Virus au travaille [Résolu]
Forum Sécurité - Virus : Virus au travaille [Résolu]
salut j'ai un problème avec le virus au travaille .
j'ai lu les sujet qui en parle et il été écrit :
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport donc c'est ce que je fait
d'avance merci pour les réponses
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:53:03 AM, on 5/1/2009
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Boot mode: Normal
Running processes:
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ms1240579911.exe
C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\MSN Messenger\usnsvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Travaillez plus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Au travail !Arrêtez de surfer!
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [rgc10mj0et9p] C:\WINDOWS\syswow64\qgc70mj0et9p.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\acrobat reader\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InetChk] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ms1240579911.exe work
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\1349250.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\1349250.dll
O21 - SSODL: XESJc - {708EEAB4-DA24-401E-4C89-EFA881DD782C} - C:\WINDOWS\SysWow64\anummj.dll
O23 - Service: Application Experience Lookup Service (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Application Management (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Windows Audio (AudioSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Computer Browser (Browser) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Cryptographic Services (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: DHCP Client (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Logical Disk Manager (dmserver) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: DNS Client (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Error Reporting Service (ERSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: COM+ Event System (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Help and Support (helpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: HID Input Service (HidServ) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IAS Jet Database Access (IASJet) - Unknown owner - C:\WINDOWS\SysWOW64\svchost.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Server (lanmanserver) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: TCP/IP NetBIOS Helper (LmHosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Connections (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Removable Storage (NtmsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Remote Access Connection Manager (RasMan) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Remote Registry (RemoteRegistry) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Secondary Logon (seclogon) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: System Event Notification (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Shell Hardware Detection (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: System Restore Service (srservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: SSDP Discovery Service (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Windows Image Acquisition (WIA) (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Microsoft Software Shadow Copy Provider (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Telephony (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Terminal Services (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Themes - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Universal Plug and Play Device Host (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: Windows Time (W32Time) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: WebClient - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Windows Management Instrumentation (winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Portable Media Serial Number Service (WmdmPmSN) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Wireless Configuration (WZCSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Network Provisioning Service (xmlprov) - Unknown owner - C:\WINDOWS\System32\svchost.exe
--
End of file - 10812 bytes
Message édité par cyrilkiller le 04-05-2009 à 10:05:10
Bonjour,
- Télécharge UsbFix (de C_XX & Chiquitine29) sur ton Bureau.
- Lance l'installation avec les paramètres par défaut.
- Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
- Double-clique sur le raccourci UsbFix sur ton Bureau.
- Choisis l'option 1 (Recherche).
- Laisse travailler l'outil.
- Poste le rapport UsbFix.txt.
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
j'ai fait tout ce que tu m'as dit mais quand je Double-clique sur le raccourci UsbFix sur ton Bureau.
il dit version non supportée
usbfix ne peut continuer a s'éxecuter
c'est peut etre du au XP 64 bit
Ça va être embêtant.
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
ya encore un message d'erreur quand j'installe rsit lol
laisse tombé c'est pas grave je peut vivre avec .
encore merci a++
- Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
- Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
- Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
- Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
- Sélectionne Exécuter un examen rapide.
- Clique sur Rechercher. L'analyse démarre.
- A la fin de l'analyse, un message s'affiche :
| Citation : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés. |
- Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
- Ferme tes navigateurs.
- Si des malwares ont été détectés, clique sur Afficher les résultats.
- Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
- MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
sa a marché voici le rapport de mbam
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2062
Windows 5.2.3790 Service Pack 1
5/1/2009 9:24:06 PM
mbam-log-2009-05-01 (21-24-06).txt
Type de recherche: Examen rapide
Eléments examinés: 66016
Temps écoulé: 1 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\inetchk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\Administrator\Local Settings\Temp\ms1240579911.exe work (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\rsyncini.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Drivers\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully.
- Relance MBAM, va dans Quarantaine et supprime tout.
- Télécharge OTViewIt sur ton Bureau.
- Ferme toutes les fenêtres et applications.
- Double-clique sur l'icône d'OTviewIT pour le lancer.
- Clique sur le bouton Run Scan et laisse le programme travailler sans l'interrompre.
- Il va produire deux rapports, l'un nommé OTViewIt.txt, et un autre nommé Extras qui sera sauvegardé sur ton Bureau. Merci de me poster les deux rapports dans ta prochaine réponse.
