Sujet Précédent Sujet Suivant

Au secours ! suis attaquée par un trojan

Résolu/Fermé
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 - 22 juil. 2008 à 23:47
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 - 23 juil. 2008 à 19:25
Bonjour,

depuis quelques jours spy bot me lance des alertes concernant un "rootkit" (?????).
L'analyse d'avast ne repère aucun pb.
Spy bot en revanche détecte plusieurs fichiers dangereux dont wsnpoem, wsnpoem/audio.dll et wsnpoem/video.dll mais ne réussi pas à les suprimer.
j'ai installé et exécuté antivir et ccleaner mais rien à faire.

HELP !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Je suis nulle en info.
Quelqu'un pourrait-il m'aider à virer ce trojan de chez moi !
Merci
A voir également:

20 réponses

Réponse 1 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
22 juil. 2008 à 23:49
Salut,

- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

- Clique sur Install ensuite sur I Accept

- Clique sur Do a scan system and save log file

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
0
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 00:21
Merci à toi Destrio pour ta réponse rapide.
Voici le copier coller demandé


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:20:24, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\DOCUME~1\JULIET~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB743] command /c del "C:\WINDOWS\system32\wsnpoem\video.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5861] cmd /c del "C:\WINDOWS\system32\wsnpoem\video.dll"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6e075224848e4affb8f22ada6e23f934
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6e075224848e4affb8f22ada6e23f934
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 2 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 00:32
* Télécharge SDFix (par Andy Manchesta) et sauvegarde-le sur ton bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

* Double-clique sur SDFix.exe et choisis Install pour l'extraire dans son dossier sur le bureau.
* Redémarre le PC en mode sans échec :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
* Choisis ton compte.

Déroule la liste des instructions ci-dessous :
* Ouvre le dossier SDFix qui vient d'être créé sur le bureau et double-clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le nettoyage.
* Quand il te le demandera, appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long à redémarrer car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du bureau, l'outil aura terminé et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton bureau.
* Le rapport SDFix s'ouvrira et il sera enregistré dans le dossier SDFix sous le nom Report.txt.
* Enfin, copie/colle le rapport du fichier Report.txt.
0
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 01:04
Voici le report de SDFix


