Internet a du mal a s'ouvrir...Fermé

Question

Bonjour,
Depuis quelque jours mon pc rame,les pages internet sont d'une lenteur a mourir et certain site ne veulent carrément pas s'ouvrir!

Mon antivirus ne trouve rien d'anormal,quelqu'un pourait m'aider??

Merci beaucoup....

crapoulou · Answer

Salut, * Télécharge Ccleaner (N’installe pas la barre d’outil Yahoo): = = = = >>> En cliquant ici <<< = = = = * L´installer. * Choisis l’onglet Nettoyeur Quitte ton navigateur Internet avant de le lancer, décoche la dernière case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" quand il aura terminé le scan cliques en bas à droite sur "lancer le nettoyage" et accepte par oui. Attention, il risque de vider ta corbeille : si tu veux récupérer des fichiers effacés par erreur, mieux vaut le faire maintenant. * Tutoriel en image ICI

Bassmaster66 · Answer

J'ai déjà essayé et ça ne résous pas le problème....

veut tu un rapport HiJackThis pour y voir plus clair?

Merci de ta reponse en tout cas c'est sympa...

crapoulou · Answer

oui je veux bien.
As tu vidé le contenu des fichiers temporaires internet Explorer, tes autres navigateurs et Temp ?!

Bassmaster66 · Answer

Oui tout est vidé je ne voit vraiment pas d'ou ca vient!

 voici le rapport:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:59:22, on 02/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st#
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: M-Audio Fast Track Installer (FastTrackInstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
O24 - Desktop Component 0: (no name) - http://by115w.bay115.mail.live.com/att/GetAttachment.aspx?tnail=0&messageId=34a3630f-a4b9-430d-a62c-c4ae4f5dd482&Aux=4|0|8CB01FBCB1C3850|

crapoulou · Answer

Télécharges http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe ( de Cyrildu17 / C_XX ) sur ton bureau : 

/!\ Déconnectes toi et fermes toutes applications en cours 

&#9679; Double clique sur le programme d’installation , et installe le dans son emplacement par défaut. ( C:\Program files ) 
&#9679; Double clique sur l’icône Ad-remover située sur ton bureau 
&#9679; Au menu principal choisi l’option "A" 
&#9679; Postes le rapport qui apparait à la fin . 

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log ) 

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) 

Note : 

"Process.exe", une composante de l’outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
Il ne s’agit pas d’un virus, mais d’un utilitaire destiné à mettre fin à des processus. 
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...)

Bassmaster66 · Answer

Ton lien est mort...Objet non-trouvé!

crapoulou · Answer

Voilà qui est modifié...

Bassmaster66 · Answer

F --------- Logfile of AD-Remover 1.0.5.7 by C_XX ---------
 
# START at: 23:17:26 | 02/12/2008 ON Microsoft® Windows XP™ 
# BOOT MODE: Normal
 
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
 
# PC: BAN-02YGOYZ0IFH | USER: Propri‚taire ( Current user is an administrator )
 
# DRIVE(S):  C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v6.0.2900.5512
 
--------- [ RUNNING PROCESSES ] --------- 

\SystemRoot\System32\smss.exe   
\??\C:\WINDOWS\system32\csrss.exe   
\??\C:\WINDOWS\system32\winlogon.exe   
C:\WINDOWS\system32\services.exe   
C:\WINDOWS\system32\lsass.exe   
C:\WINDOWS\system32\Ati2evxx.exe   
C:\WINDOWS\system32\svchost.exe   
C:\WINDOWS\system32\svchost.exe   
C:\WINDOWS\System32\svchost.exe   
C:\WINDOWS\system32\Ati2evxx.exe   
C:\WINDOWS\System32\svchost.exe   
C:\WINDOWS\system32\svchost.exe   
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe   
C:\Program Files\Alwil Software\Avast4\ashServ.exe   
C:\WINDOWS\system32\spoolsv.exe   
C:\WINDOWS\Explorer.EXE   
C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe   
C:\WINDOWS\system32\svchost.exe   
C:\WINDOWS\System32\svchost.exe   
C:\Program Files\CDBurnerXP\NMSAccessU.exe   
C:\WINDOWS\System32\svchost.exe   
C:\WINDOWS\System32\svchost.exe   
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe   
C:\WINDOWS\vsnpstd3.exe   
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe   
C:\Program Files\EoRezo\EoEngine.exe   
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe   
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe   
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe   
C:\Program Files\DAEMON Tools Lite\daemon.exe   
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe   
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe   
C:\WINDOWS\System32\alg.exe   
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe   
C:\Program Files\OpenOffice.org 3\program\soffice.exe   
C:\Program Files\OpenOffice.org 3\program\soffice.bin   
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe   
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe   
C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe   
C:\WINDOWS\RTHDCPL.EXE   
 
---------------------------- [~> 40] 


+---------------------------------------------------------------------------+
+------------------------------- SERVICES FOUND ..
+---------------------------------------------------------------------------+


+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS FOUND ..
+---------------------------------------------------------------------------+

"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS FOUND ..
+---------------------------------------------------------------------------+

[04/10/2008 16:49|d----c---] C:\Program Files\EoRezo
[02/12/2008 22:45|d----c---] C:\Documents and Settings\Propri‚taire\Application Data\EoRezo

+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

 
 
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
 
...\gzwtw11j.default\prefs.js :
 
~~~~ Mozilla FireFox version 3.0.4 ~~~~

Start Page :  "http://lo.st#"
 
+----------+ 

 
+---------------------------------------------------------------------------+ 

+--[HKEY_CURRENT_USER\...\Run] 

RocketDock	REG_SZ	"C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
DAEMON Tools Lite	REG_SZ	"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
 
+--[HKEY_LOCAL_MACHINE\...\Run] 

ATIPTA	REG_SZ	"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
FRYMXINS	REG_SZ	"C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
QuickTime Task	REG_SZ	"C:\Program Files\QuickTime\qttask.exe" -atboottime
snpstd3	REG_SZ	C:\WINDOWS\vsnpstd3.exe
M-Audio Taskbar Icon	REG_SZ	C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
EoEngine	REG_SZ	"C:\Program Files\EoRezo\EoEngine.exe"
ISUSPM Startup	REG_SZ	"C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
ISUSScheduler	REG_SZ	"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
avast!	REG_SZ	C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Adobe Reader Speed Launcher	REG_SZ	"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 
+--[HKEY_USERS\.DEFAULT\...\Run] 

 
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN] 

Start Page : hxxp://lo.st#
 
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN] 

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 117 lines ]
+---------------------------------------------------------------------------+

- C:\AD-report-02.12.2008.log (5810 octets) 

[ END at: 23:18:03 | 02/12/2008 ] - [ Time elapsed: 36.1 seconds  ]

crapoulou · Answer

Très bien.

Relance ad-remover et choisie l’option B nettoyage et poste le rapport généré.

Bassmaster66 · Answer

F --------- Logfile of AD-Remover 1.0.5.7 by C_XX ---------
 
*** Limited to ***
 
Boonty/BoontyGames 
Eorezo 
Everest Poker 
Funwebproduct/MyWay/MyWebsearch 
Messenger Skinner 
Sweetim 
 
******************
 
# START at: 23:24:59 | 02/12/2008 ON Microsoft® Windows XP™ 
# BOOT MODE: Normal
 
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
 
# PC: BAN-02YGOYZ0IFH | USER: Propri‚taire ( Current user is an administrator )
 
# DRIVE(S):  C:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v6.0.2900.5512
 
--------- [ RUNNING PROCESSES ] --------- 

\SystemRoot\System32\smss.exe  
\??\C:\WINDOWS\system32\csrss.exe  
\??\C:\WINDOWS\system32\winlogon.exe  
C:\WINDOWS\system32\services.exe  
C:\WINDOWS\system32\lsass.exe  
C:\WINDOWS\system32\Ati2evxx.exe  
C:\WINDOWS\system32\svchost.exe  
C:\WINDOWS\system32\svchost.exe  
C:\WINDOWS\System32\svchost.exe  
C:\WINDOWS\system32\Ati2evxx.exe  
C:\WINDOWS\System32\svchost.exe  
C:\WINDOWS\system32\svchost.exe  
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe  
C:\Program Files\Alwil Software\Avast4\ashServ.exe  
C:\WINDOWS\system32\spoolsv.exe  
C:\WINDOWS\Explorer.EXE  
C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe  
C:\WINDOWS\system32\svchost.exe  
C:\WINDOWS\System32\svchost.exe  
C:\Program Files\CDBurnerXP\NMSAccessU.exe  
C:\WINDOWS\System32\svchost.exe  
C:\WINDOWS\System32\svchost.exe  
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe  
C:\WINDOWS\vsnpstd3.exe  
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe  
C:\Program Files\EoRezo\EoEngine.exe  
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe  
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe  
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe  
C:\Program Files\DAEMON Tools Lite\daemon.exe  
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe  
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe  
C:\WINDOWS\System32\alg.exe  
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe  
C:\Program Files\OpenOffice.org 3\program\soffice.exe  
C:\Program Files\OpenOffice.org 3\program\soffice.bin  
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe  
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe  
C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe  
C:\WINDOWS\RTHDCPL.EXE  
C:\Program Files\Mozilla Firefox\firefox.exe  
 
---------------------------- [~> 41] 

(!) ---- IE start pages reset

+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+


+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+

"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"

+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+

[04/10/2008 16:49|d----c---] C:\Program Files\EoRezo
[02/12/2008 22:45|d----c---] C:\Documents and Settings\Propri‚taire\Application Data\EoRezo
 
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives. 


+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+

 
 
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
 
...\gzwtw11j.default\prefs.js :
 
~~~~ Mozilla FireFox version 3.0.4 ~~~~

Start Page :  "http://lo.st#"
 
+----------+ 

+--[HKEY_CURRENT_USER\...\Run] 

RocketDock	REG_SZ	"C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
DAEMON Tools Lite	REG_SZ	"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
 
+--[HKEY_LOCAL_MACHINE\...\Run] 

ATIPTA	REG_SZ	"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
FRYMXINS	REG_SZ	"C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
QuickTime Task	REG_SZ	"C:\Program Files\QuickTime\qttask.exe" -atboottime
snpstd3	REG_SZ	C:\WINDOWS\vsnpstd3.exe
M-Audio Taskbar Icon	REG_SZ	C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
ISUSPM Startup	REG_SZ	"C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
ISUSScheduler	REG_SZ	"C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
avast!	REG_SZ	C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Adobe Reader Speed Launcher	REG_SZ	"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 
+--[HKEY_USERS\.DEFAULT\...\Run] 

 
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN] 

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
 
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN] 

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 130 lines ]
+---------------------------------------------------------------------------+

- C:\AD-report-02.12.2008.log (5928 octets) 

[ END at: 23:27:26 | 02/12/2008 ] - [ Time elapsed: 2 minutes, 26 seconds  ]

crapoulou · Answer

Ta page de démarrage d'internet explorer a changé si tu utilises ce navigateur, c'est normal.
Poste un nouveau rapport hijackthis stp.