Message édité par Destrio5 le 01-05-2009 à 16:34:56
voila
OTViewIt logfile created on: 5/2/2009 4:38:46 AM - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows Server 2003 Service Pack 1 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 6.0.3790.1830)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 3.29 Gb Available Physical Memory | 82.35% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244.14 Gb Total Space | 238.59 Gb Free Space | 97.73% Space Free | Partition Type: NTFS
Drive D: | 244.14 Gb Total Space | 239.38 Gb Free Space | 98.05% Space Free | Partition Type: NTFS
Drive E: | 244.14 Gb Total Space | 225.72 Gb Free Space | 92.45% Space Free | Partition Type: NTFS
Drive F: | 443.21 Gb Total Space | 305.29 Gb Free Space | 68.88% Space Free | Partition Type: NTFS
Drive G: | 244.14 Gb Total Space | 235.10 Gb Free Space | 96.30% Space Free | Partition Type: NTFS
Drive H: | 443.21 Gb Total Space | 442.29 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive L: | 14.90 Gb Total Space | 9.17 Gb Free Space | 61.55% Space Free | Partition Type: FAT32
Computer Name: PRINCIPA-SE9PJ5
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[color=orange]========== Processes ==========[/color]
[2009/02/05 13:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2009/02/05 13:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2007/01/19 12:55:02 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSN Messenger\msnmsgr.exe
[2005/03/25 05:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\ctfmon.exe
[2009/02/19 04:00:00 | 00,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
[2008/11/06 12:24:22 | 00,526,856 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
[2009/02/05 13:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2009/02/05 13:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2009/04/10 10:29:08 | 00,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe
[2009/05/02 04:37:37 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe
[color=orange]========== (O23) Win32 Services ==========[/color]
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (AeLookupSvc [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Alerter [Disabled | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (AppMgmt [On_Demand | Stopped])
[2009/02/05 13:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (AudioSrv [Auto | Running])
[2009/02/05 13:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2009/02/05 13:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2009/02/05 13:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (BITS [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Browser [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (CryptSvc [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (DcomLaunch [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Dhcp [Auto | Running])
File not found -- -- (dmadmin [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (dmserver [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Dnscache [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (ERSvc [Auto | Running])
File not found -- -- (Eventlog [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (EventSystem [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (helpsvc [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (HidServ [Auto | Running])
File not found -- -- (HTTPFilter [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\SysWOW64\svchost.exe -- (IASJet [On_Demand | Stopped])
File not found -- -- (ImapiService [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (lanmanserver [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (lanmanworkstation [Auto | Running])
[2009/02/19 00:39:26 | 00,160,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (LmHosts [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Messenger [Disabled | Stopped])
File not found -- -- (MSDTC [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll -- (Netlogon [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Netman [On_Demand | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Nla [On_Demand | Running])
File not found -- -- (NtLmSsp [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (NtmsSvc [On_Demand | Stopped])
File not found -- -- (NVSvc [Auto | Running])
File not found -- -- (PlugPlay [Auto | Running])
File not found -- -- (PolicyAgent [Auto | Running])
File not found -- -- (ProtectedStorage [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (RasAuto [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (RasMan [On_Demand | Running])
File not found -- -- (RDSessMgr [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (RemoteAccess [Disabled | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (RemoteRegistry [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (RpcSs [Auto | Running])
File not found -- -- (SamSs [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Schedule [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (seclogon [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (SENS [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (SharedAccess [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (ShellHWDetection [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (srservice [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (SSDPSRV [On_Demand | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (stisvc [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (swprv [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (TapiSrv [On_Demand | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (TermService [On_Demand | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Themes [Auto | Running])
File not found -- -- (TlntSvr [Disabled | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (TrkWks [Auto | Running])
[2005/03/25 05:00:00 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (upnphost [Auto | Running])
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
File not found -- -- (vds [On_Demand | Stopped])
File not found -- -- (VSS [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (W32Time [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (WebClient [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (WinHttpAutoProxySvc [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (winmgmt [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (WmdmPmSN [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (Wmi [On_Demand | Stopped])
File not found -- -- (WmiApSrv [On_Demand | Stopped])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (wscsvc [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (wuauserv [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (WZCSVC [Auto | Running])
[2005/03/25 05:00:00 | 00,017,408 | ---- | M] () -- C:\WINDOWS\system32\svchost.exe -- (xmlprov [On_Demand | Stopped])
[color=orange]========== Driver Services ==========[/color]
File not found -- -- (Aavmker4 [System | Running])
File not found -- -- (ACPI [Boot | Running])
File not found -- -- (ADIHdAudAddService [On_Demand | Running])
File not found -- -- (AEAudio [On_Demand | Running])
File not found -- -- (AFD [System | Running])
File not found -- -- (Arp1394 [On_Demand | Running])
File not found -- -- (aswFsBlk [Auto | Running])
File not found -- -- (aswMonFlt [Auto | Running])
File not found -- -- (aswRdr [On_Demand | Running])