[b]SDFix: Version 1.207 [/b]
Run by Julie TALABARD on 23/07/2008 at 00:55

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\JULIET~1\Bureau\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 01:01:07
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\efd5be60-cf1a-4e97-850d-be2eade3c91e 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\8aeb7be7-92aa-47b1-b8c6-de50f3a53b88 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\799d924e-f8b2-4cb1-be9b-48432f11264b 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\3bd15431-342f-4377-b3aa-81c7b94ac69d 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\29b3c357-da1e-482f-960e-18a3bab1f317 32768 bytes
C:\WINDOWS\system32\ntos.exe 458752 bytes
C:\WINDOWS\system32\wsnpoem
C:\WINDOWS\system32\wsnpoem\audio.dll 32768 bytes
C:\WINDOWS\system32\wsnpoem\video.dll 0 bytes
C:\WINDOWS\unin040c.exe 327680 bytes
C:\WINDOWS\movexe.exe 32768 bytes
C:\WINDOWS\ST5UNST.EXE 98304 bytes
C:\WINDOWS\$NtUninstallKB935839$
C:\WINDOWS\$NtUninstallKB935839$\spuninst
C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB935840$
C:\WINDOWS\$NtUninstallKB935840$\spuninst
C:\WINDOWS\$NtUninstallKB935840$\schannel.dll 163840 bytes
C:\WINDOWS\setupapi.log.1.old 1048576 bytes
C:\WINDOWS\$NtUninstallKB929123$
C:\WINDOWS\$NtUninstallKB929123$\spuninst
C:\WINDOWS\$NtUninstallKB929123$\inetcomm.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB929123$\wab32.dll 524288 bytes
C:\WINDOWS\$NtUninstallKB929123$\directdb.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB929123$\wabimp.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB929123$\msoe.dll 1343488 bytes
C:\WINDOWS\$NtUninstallKB933566$
C:\WINDOWS\$NtUninstallKB933566$\spuninst
C:\WINDOWS\$NtUninstallKB933566$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB933566$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB933566$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB933566$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB933566$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB933566$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB933566$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB933566$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB933566$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB933566$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB933566$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB933566$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB933566$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB933566$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB933566$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB933566$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB933566$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB933566$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00022 98304 bytes
C:\WINDOWS\QTFont.qfn 65536 bytes
C:\WINDOWS\$NtUninstallKB936782_WMP11$
C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst
C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll 10846208 bytes
C:\WINDOWS\$NtUninstallKB937143$
C:\WINDOWS\$NtUninstallKB937143$\spuninst
C:\WINDOWS\$NtUninstallKB937143$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB937143$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB937143$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB937143$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB937143$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB937143$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB937143$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB937143$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB937143$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB937143$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB937143$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB937143$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB937143$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB937143$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB937143$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB937143$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB937143$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB937143$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB938127$
C:\WINDOWS\$NtUninstallKB938127$\spuninst
C:\WINDOWS\$NtUninstallKB938127$\vgx.dll 884736 bytes
C:\WINDOWS\$NtUninstallKB938829$
C:\WINDOWS\$NtUninstallKB938829$\spuninst
C:\WINDOWS\$NtUninstallKB938829$\gdi32.dll 294912 bytes
C:\WINDOWS\$NtUninstallKB921503$
C:\WINDOWS\$NtUninstallKB921503$\spuninst
C:\WINDOWS\$NtUninstallKB921503$\oleaut32.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB938828$
C:\WINDOWS\$NtUninstallKB938828$\spuninst
C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 1048576 bytes
C:\WINDOWS\explorer.exe 1048576 bytes
C:\WINDOWS\SHELLNEW
C:\WINDOWS\SHELLNEW\EXCEL9.XLS 32768 bytes
C:\WINDOWS\SHELLNEW\PWRPNT11.POT 32768 bytes
C:\WINDOWS\SHELLNEW\WINWORD8.DOC 32768 bytes
C:\WINDOWS\ODBC.INI 32768 bytes
C:\WINDOWS\$NtUninstallKB936021$
C:\WINDOWS\$NtUninstallKB936021$\spuninst
C:\WINDOWS\$NtUninstallKB936021$\msxml3.dll 1114112 bytes
C:\WINDOWS\QTFont.for 32768 bytes
C:\WINDOWS\$NtUninstallKB933360$
C:\WINDOWS\$NtUninstallKB933360$\spuninst
C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe 65536 bytes
C:\WINDOWS\$NtUninstallKB939683$
C:\WINDOWS\$NtUninstallKB939683$\spuninst
C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe 327680 bytes
C:\WINDOWS\$NtUninstallKB941202$
C:\WINDOWS\$NtUninstallKB941202$\spuninst
C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB939653$
C:\WINDOWS\$NtUninstallKB939653$\spuninst
C:\WINDOWS\$NtUninstallKB939653$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB939653$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB939653$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB939653$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB939653$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB939653$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB933729$
C:\WINDOWS\$NtUninstallKB933729$\spuninst
C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll 589824 bytes
C:\WINDOWS\$NtUninstallKB933729$\reg00001 65536 bytes
C:\WINDOWS\$NtUninstallKB943460$
C:\WINDOWS\$NtUninstallKB943460$\spuninst
C:\WINDOWS\$NtUninstallKB943460$\shell32.dll 8519680 bytes
C:\WINDOWS\$NtUninstallKB943460$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB944653$
C:\WINDOWS\$NtUninstallKB944653$\spuninst
C:\WINDOWS\$NtUninstallKB944653$\secdrv.sys 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$
C:\WINDOWS\$NtUninstallKB942615$\spuninst
C:\WINDOWS\$NtUninstallKB942615$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB942615$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB942615$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB942615$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB942615$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB942615$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB942615$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB942615$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB942615$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB942615$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB942615$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB942615$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB942615$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB942615$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB942615$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB942615$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB942615$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB941568$
C:\WINDOWS\$NtUninstallKB941568$\spuninst
C:\WINDOWS\$NtUninstallKB941568$\quartz.dll 1310720 bytes
C:\WINDOWS\$NtUninstallKB941569$
C:\WINDOWS\$NtUninstallKB941569$\spuninst
C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB942763$
C:\WINDOWS\$NtUninstallKB942763$\spuninst
C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe 65536 bytes
C:\WINDOWS\$NtUninstallKB942840$
C:\WINDOWS\$NtUninstallKB942840$\spuninst
C:\WINDOWS\$NtUninstallKB942840$\jscript.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB946627$
C:\WINDOWS\$NtUninstallKB946627$\spuninst
C:\WINDOWS\$NtUninstallKB943485$
C:\WINDOWS\$NtUninstallKB943485$\spuninst
C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll 753664 bytes
C:\WINDOWS\$NtUninstallKB941644$
C:\WINDOWS\$NtUninstallKB941644$\spuninst
C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys 360448 bytes
C:\WINDOWS\INTER.INI 32768 bytes
C:\WINDOWS\brainbox.ini 32768 bytes
C:\WINDOWS\$NtUninstallKB943055$
C:\WINDOWS\$NtUninstallKB943055$\spuninst
C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB944533$
C:\WINDOWS\$NtUninstallKB944533$\spuninst
C:\WINDOWS\$NtUninstallKB944533$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB944533$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB944533$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB944533$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB944533$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB944533$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB944533$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944533$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB944533$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB944533$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB944533$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB944533$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB944533$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB944533$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB944533$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944533$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB944533$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB944533$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB946026$
C:\WINDOWS\$NtUninstallKB946026$\spuninst
C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys 196608 bytes
C:\WINDOWS\pss
C:\WINDOWS\pss\system.ini.backup 32768 bytes
C:\WINDOWS\pss\win.ini.backup 32768 bytes
C:\WINDOWS\pss\boot.ini.backup 32768 bytes
C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup 32768 bytes
C:\WINDOWS\$NtUninstallKB945553$
C:\WINDOWS\$NtUninstallKB945553$\spuninst
C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944338$
C:\WINDOWS\$NtUninstallKB944338$\spuninst
C:\WINDOWS\$NtUninstallKB944338$\vbscript.dll 425984 bytes
C:\WINDOWS\$NtUninstallKB944338$\jscript.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB948590$
C:\WINDOWS\$NtUninstallKB948590$\spuninst
C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll 294912 bytes
C:\WINDOWS\$NtUninstallKB941693$
C:\WINDOWS\$NtUninstallKB941693$\spuninst
C:\WINDOWS\$NtUninstallKB941693$\win32k.sys 1867776 bytes
C:\WINDOWS\$NtUninstallKB947864$
C:\WINDOWS\$NtUninstallKB947864$\spuninst
C:\WINDOWS\$NtUninstallKB947864$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB947864$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB947864$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB947864$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB947864$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB947864$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB947864$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB947864$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB947864$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB947864$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB947864$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB947864$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB947864$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB947864$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB947864$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB947864$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB947864$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\xpsp3res.dll 393216 bytes
C:\WINDOWS\$NtUninstallKB947864$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB948881$
C:\WINDOWS\$NtUninstallKB948881$\spuninst
C:\WINDOWS\$NtUninstallKB948881$\reg00001 98304 bytes
C:\WINDOWS\$NtUninstallKB950749$
C:\WINDOWS\$NtUninstallKB950749$\spuninst
C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll 851968 bytes
C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll 327680 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll 425984 bytes
C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll 196608 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll 1540096 bytes
C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll 327680 bytes
C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll 524288 bytes
C:\WINDOWS\$NtUninstallKB950749$\dao360.dll 589824 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll 360448 bytes
C:\WINDOWS\unvise32qt.exe 98304 bytes
C:\WINDOWS\Sun
C:\WINDOWS\Sun\Java
C:\WINDOWS\$NtUninstallKB951376$
C:\WINDOWS\$NtUninstallKB951376$\spuninst
C:\WINDOWS\$NtUninstallKB950760$
C:\WINDOWS\$NtUninstallKB950760$\spuninst
C:\WINDOWS\$NtUninstallKB950760$\reg00001 262144 bytes
C:\WINDOWS\$NtUninstallKB950759$
C:\WINDOWS\$NtUninstallKB950759$\spuninst
C:\WINDOWS\$NtUninstallKB950759$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB950759$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB950759$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB950759$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB950759$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950759$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB950759$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB950759$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB950759$\mshtml.dll 3112960 bytes
C:\WINDOWS\$NtUninstallKB950759$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB950759$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950759$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB950759$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950759$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB950759$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB950759$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB950759$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\xpsp3res.dll 393216 bytes
C:\WINDOWS\$NtUninstallKB950759$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00022 262144 bytes
C:\WINDOWS\$NtUninstallKB950762$
C:\WINDOWS\$NtUninstallKB950762$\spuninst
C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys 229376 bytes
C:\WINDOWS\$NtUninstallKB951698$
C:\WINDOWS\$NtUninstallKB951698$\spuninst
C:\WINDOWS\$NtUninstallKB951698$\quartz.dll 1310720 bytes
C:\WINDOWS\$NtUninstallKB951376-v2$
C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst
C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys 294912 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 466