Bassmaster66 · Answer

Non j'utilise Firefox!


Voila le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:34:03, on 02/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: M-Audio Fast Track Installer (FastTrackInstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
O24 - Desktop Component 0: (no name) - http://by115w.bay115.mail.live.com/att/GetAttachment.aspx?tnail=0&messageId=34a3630f-a4b9-430d-a62c-c4ae4f5dd482&Aux=4|0|8CB01FBCB1C3850|

crapoulou · Answer

Télécharge Malwarebytes’ Anti-Malware = = = = >>> En cliquant ici <<< = = = = - Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware - Enregistres le sur le bureau - Double cliques sur le fichier téléchargé pour lancer le processus d’installation - Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware - Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes - Une fois la mise à jour terminée, ferme Malwarebytes - Double-cliques sur l’icône de malwarebytes pour le relancer - Dans l’onglet, Recherche, probablement ouvert par défaut, - Sélectionne Exécuter un examen complet - Clique sur Rechercher - Le scan démarre - A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés. - Cliques sur Ok pour poursuivre. - Si des malwares ont été détectés, cliques sur Afficher les résultats - Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine. - Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse. - Rends toi dans l’onglet rapport/log - Tu cliques dessus pour l’afficher une fois affiché - Tu cliques sur édition en haut du boc notes, et puis sur sélectionner tout - Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse - Tu cliques droit dans le cadre de la réponse et coller Si tu as besoin d’aide regarde ce tutorial ICI

Bassmaster66 · Answer

Ouah!256 infections!!!ca calme!


Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1450
Windows 5.1.2600 Service Pack 3

02/12/2008 23:43:07
mbam-log-2008-12-02 (23-43-07).txt

Type de recherche: Examen rapide
Eléments examinés: 49895
Temps écoulé: 2 minute(s), 23 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 26
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 225

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{1efb6596-857c-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2c247f23-8591-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35053a22-8589-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{66833fe6-8583-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e3867a3-8586-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bdd1f04b-858b-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce32-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce33-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce34-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce35-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce36-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce37-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce38-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce39-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce3a-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce3b-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce3c-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce3d-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce3e-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce3f-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce40-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce41-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c27cce42-8596-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c74190b6-8589-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dd9da666-8594-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f08df954-8592-11d1-b16a-00c0f0283628} (Rogue.RegistryDefender) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhcetqj0ejbp (Rogue.AntivirusXP2008) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Registry Defender Platinum (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse (Rogue.RegistryDefender) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Registry Defender Platinum\Customer Support.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\INSTALL.LOG (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\install.sss (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\mscomctl.ocx (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\RegistryDefender.exe.manifest (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\stdole2.tlb (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\Uninstall.exe (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\User Guide.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\repair-bar\scanner-repair-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-100.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-66.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-67.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-68.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-69.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-70.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-71.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-72.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-73.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-74.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-75.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-76.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-77.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-78.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-79.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-80.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-81.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-82.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-83.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-84.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-85.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-86.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-87.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-88.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-89.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-90.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-91.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-92.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-93.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-94.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-95.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-96.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-97.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-98.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-100\scanner100-99.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\scan-bar-pulse\scannerpulse-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.

crapoulou · Answer

Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
* Lance-le. Va dans Outils puis Programmes de désinstallations.
* Sélectionne Registry Defender puis clique sur Efface l'Entrée.

*************************************************************

* Choisis ensuite l’onglet Nettoyeur

Quitte ton navigateur Internet avant de le lancer, décoche la dernière case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" quand il aura terminé le scan cliques en bas à droite sur "lancer le nettoyage" et accepte par oui.
Attention, il risque de vider ta corbeille : si tu veux récupérer des fichiers effacés par erreur, mieux vaut le faire maintenant.

* Tutoriel en image ICI

Bassmaster66 · Answer

aucune trace de ce "registry defender"

crapoulou · Answer

C'est à dire aucune trace ? C'est ce que Ccleaner t'a répondu ?
As tu fait les deux étapes ?

Bassmaster66 · Answer

non c'est bon desolé!

les 2 sont fait

crapoulou · Answer

Ok. Télécharge Random’s System Information Tool (RSIT) de random/random et enregistre l’exécutable sur le Bureau. = = = = >>> En cliquant ici <<< = = = = * Double-clique sur RSIT.exe pour le lancer. * Une première fenêtre s’ouvre, clique alors sur Continue (Disclaimer). * Si la dernière version de HijackThis n’est pas détectée sur ton PC, RSIT le téléchargera et te demandera d’accepter la licence. * Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront (probablement avec le bloc-notes). * Poste le contenu de log.txt (c’est celui qui apparaît à l’écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Bassmaster66 · Answer

Voici le log:


Logfile of random's system information tool 1.04 (written by random/random)
Run by Propriétaire at 2008-12-03 00:21:07
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 5 GB (6%) free of 71 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:21:18, on 03/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Propriétaire.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: M-Audio Fast Track Installer (FastTrackInstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
O24 - Desktop Component 0: (no name) - http://by115w.bay115.mail.live.com/att/GetAttachment.aspx?tnail=0&messageId=34a3630f-a4b9-430d-a62c-c4ae4f5dd482&Aux=4|0|8CB01FBCB1C3850|

Bassmaster66 · Answer

et l'info:

info.txt logfile of random's system information tool 1.04 2008-12-03 00:21:21

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{AFD5ED58-271A-4907-96C2-2745C83BB035}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Media Player-->MsiExec.exe /X{C7888C3F-0506-555F-7907-CDD3F81719A5}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Ad-remover-->C:\Program Files\Ad-remover\Uninstal.exe
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe" 
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Fast Track USB-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07D4A7C5-C55C-45B5-9E86-D8068D25EF40}\setup.exe" -l0x9  -removeonly
FireGL driver for 3D Studio MAX/VIZ-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}\setup.exe" 
FormatFactory-->MsiExec.exe /X{F3379D75-8FC0-4517-B52B-3CE6114A2866}
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
Free YouTube Download 1.2-->"C:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
livebox-->C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe -runfromtemp -l0x040c -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - Scrapbook-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C41E52C-DB0E-4EDF-92D7-8EA47C0C5854}\SETUP.EXE" -l0x40c 
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA PhysX v8.08.18-->MsiExec.exe /X{AFD5ED58-271A-4907-96C2-2745C83BB035}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Pack Crystal Clear 1.0-->C:\WINDOWS\BricoPacks\Crystal Clear\Remove.exe
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PDF-XChange 3-->"C:\Program Files\Tracker Software\PDF-XChange 3\unins000.exe"
PKR-->"C:\Program Files\PKR\uninstall-pkr.exe"
Plus de 200 000 Cliparts et Photos-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D01940CE-8BD3-4258-B4E2-42F185AE1968} 
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c  -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c  -removeonly
Sagem Wi-Fi 11g USB adapter (driver)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED60C17-4568-4CD5-830A-03C4688B09A1}\setup.exe" -l0x40c 
Sagem Wi-Fi 11g USB adapter (utility)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAFD22B6-A6C7-4134-AF4E-080BCBCD3493}\Setup.exe" -l0x40c 
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Session-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8417AD12-1A5A-4E45-B8F2-D2E92B0FF921}\setup.exe" -l0x9  -removeonly
Sid Meier's Civilization 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x40c  -removeonly
SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Switch Sound File Converter-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Texas Holdem Poker 3D Deluxe Edition v1 0 DeLEGiON-->"C:\Program Files\Texas Holdem Poker 3D Deluxe Edition DeLEGiON\unins000.exe"
Uninstall 1.0.0.0-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"

