"

-----HKEY_CLASSES_ROOT\htafile\shell\open\command-----

[Command]
@="C:\WINDOWS\system32\mshta.exe \"%1\" %*"

-----HKEY_CLASSES_ROOT\logfile\shell\open\command-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL-----

[URL]

[URL\DefaultPrefix]
@="http://"

[URL\Prefixes]
"ftp"="ftp://"
"gopher"="gopher://"
"home"="http://"
"mosaic"="http://"
"www"="http://"

-----HKLM\SYSTEM\CurrentControlSet\Control\Lsa-----

[Lsa]

[Lsa\AccessProviders]

[Lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath"=expand:"%SystemRoot%\system32\ntmarta.dll"

[Lsa\Audit]

[Lsa\Audit\PerUserAuditing]

[Lsa\Audit\PerUserAuditing\System]

[Lsa\Data]

[Lsa\SSO]

[Lsa\SSO\Passport1.4]
"SSOURL"="http://www.passport.com"

[Lsa\SspiCache]

[Lsa\SspiCache\digest.dll]
"Name"="Digest"
"Comment"="Digest SSPI Authentication Package"

[Lsa\SspiCache\msapsspc.dll]
"Name"="DPA"
"Comment"="DPA Security Package"

[Lsa\SspiCache\msnsspc.dll]
"Name"="MSN"
"Comment"="MSN Security Package"

-----HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess-----

[SharedAccess]
"DependOnGroup"=multi:"\00"
"DependOnService"=multi:"Netman\00WinMgmt\00\00"
"Description"="Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique."
"DisplayName"="Pare-feu Windows / Partage de connexion Internet"
"ErrorControl"=dword:00000001
"ImagePath"=expand:"%SystemRoot%\system32\svchost.exe -k netsvcs"
"ObjectName"="LocalSystem"
"Start"=dword:00000002
"Type"=dword:00000020

[SharedAccess\Epoch]
"Epoch"=dword:000001ad

[SharedAccess\Parameters]
"ServiceDll"=expand:"%SystemRoot%\System32\ipnathlp.dll"

[SharedAccess\Parameters\FirewallPolicy]

[SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications]

[SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enaxxxxx@xxxxxres.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

[SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=dword:00000000
"DoNotAllowExceptions"=dword:00000000
"DisableNotifications"=dword:00000000

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enaxxxxx@xxxxxres.dll,-22019"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Alwil Software\Avast4\ashAvast.exe"="C:\Program Files\Alwil Software\Avast4\ashAvast.exe:*:Enabled:avast! Antivirus"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"C:\Program Files\Winsos\winsos.exe"="C:\Program Files\Winsos\winsos.exe:*:Enabled:Winsos"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL France"

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disaxxxxx@xxxxxres.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disaxxxxx@xxxxxres.dll,-22008"

[SharedAccess\Setup]
"ServiceUpgrade"=dword:00000001

[SharedAccess\Setup\InterfacesUnfirewalledAtUpdate]
"All"=dword:00000001

-----HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Firewall\-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Winsock2-----

-----HKLM\Software\Microsoft\Ole-----

[Ole]
"DefaultLaunchPermission"=hex:01,00,04,80,5c,00,00,00,6c,00,00,00,00,00,00,00,\
"MachineLaunchRestriction"=hex:01,00,04,80,48,00,00,00,58,00,00,00,00,00,00,00,\
"MachineAccessRestriction"=hex:01,00,04,80,44,00,00,00,54,00,00,00,00,00,00,00,\
"EnableDCOM"="Y"

[Ole\AppCompat]

[Ole\AppCompat\ActivationSecurityCheckExemptionList]
"{A50398B8-9075-4FBF-A7A1-456BF21937AD}"="1"
"{AD65A69D-3831-40D7-9629-9B0B50A93843}"="1"
"{0040D221-54A1-11D1-9DE0-006097042D69}"="1"
"{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}"="1"

[Ole\NONREDIST]
"System.EnterpriseServices.Thunk.dll"=""

-----HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\-----

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\-----

[Security Center]
"FirstRunDisabled"=dword:00000001
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[Security Center\Monitoring]

[Security Center\Monitoring\AhnlabAntiVirus]

[Security Center\Monitoring\ComputerAssociatesAntiVirus]

[Security Center\Monitoring\KasperskyAntiVirus]

[Security Center\Monitoring\McAfeeAntiVirus]

[Security Center\Monitoring\McAfeeFirewall]

[Security Center\Monitoring\PandaAntiVirus]

[Security Center\Monitoring\PandaFirewall]

[Security Center\Monitoring\SophosAntiVirus]

[Security Center\Monitoring\SymantecAntiVirus]

[Security Center\Monitoring\SymantecFirewall]

[Security Center\Monitoring\TinyFirewall]

[Security Center\Monitoring\TrendAntiVirus]

[Security Center\Monitoring\TrendFirewall]

[Security Center\Monitoring\ZoneLabsFirewall]

-----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\-----

[SystemRestore]
"DisableSR"=dword:00000000
"CreateFirstRunRp"=dword:00000001
"DSMin"=dword:000000c8
"DSMax"=dword:00000190
"RPSessionInterval"=dword:00000000
"RPGlobalInterval"=dword:00015180
"RPLifeInterval"=dword:0076a700
"CompressionBurst"=dword:0000003c
"TimerInterval&qu

2 réponses

Réponse 1 / 2
Utilisateur anonyme
28 avril 2008 à 13:30
Salu as tu des pages qui s'ouvre
0
Réponse 2 / 2
BloodyAngel Messages postés 1479 Date d'inscription mardi 21 juin 2005 Statut Contributeur Dernière intervention 21 juin 2018 401
28 avril 2008 à 13:30
Hello
quand tu anti-virus le détectes il ne te propose pas de le supprimer ou de le mettre en quarantaine ?
Si oui, fais-le ;-)
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
Virus Altruistic
Mael03250 -
MisteryBean -

11 réponses
Supprimer notifications myavids.com sous Android.
Guy72 -
Liline -

7 réponses