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"="C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Messenger\\MSMSGS.EXE"="C:\\Program Files\\Messenger\\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Disabled:Veoh Client"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Disabled:Shareaza Ultimate File Sharing"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 10 Jan 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1993.tmp"
Sat 1 Mar 2008 34,304 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL3296.tmp"
Sat 1 Mar 2008 31,232 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1909.tmp"
Sat 1 Mar 2008 29,184 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1752.tmp"
Sat 1 Mar 2008 29,184 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1026.tmp"
Sat 1 Mar 2008 41,472 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL3752.tmp"
Sat 1 Mar 2008 46,080 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0639.tmp"
Sat 1 Mar 2008 45,056 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1054.tmp"
Sat 1 Mar 2008 44,544 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0524.tmp"
Sat 1 Mar 2008 53,760 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1114.tmp"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0602.tmp"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1769.tmp"
Sat 1 Mar 2008 53,760 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1928.tmp"
Sat 1 Mar 2008 44,544 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0870.tmp"
Wed 11 Jun 2008 2,254 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti347.tmp"
Fri 9 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT526.tmp"
Sat 9 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 7 Nov 2006 135,680 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Vrac\~WRL0002.tmp"
Wed 21 Feb 2007 3,483,648 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1841.tmp"
Tue 20 Feb 2007 15,903,744 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2989.tmp"
Wed 21 Feb 2007 3,494,400 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2398.tmp"
Wed 21 Feb 2007 3,518,464 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2449.tmp"
Wed 21 Feb 2007 3,517,440 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1093.tmp"
Wed 21 Feb 2007 3,517,440 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2841.tmp"
Wed 21 Feb 2007 3,525,120 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3768.tmp"
Wed 21 Feb 2007 3,529,216 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3223.tmp"
Wed 21 Feb 2007 3,530,240 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1202.tmp"
Wed 21 Feb 2007 3,533,312 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3124.tmp"
Wed 21 Feb 2007 3,533,312 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1112.tmp"
Wed 21 Feb 2007 3,532,800 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3480.tmp"
Wed 21 Feb 2007 3,538,944 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3389.tmp"
Sun 21 Jan 2007 206,848 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0090.tmp"
Wed 21 Feb 2007 3,482,624 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0283.tmp"
Wed 21 Feb 2007 3,483,136 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0688.tmp"
Mon 23 Apr 2007 31,244,288 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\~WRL3490.tmp"
Thu 19 Apr 2007 8,297,472 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\La s‚quence\~WRL0004.tmp"
Sun 6 Jan 2008 53,248 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL1856.tmp"
Sat 1 Mar 2008 58,368 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL2476.tmp"
Sat 1 Mar 2008 64,512 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL3446.tmp"
Sat 1 Mar 2008 67,072 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL1441.tmp"
Wed 26 Sep 2007 46,080 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Cahier journal\~WRL2371.tmp"
Wed 16 May 2007 40,960 A..H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\VRAC\CYCLE3Pauline\Geographie\~WRL0001.tmp"
Fri 13 Apr 2007 57,386,496 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1832.tmp"
Sun 22 Apr 2007 138,752 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1782.tmp"
Sun 22 Apr 2007 149,230,592 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL2777.tmp"
Mon 23 Apr 2007 151,200,256 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1943.tmp"

[b]Finished![/b]
0
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 01:04
Voici le report de SDFix