=====HijackThis Backups=====

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O20 - AppInit_DLLs: heggdy.dll
O4 - Startup: RegistryDefender.lnk = ?
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081202-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\ATI Technologies\Fire GL 3D Studio Max;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

crapoulou · Answer

Fais un clic droit ici : = = = = >>> En cliquant ici <<< = = = = * Dans le menu qui se déroule, choisis "Enregistrer la cible du lien sous" (si tu utilises Firefox) et "Enregistrer la cible sous" (si tu utilises Internet Explorer) * Une fenêtre va s'ouvrir: dans le champs Nom du fichier (en bas), tape ceci > combo-fix --> le tiret est important. <-- * On va enregistrer ce fichier sur le Bureau : pour cela, sur le panneau de gauche, clique sur le Bureau. * Clique enfin sur le bouton Enregistrer en bas de page à droite. * Assure toi que tous les programmes sont fermés avant de lancer le fix ! Ne lance pas le fix tout de suite ! Il faut que t’installe la Console de Récupération Windows si ce n’est pas fait (pour pouvoir démarrer en mode sans échec, … et avoir un démarrage sélectif). Si tu es sûr de l’avoir, continue à l’étape suivante, si non, suis cette procédure pour l’installer avec le CD d’installation Windows En cliquant ICI (ou le DVD pour Vista). Si tu n’as pas le CD, ComboFix contient une procédure d'installation de la Console de Récupération Windows en téléchargeant un fichier depuis Microsoft. Pour l’installer sans CD, suis ces instructions : - Clique ICI pour aller sur le site Web de Microsoft. - Sur cette page, descendez jusqu'à "Téléchargement du fichier programme des disquettes d'installation" et cliquez sur le téléchargement correspondant à votre version de Windows XP (Édition familiale ou Professionnel) et au Service Pack que vous avez installé. Lorsque vous avez cliqué sur le lien de téléchargement du fichier, vérifiez que ce dernier sera enregistré directement sur votre Bureau. Si vous utilisez Windows XP Service Pack 3 (SP3), sélectionnez le téléchargement Service Pack 2. Si vous utilisez Windows XP Media Center, sélectionnez le téléchargement Windows XP Pro Service Pack 2. * Fait un double clique sur combofix.exe. * Clique sur Oui au message de Limitation de Garantie qui s'affiche. * Il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sure: accepte! * Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide ! * Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message. * Note : Le rapport se trouve également là : C:\ComboFix.txt S’il ne connaît pas sa version pour télécharger la console de récupération Windows, voir le tuto officiel de combo où il est dit comment faire : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Bassmaster66 · Answer

impossible de telecharger ton programme!et puis il fait peur un peu...
La restauration systeme suffit t'elle?

crapoulou · Answer

Analyse ce fichier :
C:\Windows\system32\heggdy.dll

Sur le site de virustotal :
https://www.virustotal.com/gui/

Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.

Poste le rapport.

Bassmaster66 · Answer

Il ne trouve pas de fichier nommée ainsi

crapoulou · Answer

Affiche les fichiers et dossiers cachés :
Dans Mes documents, Outils, Options des dossiers, Onglet Affichage, coche Afficher les fichiers et dossiers cachés.


Recherche heggdy sur ton PC et dis moi à quel endroit il le trouve sur ton PC.

Bassmaster66 · Answer

absolument aucune trace!

crapoulou · Answer

Ok, fais combofix, pas de souci!

Bassmaster66 · Answer

bonjour,

Excuse moi j'ai du partir precipitement hier...

Le lien compofix ne fonctionne pas....

crapoulou · Answer

Non, le lien fonctionne :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Bassmaster66 · Answer