File not found -- -- (aswSP [System | Running])
File not found -- -- (aswTdi [System | Running])
File not found -- -- (atapi [Boot | Running])
File not found -- -- (audstub [On_Demand | Running])
File not found -- -- (Beep [System | Running])
File not found -- -- (CdaC15BA [Auto | Running])
File not found -- -- (CdaD10BA [Auto | Running])
File not found -- -- (Cdfs [Disabled | Running])
File not found -- -- (Cdrom [System | Running])
File not found -- -- (crcdisk [Boot | Running])
File not found -- -- (Disk [Boot | Running])
File not found -- -- (dmio [Boot | Running])
File not found -- -- (dmload [Boot | Running])
File not found -- -- (Fastfat [Disabled | Running])
File not found -- -- (Fdc [On_Demand | Running])
File not found -- -- (Fips [System | Running])
File not found -- -- (Flpydisk [On_Demand | Running])
File not found -- -- (FltMgr [Boot | Running])
File not found -- -- (Ftdisk [Boot | Running])
File not found -- -- (Gpc [On_Demand | Running])
File not found -- -- (HDAudBus [On_Demand | Running])
File not found -- -- (hidusb [On_Demand | Running])
File not found -- -- (HTTP [On_Demand | Running])
File not found -- -- (imapi [System | Running])
File not found -- -- (intelppm [On_Demand | Running])
File not found -- -- (IpNat [On_Demand | Running])
File not found -- -- (IPSec [System | Running])
File not found -- -- (isapnp [Boot | Running])
File not found -- -- (Kbdclass [System | Running])
File not found -- -- (kbdhid [System | Running])
File not found -- -- (kmixer [On_Demand | Running])
File not found -- -- (KSecDD [Boot | Running])
File not found -- -- (ksthunk [On_Demand | Running])
File not found -- -- (LHidFilt [On_Demand | Running])
File not found -- -- (LMouFilt [On_Demand | Running])
[2005/03/25 05:00:00 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll -- (mnmdd [System | Running])
File not found -- -- (Mouclass [System | Running])
File not found -- -- (mouhid [On_Demand | Running])
File not found -- -- (MountMgr [Boot | Running])
File not found -- -- (MRxDAV [On_Demand | Running])
File not found -- -- (MRxSmb [System | Running])
File not found -- -- (Msfs [System | Running])
File not found -- -- (mssmbios [On_Demand | Running])
File not found -- -- (MTsensor [On_Demand | Running])
File not found -- -- (Mup [Boot | Running])
File not found -- -- (NDIS [Boot | Running])
File not found -- -- (NdisTapi [On_Demand | Running])
File not found -- -- (Ndisuio [On_Demand | Running])
File not found -- -- (NdisWan [On_Demand | Running])
File not found -- -- (NDProxy [On_Demand | Running])
File not found -- -- (NetBIOS [System | Running])
File not found -- -- (NetBT [System | Running])
File not found -- -- (NIC1394 [On_Demand | Running])
File not found -- -- (Npfs [System | Running])
File not found -- -- (Ntfs [Disabled | Running])
File not found -- -- (Null [System | Running])
File not found -- -- (nv [On_Demand | Running])
File not found -- -- (ohci1394 [Boot | Running])
File not found -- -- (PartMgr [Boot | Running])
File not found -- -- (PCI [Boot | Running])
File not found -- -- (PCIIde [Boot | Running])
File not found -- -- (PptpMiniport [On_Demand | Running])
File not found -- -- (PSched [On_Demand | Running])
File not found -- -- (Ptilink [On_Demand | Running])
File not found -- -- (PxHlpa64 [Boot | Running])
File not found -- -- (RasAcd [System | Running])
File not found -- -- (Rasl2tp [On_Demand | Running])
File not found -- -- (RasPppoe [On_Demand | Running])
File not found -- -- (Raspti [On_Demand | Running])
File not found -- -- (Rdbss [System | Running])
File not found -- -- (RDPCDD [System | Running])
File not found -- -- (rdpdr [On_Demand | Running])
File not found -- -- (redbook [System | Running])
File not found -- -- (Secdrv [Auto | Running])
File not found -- -- (SenFiltService [On_Demand | Running])
File not found -- -- (sr [Boot | Running])
File not found -- -- (Srv [On_Demand | Running])
File not found -- -- (swenum [On_Demand | Running])
File not found -- -- (sysaudio [On_Demand | Running])
File not found -- -- (Tcpip [System | Running])
File not found -- -- (TermDD [System | Running])
File not found -- -- (Update [On_Demand | Running])
File not found -- -- (usbccgp [On_Demand | Running])
File not found -- -- (usbehci [On_Demand | Running])
File not found -- -- (usbhub [On_Demand | Running])
File not found -- -- (USBSTOR [On_Demand | Running])
File not found -- -- (usbuhci [On_Demand | Running])
File not found -- -- (VgaSave [System | Running])
File not found -- -- (VolSnap [Boot | Running])
File not found -- -- (Wanarp [On_Demand | Running])
File not found -- -- (Wdf01000 [On_Demand | Running])
[2005/03/25 05:00:00 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdmaud.drv -- (wdmaud [On_Demand | Running])
File not found -- -- (WmiAcpi [System | Running])
File not found -- -- (WS2IFSL [System | Running])
File not found -- -- (yukonx64 [On_Demand | Running])
[color=orange]========== (R ) Internet Explorer ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=Travaillez plus.com
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\SysWOW64\shdocvw.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[color=orange]========== (O1) Hosts File ==========[/color]
HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
[color=orange]========== (O2) BHO's ==========[/color]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
[color=orange]========== (O3) Toolbars ==========[/color]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}" (HKLM) -- C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}" (HKLM) -- C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
"{0E5CBF21-D15F-11D0-8301-00AA005B4383}" (HKLM) -- C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
[color=orange]========== (O4) Run Keys ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="D:\Program Files\acrobat reader\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe ()
"rgc10mj0et9p"=C:\WINDOWS\syswow64\qgc70mj0et9p.exe ()
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe ()
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe" ()
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
[color=orange]========== (O4) Startup Folders ==========[/color]
[2009/02/19 00:42:14 | 01,200,144 | ---- | M] (Logitech, Inc.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
[color=orange]========== (O6 & O7) Current Version Policies ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableTaskMgr"=0
"DisableRegistryTools"=1
[color=orange]========== (O9) IE Extensions ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %SystemDrive%\Program Files\Messenger\msmsgs.exe [2005/03/25 05:00:00 | 01,681,920 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %SystemDrive%\Program Files\Messenger\msmsgs.exe [2005/03/25 05:00:00 | 01,681,920 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %SystemDrive%\Program Files\Messenger\msmsgs.exe [Messenger] -> [2005/03/25 05:00:00 | 01,681,920 | ---- | M] (Microsoft Corporation)
[color=orange]========== (O12) Internet Explorer Plugins ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/contr [...] %s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
[color=orange]========== (O13) Default Prefixes ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
[color=orange]========== (O15) Trusted Sites ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.