[b]SDFix: Version 1.207 [/b]
Run by Julie TALABARD on 23/07/2008 at 00:55

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\JULIET~1\Bureau\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 01:01:07
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\efd5be60-cf1a-4e97-850d-be2eade3c91e 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\8aeb7be7-92aa-47b1-b8c6-de50f3a53b88 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\799d924e-f8b2-4cb1-be9b-48432f11264b 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\3bd15431-342f-4377-b3aa-81c7b94ac69d 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\29b3c357-da1e-482f-960e-18a3bab1f317 32768 bytes
C:\WINDOWS\system32\ntos.exe 458752 bytes
C:\WINDOWS\system32\wsnpoem
C:\WINDOWS\system32\wsnpoem\audio.dll 32768 bytes
C:\WINDOWS\system32\wsnpoem\video.dll 0 bytes
C:\WINDOWS\unin040c.exe 327680 bytes
C:\WINDOWS\movexe.exe 32768 bytes
C:\WINDOWS\ST5UNST.EXE 98304 bytes
C:\WINDOWS\$NtUninstallKB935839$
C:\WINDOWS\$NtUninstallKB935839$\spuninst
C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB935840$
C:\WINDOWS\$NtUninstallKB935840$\spuninst
C:\WINDOWS\$NtUninstallKB935840$\schannel.dll 163840 bytes
C:\WINDOWS\setupapi.log.1.old 1048576 bytes
C:\WINDOWS\$NtUninstallKB929123$
C:\WINDOWS\$NtUninstallKB929123$\spuninst
C:\WINDOWS\$NtUninstallKB929123$\inetcomm.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB929123$\wab32.dll 524288 bytes
C:\WINDOWS\$NtUninstallKB929123$\directdb.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB929123$\wabimp.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB929123$\msoe.dll 1343488 bytes
C:\WINDOWS\$NtUninstallKB933566$
C:\WINDOWS\$NtUninstallKB933566$\spuninst
C:\WINDOWS\$NtUninstallKB933566$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB933566$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB933566$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB933566$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB933566$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB933566$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB933566$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB933566$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB933566$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB933566$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB933566$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB933566$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB933566$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB933566$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB933566$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB933566$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB933566$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB933566$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00022 98304 bytes
C:\WINDOWS\QTFont.qfn 65536 bytes
C:\WINDOWS\$NtUninstallKB936782_WMP11$
C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst
C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll 10846208 bytes
C:\WINDOWS\$NtUninstallKB937143$
C:\WINDOWS\$NtUninstallKB937143$\spuninst
C:\WINDOWS\$NtUninstallKB937143$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB937143$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB937143$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB937143$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB937143$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB937143$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB937143$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB937143$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB937143$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB937143$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB937143$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB937143$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB937143$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB937143$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB937143$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB937143$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB937143$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB937143$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB938127$
C:\WINDOWS\$NtUninstallKB938127$\spuninst
C:\WINDOWS\$NtUninstallKB938127$\vgx.dll 884736 bytes
C:\WINDOWS\$NtUninstallKB938829$
C:\WINDOWS\$NtUninstallKB938829$\spuninst
C:\WINDOWS\$NtUninstallKB938829$\gdi32.dll 294912 bytes
C:\WINDOWS\$NtUninstallKB921503$
C:\WINDOWS\$NtUninstallKB921503$\spuninst
C:\WINDOWS\$NtUninstallKB921503$\oleaut32.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB938828$
C:\WINDOWS\$NtUninstallKB938828$\spuninst
C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 1048576 bytes
C:\WINDOWS\explorer.exe 1048576 bytes
C:\WINDOWS\SHELLNEW
C:\WINDOWS\SHELLNEW\EXCEL9.XLS 32768 bytes
C:\WINDOWS\SHELLNEW\PWRPNT11.POT 32768 bytes
C:\WINDOWS\SHELLNEW\WINWORD8.DOC 32768 bytes
C:\WINDOWS\ODBC.INI 32768 bytes
C:\WINDOWS\$NtUninstallKB936021$
C:\WINDOWS\$NtUninstallKB936021$\spuninst
C:\WINDOWS\$NtUninstallKB936021$\msxml3.dll 1114112 bytes
C:\WINDOWS\QTFont.for 32768 bytes
C:\WINDOWS\$NtUninstallKB933360$
C:\WINDOWS\$NtUninstallKB933360$\spuninst
C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe 65536 bytes
C:\WINDOWS\$NtUninstallKB939683$
C:\WINDOWS\$NtUninstallKB939683$\spuninst
C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe 327680 bytes
C:\WINDOWS\$NtUninstallKB941202$
C:\WINDOWS\$NtUninstallKB941202$\spuninst
C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB939653$
C:\WINDOWS\$NtUninstallKB939653$\spuninst
C:\WINDOWS\$NtUninstallKB939653$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB939653$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB939653$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB939653$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB939653$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB939653$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB933729$
C:\WINDOWS\$NtUninstallKB933729$\spuninst
C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll 589824 bytes
C:\WINDOWS\$NtUninstallKB933729$\reg00001 65536 bytes
C:\WINDOWS\$NtUninstallKB943460$
C:\WINDOWS\$NtUninstallKB943460$\spuninst
C:\WINDOWS\$NtUninstallKB943460$\shell32.dll 8519680 bytes
C:\WINDOWS\$NtUninstallKB943460$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB944653$
C:\WINDOWS\$NtUninstallKB944653$\spuninst
C:\WINDOWS\$NtUninstallKB944653$\secdrv.sys 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$
C:\WINDOWS\$NtUninstallKB942615$\spuninst
C:\WINDOWS\$NtUninstallKB942615$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB942615$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB942615$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB942615$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB942615$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB942615$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB942615$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB942615$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB942615$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB942615$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB942615$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB942615$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB942615$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB942615$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB942615$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB942615$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB942615$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB941568$
C:\WINDOWS\$NtUninstallKB941568$\spuninst
C:\WINDOWS\$NtUninstallKB941568$\quartz.dll 1310720 bytes
C:\WINDOWS\$NtUninstallKB941569$
C:\WINDOWS\$NtUninstallKB941569$\spuninst
C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB942763$
C:\WINDOWS\$NtUninstallKB942763$\spuninst
C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe 65536 bytes
C:\WINDOWS\$NtUninstallKB942840$
C:\WINDOWS\$NtUninstallKB942840$\spuninst
C:\WINDOWS\$NtUninstallKB942840$\jscript.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB946627$
C:\WINDOWS\$NtUninstallKB946627$\spuninst
C:\WINDOWS\$NtUninstallKB943485$
C:\WINDOWS\$NtUninstallKB943485$\spuninst
C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll 753664 bytes
C:\WINDOWS\$NtUninstallKB941644$
C:\WINDOWS\$NtUninstallKB941644$\spuninst
C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys 360448 bytes
C:\WINDOWS\INTER.INI 32768 bytes
C:\WINDOWS\brainbox.ini 32768 bytes
C:\WINDOWS\$NtUninstallKB943055$
C:\WINDOWS\$NtUninstallKB943055$\spuninst
C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB944533$
C:\WINDOWS\$NtUninstallKB944533$\spuninst
C:\WINDOWS\$NtUninstallKB944533$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB944533$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB944533$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB944533$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB944533$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB944533$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB944533$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944533$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB944533$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB944533$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB944533$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB944533$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB944533$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB944533$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB944533$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944533$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB944533$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB944533$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB946026$
C:\WINDOWS\$NtUninstallKB946026$\spuninst
C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys 196608 bytes
C:\WINDOWS\pss
C:\WINDOWS\pss\system.ini.backup 32768 bytes
C:\WINDOWS\pss\win.ini.backup 32768 bytes
C:\WINDOWS\pss\boot.ini.backup 32768 bytes
C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup 32768 bytes
C:\WINDOWS\$NtUninstallKB945553$
C:\WINDOWS\$NtUninstallKB945553$\spuninst
C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944338$
C:\WINDOWS\$NtUninstallKB944338$\spuninst
C:\WINDOWS\$NtUninstallKB944338$\vbscript.dll 425984 bytes
C:\WINDOWS\$NtUninstallKB944338$\jscript.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB948590$
C:\WINDOWS\$NtUninstallKB948590$\spuninst
C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll 294912 bytes
C:\WINDOWS\$NtUninstallKB941693$
C:\WINDOWS\$NtUninstallKB941693$\spuninst
C:\WINDOWS\$NtUninstallKB941693$\win32k.sys 1867776 bytes
C:\WINDOWS\$NtUninstallKB947864$
C:\WINDOWS\$NtUninstallKB947864$\spuninst
C:\WINDOWS\$NtUninstallKB947864$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB947864$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB947864$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB947864$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB947864$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB947864$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB947864$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB947864$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB947864$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB947864$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB947864$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB947864$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB947864$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB947864$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB947864$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB947864$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB947864$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\xpsp3res.dll 393216 bytes
C:\WINDOWS\$NtUninstallKB947864$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB948881$
C:\WINDOWS\$NtUninstallKB948881$\spuninst
C:\WINDOWS\$NtUninstallKB948881$\reg00001 98304 bytes
C:\WINDOWS\$NtUninstallKB950749$
C:\WINDOWS\$NtUninstallKB950749$\spuninst
C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll 851968 bytes
C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll 327680 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll 425984 bytes
C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll 196608 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll 1540096 bytes
C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll 327680 bytes
C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll 524288 bytes
C:\WINDOWS\$NtUninstallKB950749$\dao360.dll 589824 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll 360448 bytes
C:\WINDOWS\unvise32qt.exe 98304 bytes
C:\WINDOWS\Sun
C:\WINDOWS\Sun\Java
C:\WINDOWS\$NtUninstallKB951376$
C:\WINDOWS\$NtUninstallKB951376$\spuninst
C:\WINDOWS\$NtUninstallKB950760$
C:\WINDOWS\$NtUninstallKB950760$\spuninst
C:\WINDOWS\$NtUninstallKB950760$\reg00001 262144 bytes
C:\WINDOWS\$NtUninstallKB950759$
C:\WINDOWS\$NtUninstallKB950759$\spuninst
C:\WINDOWS\$NtUninstallKB950759$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB950759$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB950759$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB950759$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB950759$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950759$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB950759$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB950759$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB950759$\mshtml.dll 3112960 bytes
C:\WINDOWS\$NtUninstallKB950759$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB950759$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950759$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB950759$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950759$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB950759$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB950759$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB950759$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\xpsp3res.dll 393216 bytes
C:\WINDOWS\$NtUninstallKB950759$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00022 262144 bytes
C:\WINDOWS\$NtUninstallKB950762$
C:\WINDOWS\$NtUninstallKB950762$\spuninst
C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys 229376 bytes
C:\WINDOWS\$NtUninstallKB951698$
C:\WINDOWS\$NtUninstallKB951698$\spuninst
C:\WINDOWS\$NtUninstallKB951698$\quartz.dll 1310720 bytes
C:\WINDOWS\$NtUninstallKB951376-v2$
C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst
C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys 294912 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 466