Merci pour ton aide! voila le rapport: ComboFix 08-12-02.02 - Propriétaire 2008-12-03 17:35:20.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1512 [GMT 1:00] Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe * Un nouveau point de restauration a été créé [COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR] . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-03 au 2008-12-03 )))))))))))))))))))))))))))))))))))) . 2008-12-03 01:29 . 2008-12-03 01:29 d----c--- c:\program files\Registry Defender Platinum 2008-12-03 01:29 . 2008-12-03 01:29 d----c--- c:\program files\EoRezo 2008-12-03 01:29 . 2008-12-03 01:29 d----c--- c:\documents and settings\Propriétaire\Application Data\EoRezo 2008-12-03 00:21 . 2008-12-03 00:21 d-------- C: sit 2008-12-02 23:16 . 2008-12-03 01:29 d----c--- c:\program files\Ad-remover 2008-12-02 23:14 . 2008-12-03 01:29 d----c--- c:\program files\Malwarebytes' Anti-Malware 2008-11-27 23:40 . 2008-11-27 23:40 d----c--- c:\program files\Adobe Media Player 2008-11-27 23:39 . 2008-11-27 23:39 d----c--- c:\program files\Fichiers communs\Adobe AIR 2008-11-26 19:21 . 2008-11-26 19:21 d----c--- c:\program files\Paint.NET 2008-11-24 13:25 . 2008-11-24 13:25 d---sc--- c:\program files\Xfire 2008-11-24 13:25 . 2008-11-24 13:25 d----c--- c:\documents and settings\Propriétaire\Application Data\Xfire 2008-11-24 13:07 . 2008-11-24 13:07 d----c--- c:\program files\Firaxis Games 2008-11-22 16:35 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll 2008-11-22 16:35 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll 2008-11-22 16:35 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll 2008-11-22 16:35 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll 2008-11-22 16:35 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll 2008-11-22 16:35 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll 2008-11-22 16:35 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll 2008-11-22 16:23 . 2008-11-22 16:23 d----c--- c:\program files\Utherverse Digital Inc 2008-11-19 19:00 . 2008-11-19 19:00 d----c--- c:\program files\Fichiers communs\DVDVideoSoft 2008-11-19 19:00 . 2008-11-19 19:00 d----c--- c:\program files\DVDVideoSoft 2008-11-19 18:52 . 2008-11-19 18:52 d----c--- c:\documents and settings\Propriétaire\dwhelper 2008-11-19 18:52 . 2008-11-19 18:52 d----c--- c:\documents and settings\Propriétaire\dwhelper 2008-11-19 15:24 . 2004-08-20 00:09 221,184 --a------ c:\windows\system32\wmpns.dll 2008-11-19 10:15 . 2008-11-19 10:15 d-------- c:\windows\system32\fr-fr 2008-11-19 10:15 . 2008-11-19 10:15 d-------- c:\windows\system32\fr 2008-11-19 10:15 . 2008-11-19 10:15 d-------- c:\windows\l2schemas 2008-11-15 17:16 . 2008-11-15 17:16 d--h----- c:\windows\PIF 2008-11-12 05:52 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-11 20:34 . 2008-11-11 20:34 d----c--- c:\documents and settings\Propriétaire\Application Data\DivX 2008-11-11 17:35 . 2008-11-11 17:36 d----c--- c:\program files\DivX 2008-11-10 20:35 . 2008-11-10 20:35 18 --a------ c:\windows\gfact.ini 2008-11-10 20:34 . 2008-11-10 20:35 d-------- c:\windows ew mario62 2008-11-10 20:34 . 2008-11-10 20:34 171,520 --a------ c:\windows\system32\cncs32.dll 2008-11-10 18:13 . 2008-11-10 18:13 22 --a------ c:\windows\axss.ini 2008-11-09 16:12 . 2008-11-09 16:12 d----c--- c:\documents and settings\All Users\Application Data\Avg8 2008-11-06 21:29 . 2008-11-06 22:17 d----c--- c:\program files\PKR 2008-11-05 23:53 . 2008-11-05 23:53 36,864 --a------ C:\HTGD0005.exe 2008-11-05 23:53 . 2008-11-05 23:53 33,732 --a------ C:\HTGD0002.bmp 2008-11-05 23:53 . 2008-11-05 23:53 50 --a------ C:\HTGD0006.ini 2008-11-04 17:14 . 2008-11-04 17:14 d----c--- c:\program files\Windows Journal Viewer 2008-11-03 19:15 . 2008-11-03 19:15 268 --ah----- C:\sqmdata01.sqm 2008-11-03 19:15 . 2008-11-03 19:15 244 --ah----- C:\sqmnoopt01.sqm 2008-11-03 17:36 . 2008-11-03 17:36 d----c--- c:\program files\NCH Software 2008-11-03 17:35 . 2008-11-03 17:35 d----c--- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2008-11-03 17:34 . 2008-11-03 17:34 d----c--- c:\program files\NCH Swift Sound 2008-11-03 17:34 . 2008-11-03 17:34 d----c--- c:\documents and settings\Propriétaire\Application Data\NCH Swift Sound . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-03 00:29 --------- dc----w c:\documents and settings\Propriétaire\Application Data\uTorrent 2008-12-02 23:12 --------- dc----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-24 12:07 --------- dc-h--w c:\program files\InstallShield Installation Information 2008-11-19 08:55 --------- dc----w c:\program files\Fichiers communs\Adobe 2008-11-05 22:53 40,960 ----a-w C:\HTGD0003.exe 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll 2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll 2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll 2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll 2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll 2008-10-28 19:18 52,845 ----a-w c:\windows\BricoPackUninst.cmd 2008-10-28 19:18 4,839 ----a-w c:\windows\BricoPackFoldersDelete.cmd 2008-10-26 20:22 --------- dc----w c:\program files\Texas Holdem Poker 3D Deluxe Edition DeLEGiON 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-23 13:26 --------- dc----w c:\program files\Fichiers communs\Wise Installation Wizard 2008-10-23 13:24 --------- dc----w c:\program files\AGEIA Technologies 2008-10-21 13:32 --------- dc----w c:\program files\AVS4YOU 2008-10-21 12:18 --------- dc----w c:\program files\Radical Games 2008-10-20 14:22 --------- dc----w c:\program files\DAEMON Tools Lite 2008-10-20 14:13 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-10-20 14:13 --------- dc----w c:\documents and settings\Propriétaire\Application Data\DAEMON Tools 2008-10-20 14:01 98,304 ----a-w c:\windows\system32\CmdLineExt.dll 2008-10-19 14:30 --------- dc----w c:\program files\FormatFactory 2008-10-19 14:23 --------- dc----w c:\documents and settings\Propriétaire\Application Data\AVS4YOU 2008-10-19 14:23 --------- dc----w c:\documents and settings\All Users\Application Data\AVS4YOU 2008-10-19 14:22 --------- dc----w c:\program files\Fichiers communs\AVSMedia 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 69,144 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-16 08:28 --------- dc----w c:\program files\Spybot - Search & Destroy 2008-10-16 06:53 --------- dc----w c:\documents and settings\Propriétaire\Application Data\OpenOffice.org 2008-10-16 06:49 --------- dc----w c:\program files\OpenOffice.org 3 2008-10-16 06:49 --------- dc----w c:\program files\JRE 2008-10-15 16:30 --------- dc----w c:\documents and settings\All Users\Application Data\Player Metaboli 2008-10-15 14:46 --------- dc----w c:\program files\SAGEM WiFi manager 2008-10-15 14:45 --------- dc----w c:\program files\SAGEM 2008-10-15 14:41 --------- dc----w c:\program files\Securitoo 2008-10-11 19:56 --------- dc----w c:\program files\Fichiers communs\Micro Application Shared 2008-10-09 17:51 --------- dc----w c:\documents and settings\Propriétaire\Application Data\Hemera 2008-10-09 17:46 --------- dc----w c:\program files\Micro Application 2008-10-09 17:46 --------- dc----w c:\program files\Fichiers communs\InstallShield 2008-10-09 17:24 --------- dc----w c:\program files\Maxis 2008-10-09 15:31 --------- dc----w c:\documents and settings\Propriétaire\Application Data\HP 2008-10-09 15:31 --------- dc----w c:\documents and settings\All Users\Application Data\HP 2008-10-09 13:47 --------- dc----w c:\documents and settings\Propriétaire\Application Data\dvdcss 2008-10-07 12:41 --------- dc----w c:\program files\uxtobirza 2008-10-06 15:12 --------- dc----w c:\program files\HammerHead 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll 2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll 2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll 2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll 2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe 2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll 2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll 2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll 2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll 2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe 2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll 2008-09-19 21:57 129,784 ------w c:\windows\system32\pxafs.dll 2008-09-19 21:57 120,056 ------w c:\windows\system32\pxcpyi64.exe 2008-09-19 21:57 118,520 ------w c:\windows\system32\pxinsi64.exe 2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll 2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll 2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll 2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys 2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll 2008-09-04 17:16 1,106,944 ----a-w c:\windows\system32\msxml3.dll 2008-06-23 17:02 278,528 -c--a-w c:\program files\Fichiers communs\FDEUnInstaller.exe . ((((((((((((((((((((((((((((( snapshot@2008-08-03_14.51.44.51 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll + 2008-05-02 13:33:12 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll + 2008-05-02 14:01:52 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll + 2008-05-02 13:44:40 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll + 2008-07-07 20:18:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll + 2008-07-07 20:28:20 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll + 2008-07-07 20:24:11 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll + 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe + 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll + 2008-04-11 18:40:33 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll + 2008-04-11 19:05:22 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll + 2008-04-11 22:23:04 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll + 2007-12-03 15:25:43 767,352 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll + 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE zchange.exe + 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR zchange.exe + 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE zchange.exe + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll + 2008-05-07 09:07:23 135,168 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe + 2008-05-09 10:51:45 512,000 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll + 2008-05-09 10:51:45 180,224 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll + 2008-05-09 10:51:45 172,032 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll + 2008-05-09 10:51:45 430,080 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll + 2008-05-08 11:24:44 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe + 2008-05-09 10:51:45 90,112 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB951978\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB951978\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB951978\update\spcustom.dll + 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB951978\update\update.exe + 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB951978\update\updspapi.dll + 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll + 2008-05-01 14:36:26 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll + 2008-05-01 14:39:23 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll + 2008-06-24 16:30:27 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll + 2008-06-24 16:44:02 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll + 2008-06-24 16:53:52 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll + 2008-06-23 16:15:33 1,024,512 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\browseui.dll + 2008-06-23 16:15:34 152,064 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\cdfview.dll + 2008-06-23 16:15:35 1,056,768 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\danim.dll + 2008-06-23 16:15:35 357,888 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\dxtmsft.dll + 2008-06-23 16:15:35 205,312 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\dxtrans.dll + 2008-06-23 16:15:35 55,808 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\extmgr.dll + 2008-06-23 09:53:58 18,432 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\iedw.exe + 2008-06-23 16:15:36 251,904 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\iepeers.dll + 2008-06-23 16:15:36 96,768 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\inseng.dll + 2008-06-23 16:15:36 16,384 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\jsproxy.dll + 2008-06-23 16:15:39 3,088,384 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mshtml.dll + 2008-06-23 16:15:40 449,024 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mshtmled.dll + 2008-06-23 16:15:40 146,432 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\msrating.dll + 2008-06-23 16:15:41 532,480 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\mstime.dll + 2008-06-23 16:15:41 39,424 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\pngfilt.dll + 2008-06-23 16:15:42 1,499,648 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\shdocvw.dll + 2008-06-23 16:15:43 474,624 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\shlwapi.dll + 2008-07-03 09:42:35 370,176 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\spru040c.dll + 2008-06-23 16:15:43 620,544 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\urlmon.dll + 2008-06-23 16:15:44 671,232 ----a-w c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll + 2008-06-23 15:10:27 3,088,384 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll + 2008-06-26 08:13:32 1,499,648 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\shdocvw.dll + 2008-06-26 08:13:32 620,544 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\urlmon.dll + 2008-06-23 15:10:27 670,208 ----a-w c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll + 2008-06-25 04:26:28 3,088,896 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll + 2008-06-26 08:00:28 1,499,648 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\shdocvw.dll + 2008-06-26 08:00:28 620,544 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\urlmon.dll + 2008-06-23 14:56:26 670,720 ----a-w c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB953838\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB953838\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB953838\update\spcustom.dll + 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB953838\update\update.exe + 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB953838\update\updspapi.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll + 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys + 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys + 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll + 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll + 2008-09-10 01:12:14 1,379,840 ----a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll + 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\browseui.dll + 2008-08-20 05:33:44 152,064 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\cdfview.dll + 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\danim.dll + 2008-08-20 05:33:45 357,888 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\dxtmsft.dll + 2008-08-20 05:33:45 205,312 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\dxtrans.dll + 2008-08-20 05:33:45 55,808 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\extmgr.dll + 2008-08-19 09:38:57 18,432 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\iedw.exe + 2008-08-20 05:33:45 251,904 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\iepeers.dll + 2008-08-20 05:33:45 96,768 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\inseng.dll + 2008-08-20 05:33:46 16,384 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\jsproxy.dll + 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mshtml.dll + 2008-08-20 05:33:46 449,024 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mshtmled.dll + 2008-08-20 05:33:45 146,432 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\msrating.dll + 2008-08-20 05:33:45 532,480 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\mstime.dll + 2008-08-20 05:33:45 39,424 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\pngfilt.dll + 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\shdocvw.dll + 2008-08-20 05:33:46 474,624 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\shlwapi.dll + 2008-08-19 09:51:37 370,176 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\spru040c.dll + 2008-08-20 05:33:47 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\urlmon.dll + 2008-08-20 05:33:46 671,744 ----a-w c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll + 2008-08-20 05:10:12 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll + 2008-08-20 05:10:11 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\shdocvw.dll + 2008-08-20 05:10:11 620,544 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\urlmon.dll + 2008-08-20 05:10:11 670,208 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll + 2008-08-20 05:07:31 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll + 2008-08-20 05:07:27 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\shdocvw.dll + 2008-08-20 05:07:28 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\urlmon.dll + 2008-08-20 05:07:28 670,720 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956390\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956390\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956390\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956390\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956390\update\updspapi.dll + 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll + 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys + 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys + 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll + 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE tkrnlmp.exe + 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE tkrnlpa.exe + 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE tkrpamp.exe + 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE toskrnl.exe + 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR tkrnlmp.exe + 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR tkrnlpa.exe + 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR tkrpamp.exe + 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR toskrnl.exe + 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE tkrnlmp.exe + 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE tkrnlpa.exe + 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE tkrpamp.exe + 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE toskrnl.exe + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe + 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll + 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys + 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys + 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll + 2008-10-15 16:55:13 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE etapi32.dll + 2008-10-15 16:35:43 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR etapi32.dll + 2008-10-15 16:31:32 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE etapi32.dll + 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll + 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe + 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll - 2002-08-30 12:00:00 50,560 -c----w c:\windows\$NtServicePackUninstall$\1394bus.sys + 2004-08-04 06:10:06 53,248 -c----w c:\windows\$NtServicePackUninstall$\1394bus.sys + 2004-08-04 06:00:03 12,288 -c----w c:\windows\$NtServicePackUninstall$\4mmdat.sys + 2004-08-04 06:10:10 48,128 -c----w c:\windows\$NtServicePackUninstall$\61883.sys - 2002-08-30 12:00:00 59,392 -c----w c:\windows\$NtServicePackUninstall$\6to4svc.dll + 2006-08-16 11:59:27 100,352 -c----w c:\windows\$NtServicePackUninstall$\6to4svc.dll + 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll + 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll.000 - 2002-08-30 12:00:00 185,344 -c----w c:\windows\$NtServicePackUninstall$\accwiz.exe + 2004-08-19 23:09:50 189,952 -c----w c:\windows\$NtServicePackUninstall$\accwiz.exe - 2002-08-30 12:00:00 1,818,624 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll + 2004-08-19 23:09:19 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll + 2004-08-19 23:09:19 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll.000 - 2002-08-30 12:00:00 406,528 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll + 2004-08-19 23:09:19 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll + 2004-08-19 23:09:19 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll.000 - 2002-08-30 12:00:00 125,440 