[color=orange]========== (O16) DPF ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload.macromedia.com/g [...] wflash.cab -- Shockwave Flash Object
[color=orange]========== (O17) DNS Name Servers ==========[/color]
{46EEE154-BD96-48F8-B03E-83C5AFEF2823} (Servers: | Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller)
{C19F8936-F1A3-4E1F-BBC2-1EC830AF855A} (Servers: | Description: 1394 Net Adapter)
{D3116440-91C1-4B59-9515-41F7B6A7C615} (Servers: | Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller)
[color=orange]========== (O20) HKLM Winlogon Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=Explorer.exe
>[2005/03/25 05:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\explorer.exe
"System"=lsass.exe
>File not found --
[color=orange]========== (O20) Winlogon Notify Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
ScCertProp: "DllName" = wlnotify.dll -- File not found
Schedule: "DllName" = wlnotify.dll -- File not found
SensLogn: "DllName" = WlNotify.dll -- File not found
wlballoon: "DllName" = wlnotify.dll -- File not found
[color=orange]========== (O21) SSODL Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"CDBurn"={fbeb8a05-beee-4442-804e-409d6c4515e9} (HKLM) -- C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
"PostBootReminder"={7849596a-48ea-486e-8937-a2a3009f31a9} (HKLM) -- C:\WINDOWS\SysWOW64\shell32.dll (Microsoft Corporation)
"SysTray"={35CEC8A3-2BE6-11D2-8773-92E220524153} (HKLM) -- C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} (HKLM) -- C:\WINDOWS\SysWOW64\webcheck.dll (Microsoft Corporation)
"XESJc"={708EEAB4-DA24-401E-4C89-EFA881DD782C} (HKLM) -- C:\WINDOWS\SysWOW64\anummj.dll ()
[color=orange]========== (O22) Shared Task Scheduler ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}" (HKLM) = Browseui preloader -- C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
"{8C7461EF-2B13-11d2-BE35-3078302C2030}" (HKLM) = Component Categories cache daemon -- C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
[color=orange]========== Safeboot Options ==========[/color]
"AlternateShell"=cmd.exe
[color=orange]========== CDRom AutoRun Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
[color=orange]========== Autorun Files on Drives ==========[/color]
AUTOEXEC.BAT []
[2009/04/24 13:41:18 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
autorun.inf [[autorun] | open=wscript.exe antinul.vbe | shell\open=Open | shell\open\Command=wscript.exe antinul.vbe | ]
[2009/05/02 04:38:36 | 00,000,206 | RHS- | M] () -- L:\autorun.inf -- [ FAT32 ]
[color=orange]========== MountPoints2 ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2366ed89-3113-11de-9b3a-00248c240535}\Shell\AutoRun\command]
""=wscript.exe antinul.vbe
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2366ed89-3113-11de-9b3a-00248c240535}\Shell\open\Command]
""=wscript.exe antinul.vbe
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
[2 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/05/02 04:37:36 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe
[2009/05/01 21:20:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/05/01 21:20:47 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/01 21:20:47 | 00,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/01 21:20:45 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/01 21:20:44 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/05/01 21:20:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/01 21:18:38 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/05/01 12:11:13 | 00,000,000 | ---D | C] -- C:\rsit
[2009/05/01 09:30:37 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/05/01 08:52:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/05/01 06:48:24 | 00,000,000 | ---D | C] -- C:\FIX
[2009/05/01 06:45:59 | 00,000,000 | ---D | C] -- C:\FLEXLM
[2009/05/01 06:00:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\maya
[2009/04/30 06:41:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\dvdcss
[2009/04/29 10:54:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/04/29 06:54:25 | 00,000,268 | -H-- | C] () -- C:\sqmdata02.sqm
[2009/04/29 06:54:25 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt02.sqm
[2009/04/29 06:33:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Activision
[2009/04/29 06:32:25 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/04/29 06:32:25 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/04/29 06:32:24 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/04/29 06:32:24 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/04/29 06:32:23 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/04/29 06:32:23 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/04/29 06:32:22 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/04/29 06:32:22 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/04/29 06:32:21 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/04/29 06:32:21 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/04/29 06:32:20 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/04/29 06:32:20 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/04/29 06:32:20 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/04/29 06:32:19 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/04/29 06:32:18 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/04/29 06:32:18 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/04/29 06:32:17 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/04/29 06:32:17 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/04/29 06:32:16 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/04/29 06:32:16 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/04/29 06:32:15 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/04/29 06:32:14 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/04/29 06:32:14 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/04/29 06:32:14 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/04/29 06:32:14 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/04/29 06:32:13 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/04/29 06:32:13 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/04/29 06:32:12 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/04/29 06:32:11 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/04/29 06:32:11 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/04/29 06:32:10 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/04/29 06:32:09 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/04/29 06:32:09 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/04/29 06:32:08 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/04/29 06:32:07 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/04/29 06:32:07 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/04/29 06:32:07 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/04/29 06:32:06 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/04/29 06:32:06 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/04/29 06:32:05 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/04/29 06:32:05 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/04/29 06:32:04 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/04/29 06:32:04 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/04/29 06:32:03 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/04/29 06:32:03 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/04/29 06:32:02 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/04/29 06:32:02 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/04/29 06:32:01 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/04/29 06:32:01 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/04/29 06:32:00 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/04/29 06:31:59 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/04/29 06:31:57 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/04/29 06:31:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/04/29 05:54:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinRAR
[2009/04/29 05:53:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2009/04/28 11:57:00 | 00,000,268 | -H-- | C] () -- C:\sqmdata01.sqm
[2009/04/28 11:57:00 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt01.sqm
[2009/04/28 10:44:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\config.nt
[2009/04/28 10:44:08 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/04/28 10:44:08 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/04/28 10:44:08 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.dll
[2009/04/28 10:44:08 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/04/28 06:19:24 | 00,000,268 | -H-- | C] () -- C:\sqmdata00.sqm
[2009/04/28 06:19:24 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt00.sqm
[2009/04/28 06:17:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Mes fichiers reçus
[2009/04/28 06:17:18 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Messenger
[2009/04/28 06:07:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
[2009/04/27 23:54:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\bordel