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"="C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Messenger\\MSMSGS.EXE"="C:\\Program Files\\Messenger\\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Disabled:Veoh Client"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Disabled:Shareaza Ultimate File Sharing"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 10 Jan 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1993.tmp"
Sat 1 Mar 2008 34,304 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL3296.tmp"
Sat 1 Mar 2008 31,232 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1909.tmp"
Sat 1 Mar 2008 29,184 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1752.tmp"
Sat 1 Mar 2008 29,184 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1026.tmp"
Sat 1 Mar 2008 41,472 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL3752.tmp"
Sat 1 Mar 2008 46,080 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0639.tmp"
Sat 1 Mar 2008 45,056 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1054.tmp"
Sat 1 Mar 2008 44,544 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0524.tmp"
Sat 1 Mar 2008 53,760 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1114.tmp"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0602.tmp"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1769.tmp"
Sat 1 Mar 2008 53,760 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1928.tmp"
Sat 1 Mar 2008 44,544 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0870.tmp"
Wed 11 Jun 2008 2,254 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti347.tmp"
Fri 9 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT526.tmp"
Sat 9 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 7 Nov 2006 135,680 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Vrac\~WRL0002.tmp"
Wed 21 Feb 2007 3,483,648 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1841.tmp"
Tue 20 Feb 2007 15,903,744 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2989.tmp"
Wed 21 Feb 2007 3,494,400 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2398.tmp"
Wed 21 Feb 2007 3,518,464 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2449.tmp"
Wed 21 Feb 2007 3,517,440 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1093.tmp"
Wed 21 Feb 2007 3,517,440 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2841.tmp"
Wed 21 Feb 2007 3,525,120 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3768.tmp"
Wed 21 Feb 2007 3,529,216 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3223.tmp"
Wed 21 Feb 2007 3,530,240 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1202.tmp"
Wed 21 Feb 2007 3,533,312 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3124.tmp"
Wed 21 Feb 2007 3,533,312 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1112.tmp"
Wed 21 Feb 2007 3,532,800 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3480.tmp"
Wed 21 Feb 2007 3,538,944 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3389.tmp"
Sun 21 Jan 2007 206,848 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0090.tmp"
Wed 21 Feb 2007 3,482,624 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0283.tmp"
Wed 21 Feb 2007 3,483,136 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0688.tmp"
Mon 23 Apr 2007 31,244,288 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\~WRL3490.tmp"
Thu 19 Apr 2007 8,297,472 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\La s‚quence\~WRL0004.tmp"
Sun 6 Jan 2008 53,248 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL1856.tmp"
Sat 1 Mar 2008 58,368 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL2476.tmp"
Sat 1 Mar 2008 64,512 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL3446.tmp"
Sat 1 Mar 2008 67,072 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL1441.tmp"
Wed 26 Sep 2007 46,080 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Cahier journal\~WRL2371.tmp"
Wed 16 May 2007 40,960 A..H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\VRAC\CYCLE3Pauline\Geographie\~WRL0001.tmp"
Fri 13 Apr 2007 57,386,496 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1832.tmp"
Sun 22 Apr 2007 138,752 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1782.tmp"
Sun 22 Apr 2007 149,230,592 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL2777.tmp"
Mon 23 Apr 2007 151,200,256 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1943.tmp"

[b]Finished![/b]
0
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 01:04
Voici le report de SDFix