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll + 2004-08-19 23:09:19 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll + 2004-08-19 23:09:19 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll.000 - 2002-08-30 12:00:00 111,616 -c----w c:\windows\$NtServicePackUninstall$\aclui.dll + 2004-08-19 23:09:19 119,296 -c----w c:\windows\$NtServicePackUninstall$\aclui.dll - 2002-08-30 12:00:00 180,224 -c----w c:\windows\$NtServicePackUninstall$\acpi.sys + 2004-08-19 22:51:54 188,672 -c----w c:\windows\$NtServicePackUninstall$\acpi.sys - 2002-08-30 12:00:00 219,136 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll + 2004-08-19 23:09:19 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll + 2004-08-19 23:09:19 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll.000 - 2002-08-30 12:00:00 181,760 -c----w c:\windows\$NtServicePackUninstall$\activeds.dll + 2004-08-19 23:09:19 194,048 -c----w c:\windows\$NtServicePackUninstall$\activeds.dll - 2002-08-30 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\actmovie.exe + 2004-08-19 23:09:50 4,096 -c----w c:\windows\$NtServicePackUninstall$\actmovie.exe - 2002-08-30 12:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\actxprxy.dll + 2004-08-19 23:09:19 101,888 -c----w c:\windows\$NtServicePackUninstall$\actxprxy.dll - 2002-08-30 12:00:00 107,520 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll + 2004-08-19 23:09:19 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll + 2004-08-19 23:09:19 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll.000 - 2002-05-14 10:08:54 20,540 -c----w c:\windows\$NtServicePackUninstall$\admin.dll + 2004-08-19 23:09:19 20,540 -c----w c:\windows\$NtServicePackUninstall$\admin.dll - 2002-05-14 10:08:54 16,439 -c----w c:\windows\$NtServicePackUninstall$\admin.exe + 2004-08-19 23:09:50 16,439 -c----w c:\windows\$NtServicePackUninstall$\admin.exe - 2002-08-30 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\admparse.dll + 2004-08-19 23:09:19 61,440 -c----w c:\windows\$NtServicePackUninstall$\admparse.dll - 2002-08-30 12:00:00 162,816 -c----w c:\windows\$NtServicePackUninstall$\adsldp.dll + 2004-08-19 23:09:19 175,616 -c----w c:\windows\$NtServicePackUninstall$\adsldp.dll - 2002-08-30 12:00:00 139,776 -c----w c:\windows\$NtServicePackUninstall$\adsldpc.dll + 2004-08-19 23:09:19 143,360 -c----w c:\windows\$NtServicePackUninstall$\adsldpc.dll - 2002-08-30 12:00:00 62,464 -c----w c:\windows\$NtServicePackUninstall$\adsmsext.dll + 2004-08-19 23:09:19 68,096 -c----w c:\windows\$NtServicePackUninstall$\adsmsext.dll - 2002-08-30 12:00:00 239,616 -c----w c:\windows\$NtServicePackUninstall$\adsnt.dll + 2004-08-19 23:09:19 263,680 -c----w c:\windows\$NtServicePackUninstall$\adsnt.dll + 2004-08-19 23:09:19 4,255 -c----w c:\windows\$NtServicePackUninstall$\adv01nt5.dll + 2004-08-19 23:09:19 3,967 -c----w c:\windows\$NtServicePackUninstall$\adv02nt5.dll + 2004-08-19 23:09:19 3,615 -c----w c:\windows\$NtServicePackUninstall$\adv05nt5.dll + 2004-08-19 23:09:19 3,647 -c----w c:\windows\$NtServicePackUninstall$\adv07nt5.dll + 2004-08-19 23:09:19 3,135 -c----w c:\windows\$NtServicePackUninstall$\adv08nt5.dll + 2004-08-19 23:09:19 3,711 -c----w c:\windows\$NtServicePackUninstall$\adv09nt5.dll + 2004-08-19 23:09:19 3,775 -c----w c:\windows\$NtServicePackUninstall$\adv11nt5.dll - 2002-08-30 12:00:00 626,176 -c----w c:\windows\$NtServicePackUninstall$\advapi32.dll + 2004-08-19 23:09:19 685,056 -c----w c:\windows\$NtServicePackUninstall$\advapi32.dll - 2002-08-30 12:00:00 93,184 -c----w c:\windows\$NtServicePackUninstall$\advpack.dll + 2004-08-19 23:09:19 101,888 -c----w c:\windows\$NtServicePackUninstall$\advpack.dll + 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys + 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys.001 - 2002-08-30 12:00:00 131,968 -c----w c:\windows\$NtServicePackUninstall$\afd.sys + 2008-08-14 09:51:43 138,368 -c----w c:\windows\$NtServicePackUninstall$\afd.sys - 2002-08-30 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\agentanm.dll + 2004-08-19 23:09:19 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentanm.dll - 2002-08-30 12:00:00 204,288 -c----w c:\windows\$NtServicePackUninstall$\agentctl.dll + 2004-08-19 23:09:19 214,016 -c----w c:\windows\$NtServicePackUninstall$\agentctl.dll - 2002-08-30 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\agentdp2.dll + 2006-10-12 14:04:13 42,496 -c----w c:\windows\$NtServicePackUninstall$\agentdp2.dll - 2002-08-30 12:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\agentdpv.dll + 2007-03-09 13:48:06 57,344 -c----w c:\windows\$NtServicePackUninstall$\agentdpv.dll - 2002-08-30 12:00:00 44,032 -c----w c:\windows\$NtServicePackUninstall$\agentmpx.dll + 2004-08-19 23:09:19 49,152 -c----w c:\windows\$NtServicePackUninstall$\agentmpx.dll - 2002-08-30 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agentpsh.dll + 2004-08-19 23:09:19 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentpsh.dll - 2002-08-30 12:00:00 39,936 -c----w c:\windows\$NtServicePackUninstall$\agentsr.dll + 2004-08-19 23:09:19 44,032 -c----w c:\windows\$NtServicePackUninstall$\agentsr.dll - 2002-08-30 12:00:00 235,008 -c----w c:\windows\$NtServicePackUninstall$\agentsvr.exe + 2006-10-12 11:09:53 256,512 -c----w c:\windows\$NtServicePackUninstall$\agentsvr.exe + 2004-08-04 06:07:41 42,368 -c----w c:\windows\$NtServicePackUninstall$\agp440.sys + 2004-08-04 06:07:42 44,928 -c----w c:\windows\$NtServicePackUninstall$\agpcpq.sys + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0401.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0404.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0405.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0406.dll + 2002-08-30 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt0407.dll + 2002-08-30 12:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\agt0408.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0409.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt040b.dll + 2002-08-30 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt040c.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt040d.dll + 2002-08-30 12:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\agt040e.dll + 2002-08-30 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0410.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0411.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0412.dll + 2002-08-30 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0413.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0414.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0415.dll + 2002-08-30 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0416.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0419.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041d.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041f.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0804.dll + 2002-08-30 12:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0816.dll + 2002-08-30 12:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0c0a.dll - 2002-08-30 12:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agtintl.dll + 2004-08-19 23:09:19 24,064 -c----w c:\windows\$NtServicePackUninstall$\agtintl.dll - 2002-08-30 12:00:00 91,648 -c----w c:\windows\$NtServicePackUninstall$\ahui.exe + 2004-08-19 23:09:50 92,160 -c----w c:\windows\$NtServicePackUninstall$\ahui.exe - 2002-08-30 12:00:00 41,984 -c----w c:\windows\$NtServicePackUninstall$\alg.exe + 2004-08-19 23:09:51 44,544 -c----w c:\windows\$NtServicePackUninstall$\alg.exe + 2004-08-04 06:07:41 42,752 -c----w c:\windows\$NtServicePackUninstall$\alim1541.sys - 2002-08-30 12:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\alrsvc.dll + 2004-08-19 23:09:19 17,408 -c----w c:\windows\$NtServicePackUninstall$\alrsvc.dll + 2004-08-04 06:07:42 43,008 -c----w c:\windows\$NtServicePackUninstall$\amdagp.sys - 2002-08-30 12:00:00 34,816 -c----w c:\windows\$NtServicePackUninstall$\amdk6.sys + 2004-08-19 22:52:41 41,216 -c----w c:\windows\$NtServicePackUninstall$\amdk6.sys - 2002-08-30 12:00:00 35,328 -c----w c:\windows\$NtServicePackUninstall$\amdk7.sys + 2004-08-19 22:52:42 41,600 -c----w c:\windows\$NtServicePackUninstall$\amdk7.sys - 2002-08-30 12:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\amstream.dll + 2004-08-19 23:09:19 70,656 -c----w c:\windows\$NtServicePackUninstall$\amstream.dll - 2002-08-30 12:00:00 115,712 -c----w c:\windows\$NtServicePackUninstall$\apphelp.dll + 2004-08-19 23:09:19 126,976 -c----w c:\windows\$NtServicePackUninstall$\apphelp.dll + 2004-08-19 23:09:19 334,336 -c----w c:\windows\$NtServicePackUninstall$\aqueue.dll - 2002-08-30 12:00:00 57,344 -c----w c:\windows\$NtServicePackUninstall$\arp1394.sys + 2004-08-04 05:58:29 60,800 -c----w c:\windows\$NtServicePackUninstall$\arp1394.sys - 2002-08-30 12:00:00 77,824 -c----w c:\windows\$NtServicePackUninstall$\asycfilt.dll + 2004-08-19 23:09:19 65,024 -c----w c:\windows\$NtServicePackUninstall$\asycfilt.dll - 2002-08-30 12:00:00 13,568 -c----w c:\windows\$NtServicePackUninstall$\asyncmac.sys + 2004-08-04 06:05:03 14,336 -c----w c:\windows\$NtServicePackUninstall$\asyncmac.sys - 2002-08-30 12:00:00 22,528 -c----w c:\windows\$NtServicePackUninstall$\at.exe + 2004-08-19 23:09:51 25,088 -c----w c:\windows\$NtServicePackUninstall$\at.exe - 2002-08-30 12:00:00 86,912 -c----w c:\windows\$NtServicePackUninstall$\atapi.sys + 2004-08-04 05:59:42 95,360 -c----w c:\windows\$NtServicePackUninstall$\atapi.sys + 2004-08-19 23:09:19 229,376 -c----w c:\windows\$NtServicePackUninstall$\ati2cqag.dll + 2004-08-19 23:09:19 377,984 -c----w c:\windows\$NtServicePackUninstall$\ati2dvaa.dll + 2004-08-19 23:09:19 201,728 -c----w c:\windows\$NtServicePackUninstall$\ati2dvag.dll + 2004-08-19 23:09:19 870,784 -c----w c:\windows\$NtServicePackUninstall$\ati3d1ag.dll + 2004-08-19 23:09:19 1,057,760 -c----w c:\windows\$NtServicePackUninstall$\ati3d2ag.dll + 2004-08-19 23:09:19 1,888,992 -c----w c:\windows\$NtServicePackUninstall$\ati3duag.dll + 2004-08-19 23:09:19 32,768 -c----w c:\windows\$NtServicePackUninstall$\ativtmxx.dll + 2004-08-19 23:09:19 516,768 -c----w c:\windows\$NtServicePackUninstall$\ativvaxx.dll - 2002-08-30 12:00:00 74,810 -c----w c:\windows\$NtServicePackUninstall$\atl.dll + 2004-08-19 23:09:19 58,880 -c----w c:\windows\$NtServicePackUninstall$\atl.dll - 2002-08-30 12:00:00 10,240 -c----w c:\windows\$NtServicePackUninstall$\atmadm.exe + 2004-08-19 23:09:51 11,264 -c----w c:\windows\$NtServicePackUninstall$\atmadm.exe - 2002-08-30 12:00:00 57,216 -c----w c:\windows\$NtServicePackUninstall$\atmarpc.sys + 2004-08-04 05:58:30 59,904 -c----w c:\windows\$NtServicePackUninstall$\atmarpc.sys - 2002-08-30 12:00:00 272,768 -c----w c:\windows\$NtServicePackUninstall$\atmfd.dll + 2004-08-19 23:08:01 285,696 -c----w c:\windows\$NtServicePackUninstall$\atmfd.dll - 2002-08-30 12:00:00 53,888 -c----w c:\windows\$NtServicePackUninstall$\atmlane.sys + 2004-08-04 05:58:34 55,936 -c----w c:\windows\$NtServicePackUninstall$\atmlane.sys - 2002-08-30 12:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\atmlib.dll + 2004-08-19 23:09:20 30,208 -c----w c:\windows\$NtServicePackUninstall$\atmlib.dll + 2002-08-30 12:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\attrib.exe + 2004-08-19 23:09:20 21,183 -c----w c:\windows\$NtServicePackUninstall$\atv01nt5.dll + 2004-08-19 23:09:20 11,359 -c----w c:\windows\$NtServicePackUninstall$\atv02nt5.dll + 2004-08-19 23:09:20 25,471 -c----w c:\windows\$NtServicePackUninstall$\atv04nt5.dll + 2004-08-19 23:09:20 14,143 -c----w c:\windows\$NtServicePackUninstall$\atv06nt5.dll + 2004-08-19 23:09:20 17,279 -c----w c:\windows\$NtServicePackUninstall$\atv10nt5.dll - 2002-08-30 12:00:00 38,912 -c----w c:\windows\$NtServicePackUninstall$\audiosrv.dll + 2004-08-19 23:09:20 42,496 -c----w c:\windows\$NtServicePackUninstall$\audiosrv.dll + 2004-08-19 23:09:51 14,336 -c----w c:\windows\$NtServicePackUninstall$\auditusr.exe - 2002-05-14 10:08:54 20,540 -c----w c:\windows\$NtServicePackUninstall$\author.dll + 2004-08-19 23:09:20 20,540 -c----w c:\windows\$NtServicePackUninstall$\author.dll - 2002-05-14 10:08:54 16,439 -c----w c:\windows\$NtServicePackUninstall$\author.exe + 2004-08-19 23:09:51 16,439 -c----w c:\windows\$NtServicePackUninstall$\author.exe - 2002-08-30 12:00:00 51,200 -c----w c:\windows\$NtServicePackUninstall$\authz.dll + 2005-03-02 18:10:36 56,832 -c----w c:\windows\$NtServicePackUninstall$\authz.dll - 2002-08-30 12:00:00 602,112 -c----w c:\windows\$NtServicePackUninstall$\autochk.exe + 2004-08-19 23:09:51 625,152 -c----w c:\windows\$NtServicePackUninstall$\autochk.exe - 2002-08-30 12:00:00 614,912 -c----w c:\windows\$NtServicePackUninstall$\autoconv.exe + 2004-08-19 23:09:51 638,976 -c----w c:\windows\$NtServicePackUninstall$\autoconv.exe - 2002-08-30 12:00:00 594,944 -c----w c:\windows\$NtServicePackUninstall$\autofmt.exe + 2004-08-19 23:09:51 616,960 -c----w c:\windows\$NtServicePackUninstall$\autofmt.exe - 2002-08-30 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\autolfn.exe + 2004-08-19 23:09:51 11,264 -c----w c:\windows\$NtServicePackUninstall$\autolfn.exe + 2004-08-04 06:10:10 38,912 -c----w c:\windows\$NtServicePackUninstall$\avc.sys + 2004-08-04 06:09:58 13,696 -c----w c:\windows\$NtServicePackUninstall$\avcstrm.sys - 2002-08-30 12:00:00 76,800 -c----w c:\windows\$NtServicePackUninstall$\avifil32.dll + 2004-08-19 23:09:20 85,504 -c----w c:\windows\$NtServicePackUninstall$\avifil32.dll + 2008-06-29 21:49:45 2,678 -c----w c:\windows\$NtServicePackUninstall$\b57x3hzx.dat - 2002-08-30 12:00:00 44,032 -c----w c:\windows\$NtServicePackUninstall$\basesrv.dll + 2004-08-19 23:09:20 52,736 -c----w c:\windows\$NtServicePackUninstall$\basesrv.dll - 2002-08-30 12:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\batmeter.dll + 2004-08-19 23:09:20 30,208 -c----w c:\windows\$NtServicePackUninstall$\batmeter.dll - 2002-08-30 12:00:00 6,656 -c----w c:\windows\$NtServicePackUninstall$\batt.dll + 2004-08-19 23:09:20 14,336 -c----w c:\windows\$NtServicePackUninstall$\batt.dll + 2004-08-04 06:10:12 11,776 -c----w c:\windows\$NtServicePackUninstall$\bdasup.sys - 2002-08-30 12:00:00 14,848 -c----w c:\windows\$NtServicePackUninstall$\bidispl.dll + 2004-08-19 23:09:20 17,408 -c----w c:\windows\$NtServicePackUninstall$\bidispl.dll - 2004-07-01 22:08:13 7,680 -c----w c:\windows\$NtServicePackUninstall$\bitsprx2.dll + 2004-08-19 23:09:20 8,192 -c----w c:\windows\$NtServicePackUninstall$\bitsprx2.dll - 2004-07-01 22:08:13 7,168 -c----w c:\windows\$NtServicePackUninstall$\bitsprx3.dll + 2004-08-19 23:09:20 7,168 -c----w c:\windows\$NtServicePackUninstall$\bitsprx3.dll + 2004-08-19 23:09:51 71,680 -c----w c:\windows\$NtServicePackUninstall$\blastcln.exe - 2002-08-30 12:00:00 68,864 -c----w c:\windows\$NtServicePackUninstall$\bridge.sys + 2004-08-04 05:59:57 71,552 -c----w c:\windows\$NtServicePackUninstall$\bridge.sys - 2002-08-30 12:00:00 69,632 -c----w c:\windows\$NtServicePackUninstall$\browselc.dll + 2004-08-19 23:08:02 70,144 -c----w c:\windows\$NtServicePackUninstall$\browselc.dll - 2002-08-30 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\browser.dll + 2004-08-19 23:09:20 77,312 -c----w c:\windows\$NtServicePackUninstall$\browser.dll - 2002-08-30 12:00:00 1,022,464 -c----w c:\windows\$NtServicePackUninstall$\browseui.dll + 2008-08-20 05:37:16 1,045,504 -c----w c:\windows\$NtServicePackUninstall$\browseui.dll - 2002-08-30 12:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\browsewm.dll + 2004-08-19 23:09:20 78,336 -c----w c:\windows\$NtServicePackUninstall$\browsewm.dll + 2004-08-19 23:09:20 20,992 -c----w c:\windows\$NtServicePackUninstall$\bthci.dll + 2004-08-04 06:10:38 17,024 -c----w c:\windows\$NtServicePackUninstall$\bthenum.sys + 2004-08-04 06:10:38 38,016 -c----w c:\windows\$NtServicePackUninstall$\bthmodem.sys + 2004-08-04 05:58:38 100,992 -c----w c:\windows\$NtServicePackUninstall$\bthpan.sys + 2008-06-14 17:59:52 272,768 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys + 2008-06-14 17:59:52 272,768 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys.001 + 2004-08-04 06:10:37 35,456 -c----w c:\windows\$NtServicePackUninstall$\bthprint.sys + 2004-08-19 23:09:20 30,208 -c----w c:\windows\$NtServicePackUninstall$\bthserv.dll + 2004-08-04 06:10:34 18,944 -c----w c:\windows\$NtServicePackUninstall$\bthusb.sys + 2004-08-19 23:09:20 50,688 -c----w c:\windows\$NtServicePackUninstall$\btpanui.dll + 2002-08-30 12:00:00 218,112 -c----w c:\windows\$NtServicePackUninstall$\c_g18030.dll - 2002-08-30 12:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\cabinet.dll + 2004-08-19 23:09:20 59,904 -c----w c:\windows\$NtServicePackUninstall$\cabinet.dll - 2002-08-30 12:00:00 81,408 -c----w c:\windows\$NtServicePackUninstall$\cabview.dll + 2004-08-19 23:09:20 85,504 -c----w c:\windows\$NtServicePackUninstall$\cabview.dll + 2002-08-30 12:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\cacls.exe - 2002-08-30 12:00:00 360,448 -c----w c:\windows\$NtServicePackUninstall$\callcont.dll + 2004-08-19 23:09:20 385,024 -c----w c:\windows\$NtServicePackUninstall$\callcont.dll - 2002-08-30 12:00:00 45,056 -c----w c:\windows\$NtServicePackUninstall$\camocx.dll + 2004-08-19 23:09:20 50,688 -c----w c:\windows\$NtServicePackUninstall$\camocx.dll + 2002-08-30 12:00:00 146,432 -c----w c:\windows\$NtServicePackUninstall$\capesnpn.dll - 2002-08-30 12:00:00 215,040 -c----w c:\windows\$NtServicePackUninstall$\catsrv.dll + 2005-07-26 04:39:54 225,792 -c----w c:\windows\$NtServicePackUninstall$\catsrv.dll - 2002-08-30 12:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\catsrvps.dll + 2004-08-19 23:09:20 85,504 -c----w c:\windows\$NtServicePackUninstall$\catsrvps.dll - 2002-08-30 12:00:00 582,656 -c----w c:\windows\$NtServicePackUninstall$\catsrvut.dll + 2005-07-26 04:39:54 625,152 -c----w c:\windows\$NtServicePackUninstall$\catsrvut.dll + 2004-08-04 06:10:16 17,024 -c----w c:\windows\$NtServicePackUninstall$\ccdecode.sys - 2002-08-30 12:00:00 59,648 -c----w c:\windows\$NtServicePackUninstall$\cdfs.sys + 2004-08-04 06:14:10 63,744 -c----w c:\windows\$NtServicePackUninstall$\cdfs.sys - 2002-08-30 12:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\cdfview.dll + 2008-08-20 05:37:14 152,064 -c----w c:\windows\$NtServicePackUninstall$\cdfview.dll + 2004-08-19 23:09:20 66,560 -c----w c:\windows\$NtServicePackUninstall$\cdm.dll - 2002-08-30 12:00:00 2,028,032 -c----w c:\windows\$NtServicePackUninstall$\cdosys.dll + 2005-09-10 01:55:14 2,067,968 -c----w c:\windows\$NtServicePackUninstall$\cdosys.dll - 2002-08-30 12:00:00 47,488 -c----w c:\windows\$NtServicePackUninstall$\cdrom.sys + 2004-08-04 05:59:52 49,536 -c----w c:\windows\$NtServicePackUninstall$\cdrom.sys - 2002-08-30 12:00:00 192,512 -c----w c:\windows\$NtServicePackUninstall$\certcli.dll + 2004-08-19 23:09:20 200,192 -c----w c:\windows\$NtServicePackUninstall$\certcli.dll - 2002-08-30 12:00:00 446,976 -c----w c:\windows\$NtServicePackUninstall$\certmgr.dll + 2004-08-19 23:09:20 467,968 -c----w c:\windows\$NtServicePackUninstall$\certmgr.dll - 2002-08-30 12:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\cfgbkend.dll + 2004-08-19 23:09:20 39,424 -c----w c:\windows\$NtServicePackUninstall$\cfgbkend.dll - 2002-08-30 12:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\cfgmgr32.dll + 2004-08-19 23:08:02 16,896 -c----w c:\windows\$NtServicePackUninstall$\cfgmgr32.dll - 2002-05-14 10:08:54 188,480 -c----w c:\windows\$NtServicePackUninstall$\cfgwiz.exe + 2004-08-19 23:09:51 188,480 -c----w c:\windows\$NtServicePackUninstall$\cfgwiz.exe + 2004-08-19 23:09:20 15,423 -c----w c:\windows\$NtServicePackUninstall$\ch7xxnt5.dll + 2004-08-04 06:00:12 8,192 -c----w c:\windows\$NtServicePackUninstall$\changer.sys + 2002-08-30 12:00:00 97,792 -c----w c:\windows\$NtServicePackUninstall$\chtmbx.dll + 2002-08-30 12:00:00 56,320 -c----w c:\windows\$NtServicePackUninstall$\chtskdic.dll + 2002-08-30 12:00:00 173,568 -c----w c:\windows\$NtServicePackUninstall$\chtskf.dll + 2002-08-30 12:00:00 109,568 -c----w c:\windows\$NtServicePackUninstall$\cic.dll - 2002-08-30 12:00:00 1,268,224 -c----w c:\windows\$NtServicePackUninstall$\cimwin32.dll + 2004-08-19 23:09:20 1,352,704 -c----w c:\windows\$NtServicePackUninstall$\cimwin32.dll - 2002-08-30 12:00:00 201,216 -c----w c:\windows\$NtServicePackUninstall$\cintime.dll + 2004-08-04 05:31:52 198,656 -c----w c:\windows\$NtServicePackUninstall$\cintime.dll - 2002-08-30 12:00:00 64,512 -c----w c:\windows\$NtServicePackUninstall$\ciodm.dll + 2006-06-22 05:13:45 69,120 -c----w c:\windows\$NtServicePackUninstall$\ciodm.dll - 2002-08-30 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\cisvc.exe + 2004-08-19 23:09:51 5,632 -c----w c:\windows\$NtServicePackUninstall$\cisvc.exe - 2002-08-30 12:00:00 46,336 -c----w