[2009/04/27 23:53:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2009/04/26 22:26:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2009/04/26 22:26:41 | 00,016,512 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/26 22:26:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2009/04/26 21:32:52 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2009/04/26 21:32:52 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2009/04/26 21:32:52 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/04/26 21:32:52 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2009/04/26 21:32:52 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2009/04/26 21:32:51 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/26 21:32:51 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/26 21:32:51 | 00,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2009/04/26 21:32:51 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/26 21:32:51 | 00,086,016 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009/04/26 21:32:51 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/04/26 21:32:50 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009/04/26 21:32:50 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2009/04/26 21:22:25 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\My Computer.lnk
[2009/04/26 21:20:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
[2009/04/26 12:21:21 | 00,040,960 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/24 15:19:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2009/04/24 15:18:56 | 00,001,577 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2009/04/24 15:18:48 | 00,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/04/24 13:59:53 | 06,405,392 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/04/24 13:45:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2009/04/24 13:45:54 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Administrator\My Documents\desktop.ini
[2009/04/24 13:45:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2009/04/24 13:45:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2009/04/24 13:45:47 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[2009/04/24 13:45:46 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini
[2009/04/24 13:45:46 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2009/04/24 13:45:46 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2009/04/24 13:45:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/04/24 13:45:42 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/24 13:45:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/24 13:43:50 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/24 13:41:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009/04/24 13:41:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ime
[2009/04/24 13:41:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\system
[2009/04/24 13:41:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\speechengines
[2009/04/24 13:41:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\microsoft shared
[2009/04/24 13:41:18 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/04/24 13:41:18 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/04/24 13:41:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009/04/24 13:41:18 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/04/24 13:41:18 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/04/24 13:41:15 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/24 13:41:15 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/24 13:41:15 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/24 13:41:11 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/04/24 13:40:46 | 00,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2009/04/24 13:40:21 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/04/24 13:40:21 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/04/24 13:40:21 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/04/24 13:40:21 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/04/24 13:40:21 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/04/24 13:40:21 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/04/24 13:40:21 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/04/24 13:40:21 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/04/24 13:40:18 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\NetMeeting
[2009/04/24 13:40:17 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/04/24 13:40:17 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/04/24 13:40:07 | 00,000,401 | ---- | C] () -- C:\WINDOWS\win.ini
[2009/04/24 13:40:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/04/24 13:39:59 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/04/24 13:39:58 | 01,232,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/04/24 13:39:58 | 00,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/04/24 13:39:58 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/04/24 13:39:58 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/04/24 13:39:58 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/04/24 13:39:58 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/04/24 13:39:57 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/04/24 13:39:57 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/04/24 13:39:57 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/04/24 13:39:54 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker
[2009/04/24 13:39:47 | 00,144,128 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/04/24 13:39:47 | 00,144,128 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/04/24 13:39:47 | 00,000,002 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009/04/24 13:39:47 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2009/04/24 13:39:43 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/04/24 13:39:41 | 00,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/04/24 13:39:41 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/04/24 13:39:41 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/04/24 13:39:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2009/04/24 13:39:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services
[2009/04/24 13:39:39 | 00,681,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/04/24 13:39:39 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/04/24 13:39:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Outlook Express
[2009/04/24 13:39:34 | 00,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/04/24 13:39:34 | 00,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/04/24 13:39:34 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/04/24 13:39:33 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/04/24 13:39:33 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/04/24 13:39:33 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/04/24 13:39:33 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/04/24 13:39:33 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/04/24 13:39:33 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2009/04/24 13:39:33 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/04/24 13:39:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System
[2009/04/24 13:39:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer
[2009/04/24 13:39:20 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/04/24 13:39:05 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009/04/24 13:39:05 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009/04/24 13:39:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/04/24 13:38:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player
[2009/04/24 13:38:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/04/24 13:38:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Gaming Zone
[2009/04/24 13:38:44 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT
[2009/04/24 13:38:42 | 00,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/04/24 13:38:42 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/04/24 13:38:38 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/04/24 13:38:37 | 00,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/04/24 13:38:32 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/04/24 13:38:32 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/04/24 13:38:32 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/04/24 13:38:32 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/04/24 13:38:32 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/04/24 13:38:32 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/04/24 13:38:32 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/04/24 13:38:32 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/04/24 13:38:32 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/04/24 13:38:32 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/04/24 13:38:32 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/04/24 13:38:32 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/04/24 13:38:31 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/04/24 13:38:31 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/04/24 13:38:30 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/04/24 13:38:29 | 00,541,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/04/24 13:38:29 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/04/24 13:38:29 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/04/24 13:38:28 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/04/24 13:38:28 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/04/24 13:38:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSN
[2009/04/24 13:38:18 | 00,753,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/04/24 13:38:18 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/04/24 13:38:18 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/04/24 13:38:18 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/04/24 13:38:16 | 00,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/04/24 13:38:16 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comadmin.dll
[2009/04/24 13:38:16 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/04/24 13:38:16 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/04/24 13:38:16 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/04/24 13:38:16 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/04/24 13:38:16 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/04/24 13:38:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/04/24 13:38:15 | 01,248,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/04/24 13:38:15 | 00,622,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/04/24 13:38:15 | 00,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/04/24 13:38:15 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/04/24 13:38:15 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/04/24 13:38:15 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/04/24 13:38:15 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/04/24 13:38:15 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/04/24 13:38:12 | 00,466,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/04/24 13:38:12 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/04/24 13:38:12 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/04/24 13:38:12 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/04/24 13:38:09 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/04/24 13:38:09 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/04/24 12:22:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2009/04/24 12:22:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Winamp
[2009/04/24 12:19:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Logitech
[2009/04/24 07:00:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2009/04/24 06:59:57 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2009/04/24 06:58:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Logitech
[2009/04/24 06:58:27 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2009/04/24 06:58:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2009/04/24 06:48:55 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/24 06:31:30 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\sgc30mj0et9p.dll
[2009/04/24 06:31:30 | 00,080,191 | ---- | C] () -- C:\WINDOWS\System32\qgc70mj0et9p .exe
[2009/04/24 06:31:30 | 00,023,052 | ---- | C] () -- C:\WINDOWS\System32\qgc70mj0et9p.exe1575442861
[2009/04/24 06:31:30 | 00,023,052 | ---- | C] () -- C:\WINDOWS\System32\qgc70mj0et9p.exe
[2009/04/24 06:31:29 | 00,135,168 | RHS- | C] () -- C:\WINDOWS\System32\1349250.dll
[2009/04/24 06:30:12 | 00,000,970 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/04/24 06:30:10 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ODBC
[2009/04/24 06:30:09 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/04/24 06:30:08 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/24 06:30:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2009/04/24 06:30:06 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Shared
[2009/04/24 06:30:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/04/24 06:30:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/04/24 06:30:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/04/24 06:30:04 | 00,000,000 | R--D | C] -- C:\Program Files (x86)
[2009/04/24 06:30:04 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/04/24 06:30:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files
[2009/04/24 06:30:03 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/04/24 06:30:03 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/04/24 06:30:03 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/04/24 06:30:03 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/04/24 06:30:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/04/24 06:30:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/04/24 06:30:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/04/24 06:30:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/04/24 06:30:03 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/04/24 06:30:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/04/24 06:30:02 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/04/24 06:30:02 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/04/24 06:30:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/04/24 06:30:02 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/04/24 06:30:02 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/04/24 06:30:02 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/04/24 06:30:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/04/24 06:30:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/04/24 06:29:52 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2009/04/24 06:29:49 | 00,000,150 | ---- | C] () -- C:\WINDOWS\system.ini
[2009/04/24 06:29:44 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/04/24 06:29:44 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2009/04/24 06:29:44 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/04/24 06:27:53 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/04/24 06:27:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009/04/24 06:27:46 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/04/24 06:26:21 | 00,000,213 | -HS- | C] () -- C:\boot.ini
[2009/04/24 06:22:01 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/24 06:21:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009/04/24 06:21:26 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009/04/24 06:21:26 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009/04/24 06:21:26 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\SysWOW64
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\InstallShield
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Drivers
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent64
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime (x86)
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009/04/24 06:21:26 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009/04/24 06:15:49 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/24 06:15:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2009/04/24 06:15:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2009/04/24 06:15:47 | 00,001,656 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/24 06:15:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2009/04/24 06:07:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2009/04/24 06:07:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2009/04/24 06:07:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2009/04/24 06:07:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/04/24 06:06:55 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/04/24 05:21:43 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/04/24 05:21:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Analog Devices
[2009/04/24 05:15:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2009/04/24 05:15:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2009/04/24 05:11:17 | 00,030,466 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/04/24 05:11:17 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/04/24 05:09:33 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/04/24 05:09:33 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
[2 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/05/02 04:37:37 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe
[2009/05/01 21:25:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/01 21:25:44 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/01 21:20:47 | 00,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/01 21:19:28 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/05/01 09:32:05 | 00,016,512 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/30 06:41:49 | 00,040,960 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/29 06:54:27 | 06,405,392 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/04/29 06:54:25 | 00,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/04/29 06:54:25 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/04/29 05:23:12 | 00,023,052 | ---- | M] () -- C:\WINDOWS\System32\qgc70mj0et9p.exe
[2009/04/28 11:57:00 | 00,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/04/28 11:57:00 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/04/28 10:44:16 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\config.nt
[2009/04/28 06:19:24 | 00,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/04/28 06:19:24 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/04/26 21:22:25 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\My Computer.lnk
[2009/04/24 15:18:56 | 00,001,577 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2009/04/24 13:45:56 | 00,000,084 | -HS- | M] () -
Le rapport semble incomplet, tu peux l'envoyer sur mon adresse mail (clique sur mon pseudo pour l'avoir).