[b]SDFix: Version 1.207 [/b]
Run by Julie TALABARD on 23/07/2008 at 00:55

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\JULIET~1\Bureau\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 01:01:07
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\efd5be60-cf1a-4e97-850d-be2eade3c91e 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\8aeb7be7-92aa-47b1-b8c6-de50f3a53b88 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\799d924e-f8b2-4cb1-be9b-48432f11264b 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\3bd15431-342f-4377-b3aa-81c7b94ac69d 32768 bytes
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\29b3c357-da1e-482f-960e-18a3bab1f317 32768 bytes
C:\WINDOWS\system32\ntos.exe 458752 bytes
C:\WINDOWS\system32\wsnpoem
C:\WINDOWS\system32\wsnpoem\audio.dll 32768 bytes
C:\WINDOWS\system32\wsnpoem\video.dll 0 bytes
C:\WINDOWS\unin040c.exe 327680 bytes
C:\WINDOWS\movexe.exe 32768 bytes
C:\WINDOWS\ST5UNST.EXE 98304 bytes
C:\WINDOWS\$NtUninstallKB935839$
C:\WINDOWS\$NtUninstallKB935839$\spuninst
C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB935840$
C:\WINDOWS\$NtUninstallKB935840$\spuninst
C:\WINDOWS\$NtUninstallKB935840$\schannel.dll 163840 bytes
C:\WINDOWS\setupapi.log.1.old 1048576 bytes
C:\WINDOWS\$NtUninstallKB929123$
C:\WINDOWS\$NtUninstallKB929123$\spuninst
C:\WINDOWS\$NtUninstallKB929123$\inetcomm.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB929123$\wab32.dll 524288 bytes
C:\WINDOWS\$NtUninstallKB929123$\directdb.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB929123$\wabimp.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB929123$\msoe.dll 1343488 bytes
C:\WINDOWS\$NtUninstallKB933566$
C:\WINDOWS\$NtUninstallKB933566$\spuninst
C:\WINDOWS\$NtUninstallKB933566$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB933566$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB933566$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB933566$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB933566$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB933566$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB933566$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB933566$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB933566$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB933566$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB933566$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB933566$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB933566$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB933566$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB933566$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB933566$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB933566$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB933566$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB933566$\reg00022 98304 bytes
C:\WINDOWS\QTFont.qfn 65536 bytes
C:\WINDOWS\$NtUninstallKB936782_WMP11$
C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst
C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll 10846208 bytes
C:\WINDOWS\$NtUninstallKB937143$
C:\WINDOWS\$NtUninstallKB937143$\spuninst
C:\WINDOWS\$NtUninstallKB937143$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB937143$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB937143$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB937143$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB937143$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB937143$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB937143$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB937143$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB937143$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB937143$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB937143$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB937143$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB937143$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB937143$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB937143$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB937143$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB937143$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB937143$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB937143$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB938127$
C:\WINDOWS\$NtUninstallKB938127$\spuninst
C:\WINDOWS\$NtUninstallKB938127$\vgx.dll 884736 bytes
C:\WINDOWS\$NtUninstallKB938829$
C:\WINDOWS\$NtUninstallKB938829$\spuninst
C:\WINDOWS\$NtUninstallKB938829$\gdi32.dll 294912 bytes
C:\WINDOWS\$NtUninstallKB921503$
C:\WINDOWS\$NtUninstallKB921503$\spuninst
C:\WINDOWS\$NtUninstallKB921503$\oleaut32.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB938828$
C:\WINDOWS\$NtUninstallKB938828$\spuninst
C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 1048576 bytes
C:\WINDOWS\explorer.exe 1048576 bytes
C:\WINDOWS\SHELLNEW
C:\WINDOWS\SHELLNEW\EXCEL9.XLS 32768 bytes
C:\WINDOWS\SHELLNEW\PWRPNT11.POT 32768 bytes
C:\WINDOWS\SHELLNEW\WINWORD8.DOC 32768 bytes
C:\WINDOWS\ODBC.INI 32768 bytes
C:\WINDOWS\$NtUninstallKB936021$
C:\WINDOWS\$NtUninstallKB936021$\spuninst
C:\WINDOWS\$NtUninstallKB936021$\msxml3.dll 1114112 bytes
C:\WINDOWS\QTFont.for 32768 bytes
C:\WINDOWS\$NtUninstallKB933360$
C:\WINDOWS\$NtUninstallKB933360$\spuninst
C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe 65536 bytes
C:\WINDOWS\$NtUninstallKB939683$
C:\WINDOWS\$NtUninstallKB939683$\spuninst
C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe 327680 bytes
C:\WINDOWS\$NtUninstallKB941202$
C:\WINDOWS\$NtUninstallKB941202$\spuninst
C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB939653$
C:\WINDOWS\$NtUninstallKB939653$\spuninst
C:\WINDOWS\$NtUninstallKB939653$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB939653$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB939653$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB939653$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB939653$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB939653$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB939653$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB933729$
C:\WINDOWS\$NtUninstallKB933729$\spuninst
C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll 589824 bytes
C:\WINDOWS\$NtUninstallKB933729$\reg00001 65536 bytes
C:\WINDOWS\$NtUninstallKB943460$
C:\WINDOWS\$NtUninstallKB943460$\spuninst
C:\WINDOWS\$NtUninstallKB943460$\shell32.dll 8519680 bytes
C:\WINDOWS\$NtUninstallKB943460$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB944653$
C:\WINDOWS\$NtUninstallKB944653$\spuninst
C:\WINDOWS\$NtUninstallKB944653$\secdrv.sys 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$
C:\WINDOWS\$NtUninstallKB942615$\spuninst
C:\WINDOWS\$NtUninstallKB942615$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB942615$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB942615$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB942615$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB942615$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB942615$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB942615$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB942615$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB942615$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB942615$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB942615$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB942615$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB942615$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB942615$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB942615$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB942615$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB942615$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB942615$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB941568$
C:\WINDOWS\$NtUninstallKB941568$\spuninst
C:\WINDOWS\$NtUninstallKB941568$\quartz.dll 1310720 bytes
C:\WINDOWS\$NtUninstallKB941569$
C:\WINDOWS\$NtUninstallKB941569$\spuninst
C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB942763$
C:\WINDOWS\$NtUninstallKB942763$\spuninst
C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe 65536 bytes
C:\WINDOWS\$NtUninstallKB942840$
C:\WINDOWS\$NtUninstallKB942840$\spuninst
C:\WINDOWS\$NtUninstallKB942840$\jscript.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB946627$
C:\WINDOWS\$NtUninstallKB946627$\spuninst
C:\WINDOWS\$NtUninstallKB943485$
C:\WINDOWS\$NtUninstallKB943485$\spuninst
C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll 753664 bytes
C:\WINDOWS\$NtUninstallKB941644$
C:\WINDOWS\$NtUninstallKB941644$\spuninst
C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys 360448 bytes
C:\WINDOWS\INTER.INI 32768 bytes
C:\WINDOWS\brainbox.ini 32768 bytes
C:\WINDOWS\$NtUninstallKB943055$
C:\WINDOWS\$NtUninstallKB943055$\spuninst
C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB944533$
C:\WINDOWS\$NtUninstallKB944533$\spuninst
C:\WINDOWS\$NtUninstallKB944533$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB944533$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB944533$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB944533$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB944533$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB944533$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB944533$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944533$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB944533$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB944533$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB944533$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB944533$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB944533$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB944533$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB944533$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944533$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB944533$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\xpsp3res.dll 131072 bytes
C:\WINDOWS\$NtUninstallKB944533$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB944533$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB946026$
C:\WINDOWS\$NtUninstallKB946026$\spuninst
C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys 196608 bytes
C:\WINDOWS\pss
C:\WINDOWS\pss\system.ini.backup 32768 bytes
C:\WINDOWS\pss\win.ini.backup 32768 bytes
C:\WINDOWS\pss\boot.ini.backup 32768 bytes
C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup 32768 bytes
C:\WINDOWS\$NtUninstallKB945553$
C:\WINDOWS\$NtUninstallKB945553$\spuninst
C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB944338$
C:\WINDOWS\$NtUninstallKB944338$\spuninst
C:\WINDOWS\$NtUninstallKB944338$\vbscript.dll 425984 bytes
C:\WINDOWS\$NtUninstallKB944338$\jscript.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB948590$
C:\WINDOWS\$NtUninstallKB948590$\spuninst
C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll 294912 bytes
C:\WINDOWS\$NtUninstallKB941693$
C:\WINDOWS\$NtUninstallKB941693$\spuninst
C:\WINDOWS\$NtUninstallKB941693$\win32k.sys 1867776 bytes
C:\WINDOWS\$NtUninstallKB947864$
C:\WINDOWS\$NtUninstallKB947864$\spuninst
C:\WINDOWS\$NtUninstallKB947864$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB947864$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB947864$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB947864$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB947864$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB947864$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB947864$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB947864$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB947864$\mshtml.dll 3080192 bytes
C:\WINDOWS\$NtUninstallKB947864$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB947864$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB947864$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB947864$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB947864$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB947864$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB947864$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB947864$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\xpsp3res.dll 393216 bytes
C:\WINDOWS\$NtUninstallKB947864$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB947864$\reg00022 98304 bytes
C:\WINDOWS\$NtUninstallKB948881$
C:\WINDOWS\$NtUninstallKB948881$\spuninst
C:\WINDOWS\$NtUninstallKB948881$\reg00001 98304 bytes
C:\WINDOWS\$NtUninstallKB950749$
C:\WINDOWS\$NtUninstallKB950749$\spuninst
C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll 851968 bytes
C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll 327680 bytes
C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll 425984 bytes
C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll 196608 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll 1540096 bytes
C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll 327680 bytes
C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll 524288 bytes
C:\WINDOWS\$NtUninstallKB950749$\dao360.dll 589824 bytes
C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll 360448 bytes
C:\WINDOWS\unvise32qt.exe 98304 bytes
C:\WINDOWS\Sun
C:\WINDOWS\Sun\Java
C:\WINDOWS\$NtUninstallKB951376$
C:\WINDOWS\$NtUninstallKB951376$\spuninst
C:\WINDOWS\$NtUninstallKB950760$
C:\WINDOWS\$NtUninstallKB950760$\spuninst
C:\WINDOWS\$NtUninstallKB950760$\reg00001 262144 bytes
C:\WINDOWS\$NtUninstallKB950759$
C:\WINDOWS\$NtUninstallKB950759$\spuninst
C:\WINDOWS\$NtUninstallKB950759$\wininet.dll 688128 bytes
C:\WINDOWS\$NtUninstallKB950759$\urlmon.dll 622592 bytes
C:\WINDOWS\$NtUninstallKB950759$\shlwapi.dll 491520 bytes
C:\WINDOWS\$NtUninstallKB950759$\shdocvw.dll 1507328 bytes
C:\WINDOWS\$NtUninstallKB950759$\pngfilt.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950759$\mstime.dll 557056 bytes
C:\WINDOWS\$NtUninstallKB950759$\msrating.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB950759$\mshtmled.dll 458752 bytes
C:\WINDOWS\$NtUninstallKB950759$\mshtml.dll 3112960 bytes
C:\WINDOWS\$NtUninstallKB950759$\jsproxy.dll 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\inseng.dll 98304 bytes
C:\WINDOWS\$NtUninstallKB950759$\iepeers.dll 262144 bytes
C:\WINDOWS\$NtUninstallKB950759$\dxtrans.dll 229376 bytes
C:\WINDOWS\$NtUninstallKB950759$\dxtmsft.dll 360448 bytes
C:\WINDOWS\$NtUninstallKB950759$\danim.dll 1081344 bytes
C:\WINDOWS\$NtUninstallKB950759$\cdfview.dll 163840 bytes
C:\WINDOWS\$NtUninstallKB950759$\browseui.dll 1048576 bytes
C:\WINDOWS\$NtUninstallKB950759$\iedw.exe 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\xpsp3res.dll 393216 bytes
C:\WINDOWS\$NtUninstallKB950759$\extmgr.dll 65536 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00001 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00002 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00003 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00004 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00005 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00006 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00007 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00008 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00009 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00010 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00011 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00012 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00013 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00014 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00015 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00016 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00017 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00018 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00019 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00020 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00021 32768 bytes
C:\WINDOWS\$NtUninstallKB950759$\reg00022 262144 bytes
C:\WINDOWS\$NtUninstallKB950762$
C:\WINDOWS\$NtUninstallKB950762$\spuninst
C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys 229376 bytes
C:\WINDOWS\$NtUninstallKB951698$
C:\WINDOWS\$NtUninstallKB951698$\spuninst
C:\WINDOWS\$NtUninstallKB951698$\quartz.dll 1310720 bytes
C:\WINDOWS\$NtUninstallKB951376-v2$
C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst
C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys 294912 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 466