c:\windows\$NtServicePackUninstall$\classpnp.sys + 2004-08-04 06:14:26 49,664 -c----w c:\windows\$NtServicePackUninstall$\classpnp.sys - 2002-08-30 12:00:00 100,864 -c----w c:\windows\$NtServicePackUninstall$\clbcatex.dll + 2005-07-26 04:39:55 110,080 -c----w c:\windows\$NtServicePackUninstall$\clbcatex.dll - 2002-08-30 12:00:00 468,480 -c----w c:\windows\$NtServicePackUninstall$\clbcatq.dll + 2005-07-26 04:39:55 498,688 -c----w c:\windows\$NtServicePackUninstall$\clbcatq.dll - 2002-08-30 12:00:00 62,976 -c----w c:\windows\$NtServicePackUninstall$\cleanmgr.exe + 2004-08-19 23:09:51 522,752 -c----w c:\windows\$NtServicePackUninstall$\cleanmgr.exe - 2002-08-30 12:00:00 127,552 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.dll + 2004-08-19 23:09:20 77,824 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.dll - 2002-08-30 12:00:00 45,632 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.exe + 2004-08-19 23:09:51 20,480 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.exe - 2002-08-30 12:00:00 100,352 -c----w c:\windows\$NtServicePackUninstall$\clipbrd.exe + 2004-08-19 23:09:51 104,448 -c----w c:\windows\$NtServicePackUninstall$\clipbrd.exe - 2002-08-30 12:00:00 30,720 -c----w c:\windows\$NtServicePackUninstall$\clipsrv.exe + 2004-08-19 23:09:51 33,280 -c----w c:\windows\$NtServicePackUninstall$\clipsrv.exe - 2002-08-30 12:00:00 54,272 -c----w c:\windows\$NtServicePackUninstall$\clusapi.dll + 2004-08-19 23:09:20 57,856 -c----w c:\windows\$NtServicePackUninstall$\clusapi.dll + 2004-08-04 06:07:39 14,080 -c----w c:\windows\$NtServicePackUninstall$\cmbatt.sys - 2002-08-30 12:00:00 12,288 -c----w c:\windows\$NtServicePackUninstall$\cmcfg32.dll + 2004-08-19 23:09:20 15,872 -c----w c:\windows\$NtServicePackUninstall$\cmcfg32.dll - 2002-08-30 12:00:00 388,096 -c----w c:\windows\$NtServicePackUninstall$\cmd.exe + 2004-08-19 23:09:51 539,136 -c----w c:\windows\$NtServicePackUninstall$\cmd.exe - 2002-08-30 12:00:00 333,824 -c----w c:\windows\$NtServicePackUninstall$\cmdial32.dll + 2004-08-19 23:09:20 352,256 -c----w c:\windows\$NtServicePackUninstall$\cmdial32.dll - 2002-08-30 12:00:00 41,472 -c----w c:\windows\$NtServicePackUninstall$\cmdl32.exe + 2004-08-19 23:09:51 47,104 -c----w c:\windows\$NtServicePackUninstall$\cmdl32.exe - 2002-08-30 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\cmmon32.exe + 2004-08-19 23:09:51 40,448 -c----w c:\windows\$NtServicePackUninstall$\cmmon32.exe - 2002-08-30 12:00:00 180,736 -c----w c:\windows\$NtServicePackUninstall$\cmprops.dll + 2004-08-19 23:09:20 191,488 -c----w c:\windows\$NtServicePackUninstall$\cmprops.dll + 2004-08-19 23:09:20 13,824 -c----w c:\windows\$NtServicePackUninstall$\cmsetacl.dll - 2002-08-30 12:00:00 56,832 -c----w c:\windows\$NtServicePackUninstall$\cmstp.exe + 2004-08-19 23:09:51 65,536 -c----w c:\windows\$NtServicePackUninstall$\cmstp.exe - 2002-08-30 12:00:00 37,888 -c----w c:\windows\$NtServicePackUninstall$\cmutil.dll + 2004-08-19 23:09:20 40,960 -c----w c:\windows\$NtServicePackUninstall$\cmutil.dll - 2002-08-30 12:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\cnbjmon.dll + 2004-08-19 23:09:20 50,688 -c----w c:\windows\$NtServicePackUninstall$\cnbjmon.dll + 2004-08-19 23:09:20 83,968 -c----w c:\windows\$NtServicePackUninstall$\cnbjmon2.dll - 2002-08-30 12:00:00 56,832 -c----w c:\windows\$NtServicePackUninstall$\colbact.dll + 2005-07-26 04:39:55 60,416 -c----w c:\windows\$NtServicePackUninstall$\colbact.dll + 2002-08-30 12:00:00 25,600 -c----w c:\windows\$NtServicePackUninstall$\comaddin.dll - 2002-08-30 12:00:00 186,880 -c----w c:\windows\$NtServicePackUninstall$\comadmin.dll + 2005-07-26 04:39:56 195,072 -c----w c:\windows\$NtServicePackUninstall$\comadmin.dll - 2002-08-30 12:00:00 557,056 -c----w c:\windows\$NtServicePackUninstall$\comctl32.dll + 2006-08-25 15:51:14 617,472 -c----w c:\windows\$NtServicePackUninstall$\comctl32.dll - 2002-08-30 12:00:00 262,656 -c----w c:\windows\$NtServicePackUninstall$\comdlg32.dll + 2004-08-19 23:09:21 281,088 -c----w c:\windows\$NtServicePackUninstall$\comdlg32.dll - 2002-08-30 12:00:00 239,104 -c----w c:\windows\$NtServicePackUninstall$\compatui.dll + 2004-08-19 23:09:21 253,440 -c----w c:\windows\$NtServicePackUninstall$\compatui.dll - 2002-08-30 12:00:00 223,744 -c----w c:\windows\$NtServicePackUninstall$\compstui.dll + 2004-08-19 23:09:21 230,912 -c----w c:\windows\$NtServicePackUninstall$\compstui.dll + 2005-07-26 04:39:56 97,792 -c----w c:\windows\$NtServicePackUninstall$\comrepl.dll - 2002-08-30 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\comrepl.exe + 2004-08-19 23:09:51 9,728 -c----w c:\windows\$NtServicePackUninstall$\comrepl.exe + 2002-08-30 12:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\comrereg.exe - 2002-08-30 12:00:00 851,968 -c----w c:\windows\$NtServicePackUninstall$\comres.dll + 2004-08-19 23:09:21 851,968 -c----w c:\windows\$NtServicePackUninstall$\comres.dll + 2002-08-30 12:00:00 259,584 -c----w c:\windows\$NtServicePackUninstall$\comsetup.dll + 2002-08-30 12:00:00 147,456 -c----w c:\windows\$NtServicePackUninstall$\comsnap.dll - 2002-08-30 12:00:00 1,172,992 -c----w c:\windows\$NtServicePackUninstall$\comsvcs.dll + 2005-07-26 04:39:57 1,267,200 -c----w c:\windows\$NtServicePackUninstall$\comsvcs.dll - 2002-08-30 12:00:00 495,616 -c----w c:\windows\$NtServicePackUninstall$\comuid.dll + 2005-07-26 04:39:57 540,160 -c----w c:\windows\$NtServicePackUninstall$\comuid.dll - 2002-08-30 12:00:00 1,007,616 -c----w c:\windows\$NtServicePackUninstall$\conf.exe + 2004-08-19 23:09:51 1,044,480 -c----w c:\windows\$NtServicePackUninstall$\conf.exe - 2002-08-30 12:00:00 45,056 -c----w c:\windows\$NtServicePackUninstall$\confmrsl.dll + 2004-08-19 23:09:21 45,056 -c----w c:\windows\$NtServicePackUninstall$\confmrsl.dll + 2002-08-30 12:00:00 346,112 -c----w c:\windows\$NtServicePackUninstall$\confmsp.dll - 2002-08-30 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\conime.exe + 2004-08-19 23:09:51 27,648 -c----w c:\windows\$NtServicePackUninstall$\conime.exe - 2002-08-30 12:00:00 14,877 -c----w c:\windows\$NtServicePackUninstall$\corpol.dll + 2004-08-19 23:09:21 35,328 -c----w c:\windows\$NtServicePackUninstall$\corpol.dll - 2002-08-30 12:00:00 160,768 -c----w c:\windows\$NtServicePackUninstall$\credui.dll + 2004-08-19 23:09:21 336,896 -c----w c:\windows\$NtServicePackUninstall$\credui.dll - 2002-08-30 12:00:00 34,304 -c----w c:\windows\$NtServicePackUninstall$\crusoe.sys + 2004-08-19 22:59:24 40,704 -c----w c:\windows\$NtServicePackUninstall$\crusoe.sys - 2002-08-30 12:00:00 564,736 -c----w c:\windows\$NtServicePackUninstall$\crypt32.dll + 2004-08-19 23:09:21 604,672 -c----w c:\windows\$NtServicePackUninstall$\crypt32.dll - 2002-08-30 12:00:00 71,168 -c----w c:\windows\$NtServicePackUninstall$\cryptdlg.dll + 2004-08-19 23:09:21 75,776 -c----w c:\windows\$NtServicePackUninstall$\cryptdlg.dll - 2002-08-30 12:00:00 29,184 -c----w c:\windows\$NtServicePackUninstall$\cryptdll.dll + 2004-08-19 23:09:21 33,280 -c----w c:\windows\$NtServicePackUninstall$\cryptdll.dll - 2002-08-30 12:00:00 49,664 -c----w c:\windows\$NtServicePackUninstall$\cryptext.dll + 2004-08-19 23:09:21 54,784 -c----w c:\windows\$NtServicePackUninstall$\cryptext.dll - 2002-08-30 12:00:00 53,248 -c----w c:\windows\$NtServicePackUninstall$\cryptnet.dll + 2004-08-19 23:09:21 63,488 -c----w c:\windows\$NtServicePackUninstall$\cryptnet.dll - 2002-08-30 12:00:00 53,248 -c----w c:\windows\$NtServicePackUninstall$\cryptsvc.dll + 2004-08-19 23:09:21 60,416 -c----w c:\windows\$NtServicePackUninstall$\cryptsvc.dll - 2002-08-30 12:00:00 488,960 -c----w c:\windows\$NtServicePackUninstall$\cryptui.dll + 2004-08-19 23:09:21 530,432 -c----w c:\windows\$NtServicePackUninstall$\cryptui.dll - 2002-08-30 12:00:00 90,624 -c----w c:\windows\$NtServicePackUninstall$\cscdll.dll + 2004-08-19 23:09:21 102,912 -c----w c:\windows\$NtServicePackUninstall$\cscdll.dll - 2002-08-30 12:00:00 102,450 -c----w c:\windows\$NtServicePackUninstall$\cscript.exe + 2004-08-19 23:09:51 98,304 -c----w c:\windows\$NtServicePackUninstall$\cscript.exe - 2002-08-30 12:00:00 318,464 -c----w c:\windows\$NtServicePackUninstall$\cscui.dll + 2004-08-19 23:09:21 337,920 -c----w c:\windows\$NtServicePackUninstall$\cscui.dll - 2002-08-30 12:00:00 29,184 -c----w c:\windows\$NtServicePackUninstall$\csrsrv.dll + 2004-08-19 23:09:21 32,768 -c----w c:\windows\$NtServicePackUninstall$\csrsrv.dll - 2002-08-30 12:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\csrss.exe + 2004-08-19 23:09:51 6,144 -c----w c:\windows\$NtServicePackUninstall$\csrss.exe - 2002-08-30 12:00:00 13,312 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe + 2004-08-19 23:09:51 15,360 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe + 2004-08-19 23:09:21 252,416 -c----w c:\windows\$NtServicePackUninstall$\ctmasetp.dll + 2004-08-19 23:09:21 28,672 -c----w c:\windows\$NtServicePackUninstall$\custsat.dll - 2002-08-30 12:00:00 1,180,672 -c----w c:\windows\$NtServicePackUninstall$\d3d8.dll + 2004-08-19 23:09:21 1,179,648 -c----w c:\windows\$NtServicePackUninstall$\d3d8.dll - 2002-08-30 12:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\d3d8thk.dll + 2004-08-19 23:09:21 8,192 -c----w c:\windows\$NtServicePackUninstall$\d3d8thk.dll + 2004-08-19 23:09:21 1,689,088 -c----w c:\windows\$NtServicePackUninstall$\d3d9.dll - 2002-08-30 12:00:00 791,040 -c----w c:\windows\$NtServicePackUninstall$\d3dim700.dll + 2004-08-19 23:09:22 825,344 -c----w c:\windows\$NtServicePackUninstall$\d3dim700.dll - 2002-08-30 12:00:00 988,672 -c----w c:\windows\$NtServicePackUninstall$\danim.dll + 2008-08-20 05:37:14 1,056,768 -c----w c:\windows\$NtServicePackUninstall$\danim.dll - 2002-08-30 12:00:00 557,128 -c----w c:\windows\$NtServicePackUninstall$\dao360.dll + 2004-08-19 23:09:22 561,179 -c----w c:\windows\$NtServicePackUninstall$\dao360.dll - 2002-08-30 12:00:00 52,736 -c----w c:\windows\$NtServicePackUninstall$\dataclen.dll + 2004-08-19 23:09:22 55,296 -c----w c:\windows\$NtServicePackUninstall$\dataclen.dll + 2002-08-30 12:00:00 152,064 -c----w c:\windows\$NtServicePackUninstall$\datime.dll - 2002-08-30 12:00:00 22,528 -c----w c:\windows\$NtServicePackUninstall$\davclnt.dll + 2004-08-19 23:09:22 25,088 -c----w c:\windows\$NtServicePackUninstall$\davclnt.dll - 2002-08-30 12:

crapoulou · Answer

Le rapport n'est pas complet.

Internet a du mal a s'ouvrir...

32 réponses

Discussions similaires

Newsletters