- Désinstalle UsbFix.
L'outil suivant a été créé spécialement pour cyrilkiller.
Utilise cette version d'UsbFix :
http://sd-1.archive-host.com/membr [...] estrio.exe
je te remerci sa a l'aire d'avoir marché
Tu n'as pas eu de rapport ?
si j'ai eu un rapport mais vu que j'ai plus le message au travaille je me suis dit que sa avais fonctionné
a non il le fait toujours
voici le rapport
############################## [ UsbFix V3.015 # Scan ]
# User : Administrator (Administrators) # PRINCIPA-SE9PJ5
# Update on 30/04/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 10:10:49 PM | 5/2/2009
# Intel(R) Pentium(R) III Xeon processor
# Microsoft(R) Windows(R) XP Professional x64 Edition (5.2.3790 64-bit) # Service Pack 1
# Internet Explorer 6.0.3790.1830
# Windows Firewall Status : Disabled
# AV : avast! antivirus 4.8.1335 [VPS 090501-0] 4.8.1335 [ Enabled | Updated ]
# A:\ # 3 1/2 Inch Floppy Drive
# C:\ # Local Fixed Disk # 244.14 Go (238.42 Go free) [Xp] # NTFS
# D:\ # Local Fixed Disk # 244.14 Go (239.38 Go free) [logiciel] # NTFS
# E:\ # Local Fixed Disk # 244.14 Go (225.72 Go free) [video] # NTFS
# F:\ # Local Fixed Disk # 443.21 Go (305.27 Go free) [jeux] # NTFS
# G:\ # Local Fixed Disk # 244.14 Go (235.1 Go free) [projets 3D] # NTFS
# H:\ # Local Fixed Disk # 443.21 Go (442.29 Go free) [niew] # NTFS
# I:\ # CD-ROM Disc
# J:\ # CD-ROM Disc
############################## [ Processus actifs ]
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\MSN Messenger\usnsvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
################## [ Registre # Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="Travaillez plus.com"
HKCU_Main: "Window Title"="Au travail !Arrˆtez de surfer!"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"=""
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: SoundMAXPnP=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
HKLM_Run: rgc10mj0et9p=C:\WINDOWS\syswow64\qgc70mj0et9p.exe
HKLM_Run: WinampAgent="C:\Program Files (x86)\Winamp\winampa.exe"
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: Adobe Reader Speed Launcher="D:\Program Files\acrobat reader\Reader\Reader_sl.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: MsnMsgr="C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background
################## [ Informations ]
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# E:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# H:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# L:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## [ Fichiers # Dossiers infectieux ]
Found ! C:\WINDOWS\system32\antinul.vbe
Found ! L:\antinul.vbe
################## [ Registre # Clés Run infectieuses ]
Found ! HKCU\SOFTWARE\...\CurrentVersion\Policies\System\\ "DisableRegistryTools"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ ! Fin du rapport # UsbFix V3.015 ! ]
- Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
- Double-clique sur le raccourci UsbFix présent sur ton Bureau pour le lancer.
- Choisis l'option 2 (Suppression).
- Ton Bureau disparaîtra et le PC redémarrera.
- Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
- Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau .
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
voila
############################## [ UsbFix V3.015 # Cleaning ]
# User : Administrator (Administrators) # PRINCIPA-SE9PJ5
# Update on 30/04/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 11:20:34 PM | 5/2/2009
# Intel(R) Pentium(R) III Xeon processor
# Microsoft(R) Windows(R) XP Professional x64 Edition (5.2.3790 64-bit) # Service Pack 1
# Internet Explorer 6.0.3790.1830
# Windows Firewall Status : Disabled
# AV : avast! antivirus 4.8.1335 [VPS 090501-0] 4.8.1335 [ Enabled | Updated ]
# A:\ # 3 1/2 Inch Floppy Drive
# C:\ # Local Fixed Disk # 244.14 Go (238.47 Go free) [Xp] # NTFS
# D:\ # Local Fixed Disk # 244.14 Go (239.38 Go free) [logiciel] # NTFS
# E:\ # Local Fixed Disk # 244.14 Go (225.72 Go free) [video] # NTFS
# F:\ # Local Fixed Disk # 443.21 Go (305.27 Go free) [jeux] # NTFS
# G:\ # Local Fixed Disk # 244.14 Go (235.1 Go free) [projets 3D] # NTFS
# H:\ # Local Fixed Disk # 443.21 Go (442.29 Go free) [niew] # NTFS
# I:\ # CD-ROM Disc
# J:\ # CD-ROM Disc
# L:\ # Removable Disk # 14.9 Go (9.17 Go free) # FAT32
############################## [ Processus actifs ]
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SysWOW64\runonce.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! L:\antinul.vbe
################## [ Registre # Clés Run infectieuses ]
# HKCU\SOFTWARE\...\CurrentVersion\Policies\System\\ "DisableRegistryTools"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ Listing des fichiers présent ]
[04/24/2009 01:41 PM|--a------|0] - C:\AUTOEXEC.BAT
[04/24/2009 01:37 PM|---hs----|213] - C:\boot.ini
[04/24/2009 01:41 PM|--a------|0] - C:\CONFIG.SYS
[04/24/2009 01:41 PM|-rahs----|0] - C:\IO.SYS
[04/24/2009 01:41 PM|-rahs----|0] - C:\MSDOS.SYS
[03/25/2005 05:00 AM|-rahs----|47772] - C:\NTDETECT.COM
[03/25/2005 05:00 AM|-rahs----|295536] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[04/28/2009 06:19 AM|--ah-----|268] - C:\sqmdata00.sqm
[04/28/2009 11:57 AM|--ah-----|268] - C:\sqmdata01.sqm
[04/29/2009 06:54 AM|--ah-----|268] - C:\sqmdata02.sqm
[04/28/2009 06:19 AM|--ah-----|244] - C:\sqmnoopt00.sqm
[04/28/2009 11:57 AM|--ah-----|244] - C:\sqmnoopt01.sqm
[04/29/2009 06:54 AM|--ah-----|244] - C:\sqmnoopt02.sqm
[05/02/2009 11:21 PM|--a------|2574] - C:\UsbFix.txt
[03/07/2009 03:39 AM|--a------|733261824] - E:\Medieval Pie.avi
[04/05/2009 01:32 PM|--a------|725981184] - E:\Underworld.Rise.of.the.Lycans.avi
[04/07/2009 04:36 AM|--a------|727676928] - E:\X-Men.Origins.Wolverine.VOSTFR.REAL.PROPER.WORKPRINT.Xvid.avi
[01/29/2009 04:44 PM|--a------|67584] - L:\lettre de motivation cros cyril.doc
[03/19/2009 01:34 PM|---h-----|1024] - L:\diskfile1
[04/11/2009 10:04 AM|--a------|6720] - L:\poeme papa.rtf
[04/27/2009 11:11 AM|--a------|122932] - L:\carte etudiante.jpg
[01/27/2009 06:28 PM|--ah-----|4096] - L:\._.Trashes
[03/12/2009 11:44 AM|--a------|428080] - L:\CausticsGenerator_v1.4.zip
[02/26/2009 04:22 PM|--a------|8639879] - L:\emploi du temps 3D3- 1.psd
[03/12/2009 03:06 PM|--a------|757962] - L:\emploi du temps garnier-1.jpg
[03/26/2009 03:01 PM|--a------|919884] - L:\parquet_neutre.mb
[04/19/2009 06:24 PM|--a------|21135348] - L:\projet animatic mix 2.aiff
################## [ Vaccination ]
# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# G:\autorun.inf -> Folder created by UsbFix.
# H:\autorun.inf -> Folder created by UsbFix.
# L:\autorun.inf -> Folder created by UsbFix.
################## [ Cracks / Keygens / Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.015 ! ]
- Désinstalle UsbFix.
- Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
- Double-clique sur OTMoveIt3.exe afin de le lancer.
- Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
|
- Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
- Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
- Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
quand je clic sur le bouton MoveIt!
ya une fenetre qui s'ouvre et qui dit:
Runtile error!
Program: ...cuments and settings\Administrator\Desktop\OTMoveit3.exe
This application has requested the runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
Supprime les fichiers suivants manuellement en mode sans échec :
| Citation : C:\WINDOWS\system32\antinul.vbe
|
j'en trouve aucun
Peut-être qu'Avast les a retiré.
Si tu as la version Familiale d'Avast, je te conseille de passer à Antivir 9.
je suis passé de xp a vista donc c bon merci pour tout
Ok. Si tu estimes que ton problème est résolu :
---> Ajoute maintenant [Résolu] au titre. Pour cela :
- Clique, dans ton premier message, sur le bouton Editer
.
- Rajoute la mention [Résolu] devant le titre.
- Clique ensuite sur Valider votre message.
Il y a 891 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