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"="C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Messenger\\MSMSGS.EXE"="C:\\Program Files\\Messenger\\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Disabled:Veoh Client"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Disabled:Shareaza Ultimate File Sharing"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Thu 24 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 10 Jan 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1993.tmp"
Sat 1 Mar 2008 34,304 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL3296.tmp"
Sat 1 Mar 2008 31,232 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1909.tmp"
Sat 1 Mar 2008 29,184 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1752.tmp"
Sat 1 Mar 2008 29,184 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1026.tmp"
Sat 1 Mar 2008 41,472 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL3752.tmp"
Sat 1 Mar 2008 46,080 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0639.tmp"
Sat 1 Mar 2008 45,056 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1054.tmp"
Sat 1 Mar 2008 44,544 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0524.tmp"
Sat 1 Mar 2008 53,760 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1114.tmp"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0602.tmp"
Sat 1 Mar 2008 32,768 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1769.tmp"
Sat 1 Mar 2008 53,760 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL1928.tmp"
Sat 1 Mar 2008 44,544 ...H. --- "C:\Documents and Settings\Julie TALABARD\Bureau\~WRL0870.tmp"
Wed 11 Jun 2008 2,254 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti347.tmp"
Fri 9 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT526.tmp"
Sat 9 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 7 Nov 2006 135,680 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Vrac\~WRL0002.tmp"
Wed 21 Feb 2007 3,483,648 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1841.tmp"
Tue 20 Feb 2007 15,903,744 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2989.tmp"
Wed 21 Feb 2007 3,494,400 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2398.tmp"
Wed 21 Feb 2007 3,518,464 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2449.tmp"
Wed 21 Feb 2007 3,517,440 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1093.tmp"
Wed 21 Feb 2007 3,517,440 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL2841.tmp"
Wed 21 Feb 2007 3,525,120 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3768.tmp"
Wed 21 Feb 2007 3,529,216 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3223.tmp"
Wed 21 Feb 2007 3,530,240 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1202.tmp"
Wed 21 Feb 2007 3,533,312 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3124.tmp"
Wed 21 Feb 2007 3,533,312 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL1112.tmp"
Wed 21 Feb 2007 3,532,800 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3480.tmp"
Wed 21 Feb 2007 3,538,944 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL3389.tmp"
Sun 21 Jan 2007 206,848 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0090.tmp"
Wed 21 Feb 2007 3,482,624 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0283.tmp"
Wed 21 Feb 2007 3,483,136 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\Saint Marcel Bel Acceuil C3 (CE2-CM1)\Histoire\~WRL0688.tmp"
Mon 23 Apr 2007 31,244,288 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\~WRL3490.tmp"
Thu 19 Apr 2007 8,297,472 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\La s‚quence\~WRL0004.tmp"
Sun 6 Jan 2008 53,248 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL1856.tmp"
Sat 1 Mar 2008 58,368 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL2476.tmp"
Sat 1 Mar 2008 64,512 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL3446.tmp"
Sat 1 Mar 2008 67,072 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Sport\~WRL1441.tmp"
Wed 26 Sep 2007 46,080 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\Jean Rostand CE2-CM1\CE2-CM1 P‚riode 1\Cahier journal\~WRL2371.tmp"
Wed 16 May 2007 40,960 A..H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\VRAC\CYCLE3Pauline\Geographie\~WRL0001.tmp"
Fri 13 Apr 2007 57,386,496 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1832.tmp"
Sun 22 Apr 2007 138,752 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1782.tmp"
Sun 22 Apr 2007 149,230,592 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL2777.tmp"
Mon 23 Apr 2007 151,200,256 ...H. --- "C:\Documents and Settings\Julie TALABARD\Mes documents\IUFM\M‚moire\CD … rendre avec l'exemplaire papier\ANNEXES\~WRL1943.tmp"

[b]Finished![/b]
0
Réponse 3 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 01:06
Oups...
J'ai eu un petit souci avec internet.
Apparemment j'ai envoyé plusieurs fois le m^^eme message!
0
Réponse 4 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 01:09
- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

- Mets-le à jour

- Redémarre en mode sans échec (Recommandé pas obligatoire) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/

- Choisis ta session habituelle

- Fais un scan complet avec MalwareByte's Anti-Malware

- Supprime tout ce que le logiciel trouve, enregistre le rapport

- Redémarre en mode normal et poste le rapport ici

Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 04:20
Hello,

Me suis endormie pendant l'analyse.
D'où ce petit retard pour t'envoyer le rapport de Malwarebyte's anti-malware.

Malwarebytes' Anti-Malware 1.22
Version de la base de données: 980
Windows 5.1.2600 Service Pack 2

04:03:00 23/07/2008
mbam-log-7-23-2008 (04-03-00).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 94123
Temps écoulé: 1 hour(s), 52 minute(s), 13 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Backdoor.Bot) -> Data: c:\windows\system32\ntos.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\wsnpoem\audio.dll.cla (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\ntos.exe (Backdoor.Bot) -> Delete on reboot.
0
Réponse 6 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 04:44
C'est très bien tout ça.

Poste un nouveau rapport HijackThis.

Je vérifie ça demain.
0
Réponse 7 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 05:00
Voici le dernier rapport Hijack.
Bonne nuit.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:59:21, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\DOCUME~1\JULIET~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6e075224848e4affb8f22ada6e23f934
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6e075224848e4affb8f22ada6e23f934
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 8 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 12:47
Ce matin,

nouvelle alerte avast.
Je t'envoie un nouveau rapport Hijack.
A +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:06, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\DOCUME~1\JULIET~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6e075224848e4affb8f22ada6e23f934
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6e075224848e4affb8f22ada6e23f934
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 9 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 14:52
Dis-moi le nom du fichier s'il te plaît.
0
Réponse 10 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 17:54
fausse alerte.
Avast a bloqué un danger éventuel.
J'ai quitté la page internet qui a provoqué l'alerte, j'ai lancé antivir, avast et spy bot: rien n'a été trouvé.
0
Réponse 11 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 17:56
Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

Mets à jour Internet Explorer :
https://support.microsoft.com/fr-fr/allproducts

Redémarre puis poste un nouveau rapport HijackThis.
0
Réponse 12 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 18:10
Voici le rapport hijack.
Alors...
verdict ...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:10:44, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\JULIET~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6e075224848e4affb8f22ada6e23f934
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6e075224848e4affb8f22ada6e23f934
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 13 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 18:20
---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Désinstalle Avast pour garder Antivir (JAMAIS DEUX ANTIVIRUS)

---> Redémarre et poste un dernier rapport HijackThis
0
Réponse 14 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 18:32
Et voilà !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:31:50, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6e075224848e4affb8f22ada6e23f934
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6e075224848e4affb8f22ada6e23f934
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 15 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 18:35
Plus de trace d'infection.

Tu peux virer SDFix.

Pour finir :

---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.ccleaner.com/ccleaner/download

---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

---> Il est nécessaire de désactiver puis réactiver la restauration système, fais-le :
http://www.infos-du-net.com/forum/272480-11-desactiver-activer-restauration-systeme

---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://www.vulgarisation-informatique.com/creer-point-restauration.php
0
Réponse 16 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 18:49
Merci beaucoup beaucoup beaucoup pour ton aide.

Une dernière question avant de te laisser tranquille.

Avant de lancer spy bot je fais une "vaccination".
Sur un total de 37 000 environ seuls 34 000 sont protégés suite à la vaccination et environ 3 000 reste non protégés.
Est-ce inquiètant ?
0
Réponse 17 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 18:55
Mets à jour Spybot avant.
0
Réponse 18 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 18:59
Mise à jour effectuée.
Rien ne change
0
Réponse 19 / 20
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
23 juil. 2008 à 18:59
Au pire, désinstalle et réinstalle.
0
Réponse 20 / 20
jtalabard Messages postés 149 Date d'inscription mardi 22 juillet 2008 Statut Membre Dernière intervention 20 mai 2017 12
23 juil. 2008 à 19:25
Désinstallation OK
réinstallation OK
Vaccination OK

C'est génial

Merci pour tout.
Bonne continuation
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses