Portable infecté par TR/Dldr/Mufanom.PP

Bonjour,
J'ai un sérieux problème d'infection de mon pc portable. Antivir n'arrête pas de me signaler des messages comme quoi j'ai un Cheval de Troie (apparemment j'en ai même plusieurs). Le principal est TR/Dldr/Mufanom.PP. Quelqu'un peut m'aider à désinfecter ce pc s'il vous plaît? Merci d'avance.

Salut flipflaplagirafe


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Salut Dédétraqué.

Voici les rapports.
Logfile of random's system information tool 1.06 (written by random/random)
Run by joao varela at 2009-06-18 09:54:49
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (45%) free of 54 GB
Total RAM: 1014 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:55:05, on 18/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AGI\common\win32\PythonService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Program Files\bin\btwdins.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\WINDOWS\system32\SSCHBTN.EXE
C:\progra~1\samsung\smarthru\PORTCTRL.EXE
C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Lexmark 6500 Series\lxdfmon.exe
C:\Program Files\Lexmark 6500 Series\lxdfamon.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\JOAOVA~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdfserv.exe
C:\Program Files\ErrorFix\ErrorFix.exe
C:\WINDOWS\system32\lxdfcoms.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe
c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\joao varela\Bureau\RSIT.exe
C:\Program Files\trend micro\joao varela.exe
C:\WINDOWS\System32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barra de ferramentas - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Video Flash Object - {F93872F1-412A-4414-8C2D-31E0F7EC6A88} - (no file)
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [SSCHBTN.EXE] SSCHBTN.EXE
O4 - HKLM\..\Run: [GW Port Controller] c:\progra~1\samsung\smarthru\PORTCTRL.EXE
O4 - HKLM\..\Run: [Act.Outlook.Service] "C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe"
O4 - HKLM\..\Run: [Act! Preloader] "C:\Program Files\ACT\Act for Windows\ActSage.exe" -preload
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [lxdfmon.exe] "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"
O4 - HKLM\..\Run: [lxdfamon] "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe"
O4 - HKLM\..\Run: [Lexmark 6500 Series Fax Server] "C:\Program Files\Lexmark 6500 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Antispyware] C:\Program Files\Antispyware\Antispyware.exe -boot
O4 - HKCU\..\Run: [joao varela] C:\Documents and Settings\joao varela\joao varela.exe /i
O4 - HKCU\..\Run: [ErrorFix] C:\Program Files\ErrorFix\ErrorFix.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: rncsys32.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\btsendto_ie_ctx.htm
O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Joindre la page Web au contact ACT! - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Joindre la page Web au contact ACT!... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxdfCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe
O23 - Service: lxdf_device - - C:\WINDOWS\system32\lxdfcoms.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 16593 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\ErrorFix Scan.job
C:\WINDOWS\tasks\ParetoLogic Update Version2.job
C:\WINDOWS\tasks\DriverCure.job
C:\WINDOWS\tasks\ParetoLogic Registration.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Barra de ferramentas - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-10-07 372736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2009-05-03 277648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programa Auxiliar de Início de Sessão do Windows Live

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5233FCD-D258-4903-89B8-FB1568E7413D}]
Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - C:\WINDOWS\system32\mscoree.dll [2008-07-25 282112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-18 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F93872F1-412A-4414-8C2D-31E0F7EC6A88}]
Video Flash Object

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2009-05-03 277648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-21 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2006-05-15 45056]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-08-10 352256]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-05-22 3080704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"AliceSAV"=C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe [2005-12-16 81408]
"SSCHBTN.EXE"=C:\WINDOWS\system32\SSCHBTN.EXE [2002-01-23 36864]
"GW Port Controller"=c:\progra~1\samsung\smarthru\PORTCTRL.EXE [2002-01-25 155648]
"Act.Outlook.Service"=C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe [2007-10-23 9728]
"Act! Preloader"=C:\Program Files\ACT\Act for Windows\ActSage.exe [2007-10-23 393216]
"OneCareUI"=C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe [2008-08-08 67112]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-26 177472]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"lxdfmon.exe"=C:\Program Files\Lexmark 6500 Series\lxdfmon.exe [2007-06-12 455600]
"lxdfamon"=C:\Program Files\Lexmark 6500 Series\lxdfamon.exe [2007-06-01 20480]
"Lexmark 6500 Series Fax Server"=C:\Program Files\Lexmark 6500 Series\fm3032.exe [2007-06-12 308144]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-18 148888]
"KiweeHook"=C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe [2009-05-03 56456]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"updateMgr"=c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2004-11-22 307200]
"Antispyware"=C:\Program Files\Antispyware\Antispyware.exe [2009-02-13 20131840]
"joao varela"=C:\Documents and Settings\joao varela\joao varela.exe [2009-06-17 21090]
"ErrorFix"=C:\Program Files\ErrorFix\ErrorFix.exe [2009-06-12 37340424]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
BTTray.lnk - C:\Program Files\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\joao varela\Menu Démarrer\Programmes\Démarrage
Outil de notification Live Search.lnk - C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
rncsys32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
"notification packages"=scecli
dhatolc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\OneCareMP]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoThumbnailCache"=1
"NoWindowsUpdate"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\System32\usmt\migwiz.exe"="C:\WINDOWS\System32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Samsung\SmarThru\UtlServer.EXE"="C:\Program Files\Samsung\SmarThru\UtlServer.EXE:*:Enabled:SmarThru Utl Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ACT\Act for Windows\ActSage.exe"="C:\Program Files\ACT\Act for Windows\ActSage.exe:*:Enabled:ACT! by Sage"
"C:\Program Files\Sapo\SAPO Messenger\sapoim.exe"="C:\Program Files\Sapo\SAPO Messenger\sapoim.exe:*:Enabled:Sapo Messenger"
"C:\WINDOWS\System32\lxdfcoms.exe"="C:\WINDOWS\System32\lxdfcoms.exe:*:Enabled:6500 Series Server"
"C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"="C:\Program Files\Lexmark 6500 Series\lxdfmon.exe:*:Enabled:Printer Device Monitor"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfpswx.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfpswx.exe:*:Enabled:Printer Status Window Interface"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdftime.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdftime.exe:*:Enabled:Lexmark Connect Time Executable"
"C:\Program Files\Lexmark 6500 Series\LXDFFax.exe"="C:\Program Files\Lexmark 6500 Series\LXDFFax.exe:*:Enabled:Fax Solutions Software"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfjswx.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfjswx.exe:*:Enabled:Job Status Window Interface"
"C:\Program Files\Lexmark 6500 Series\FRun.exe"="C:\Program Files\Lexmark 6500 Series\FRun.exe:*:Enabled:Printing Application"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\LXDFwbgw.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\LXDFwbgw.exe:*:Enabled:Lexmark Web Gateway"
"C:\Program Files\Lexmark 6500 Series\Wireless\lxdfwpss.exe"="C:\Program Files\Lexmark 6500 Series\Wireless\lxdfwpss.exe:*:Enabled: "
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe:*:Enabled:ENABLE"
"C:\Program Files\Windows Desktop Search\WindowsSearch.exe"="C:\Program Files\Windows Desktop Search\WindowsSearch.exe:*:Enabled:ENABLE"
"C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE"="C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE:*:Enabled:ENABLE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15502b2a-cfe2-11dc-83cf-0016d4655fd7}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{85466664-7303-11dd-83f6-0018deb93d3b}]
shell\AutoRun\command - G:\setupSNK.exe


======List of files/folders created in the last 1 months======

2009-06-18 09:54:49 ----D---- C:\rsit
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\java.exe
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-18 00:34:16 ----A---- C:\WINDOWS\ntbtlog.txt
2009-06-18 00:30:25 ----D---- C:\Documents and Settings\joao varela\Application Data\Malwarebytes
2009-06-18 00:30:15 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-18 00:27:20 ----D---- C:\Program Files\Trend Micro
2009-06-17 22:33:16 ----SHD---- C:\FOUND.001
2009-06-17 22:24:14 ----SHD---- C:\FOUND.000
2009-06-17 22:09:02 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-06-17 22:09:01 ----D---- C:\Program Files\Avira
2009-06-12 22:15:09 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 22:14:55 ----HD---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 22:14:27 ----HD---- C:\WINDOWS\$NtUninstallKB963093$
2009-06-12 08:42:37 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 08:39:37 ----HD---- C:\WINDOWS\$NtUninstallKB968537$

======List of files/folders modified in the last 1 months======

2009-06-18 09:46:46 ----A---- C:\WINDOWS\system32\eRLog.ini
2009-06-18 09:46:14 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-06-18 01:44:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-18 01:24:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-12 22:15:16 ----A---- C:\WINDOWS\imsins.BAK
2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-25 00:24:06 ----A---- C:\WINDOWS\system32\mssph.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-06-13 21275]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-10 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-10 55936]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R2 s24trans;Transporte WLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 usbhub;DSC Composite USB Device; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2008-05-15 53168]
R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 MSFWHLPR;MSFWHLPR; C:\WINDOWS\system32\drivers\MSFWHLPR.sys []
S2 acpi32;acpi32; C:\WINDOWS\system32\drivers\acpi32.sys []
S2 amd64si;amd64si; C:\WINDOWS\system32\drivers\amd64si.sys []
S2 ati64si;ati64si; C:\WINDOWS\system32\drivers\ati64si.sys []
S2 Ca533av;Cam 3200, WDM Video Capture; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 fips32cup;fips32cup; C:\WINDOWS\system32\drivers\fips32cup.sys []
S2 i386si;i386si; C:\WINDOWS\system32\drivers\i386si.sys []
S2 ksi32sk;ksi32sk; C:\WINDOWS\system32\drivers\ksi32sk.sys []
S2 netsik;netsik; C:\WINDOWS\system32\drivers\netsik.sys []
S2 nicsk32;nicsk32; C:\WINDOWS\system32\drivers\nicsk32.sys []
S2 port135sik;port135sik; C:\WINDOWS\system32\drivers\port135sik.sys []
S2 securentm;securentm; C:\WINDOWS\system32\drivers\securentm.sys []
S2 systemntmi;systemntmi; C:\WINDOWS\system32\drivers\systemntmi.sys []
S2 ws2_32sik;ws2_32sik; C:\WINDOWS\system32\drivers\ws2_32sik.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 asbp2poa;asbp2poa; \??\C:\DOCUME~1\JOAOVA~1\LOCALS~1\Temp\asbp2poa.sys []
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
S3 HidIr;Pilote HID infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 IrBus;Pilote de filtre de bus infrarouge pour les contrôles distants eHome; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2006-01-23 32512]
S3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-19 6144]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBCamera;DSC Still Image Capture (CA100); C:\WINDOWS\System32\Drivers\Bulk533.sys [2002-12-04 11144]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2009-05-03 10240]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\bin\btwdins.exe [2003-09-15 135168]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-18 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 lxdf_device;lxdf_device; C:\WINDOWS\system32\lxdfcoms.exe [2007-05-29 598960]
R2 lxdfCATSCustConnectService;lxdfCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe [2007-05-29 99248]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MSSQL$ACT7;SQL Server (ACT7); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 OcHealthMon;Windows Live OneCare Health Monitor; C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe [2008-08-08 28200]
R2 OneCareMP;OneCare AntiSpyware and AntiVirus; C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe [2008-07-09 18704]
R2 PSI_SVC_2;Protexis Licensing V2; c:\program files\fichiers communs\protexis\license service\psiservice_2.exe [2007-04-12 178752]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 winss;Windows Live OneCare; C:\Program Files\Microsoft Windows OneCare Live\winss.exe [2008-08-08 1126952]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2006-01-23 86016]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-06-18 09:55:09

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -fc:\progra~1\samsung\smarthru\Unlang.isu
-->C:\WINDOWS\IsUn0c0c.exe -fC:\WINDOWS\DeIsL6.isu -c"C:\WINDOWS\system32\FoUnin.dll"
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Acer eDataSecurity Management 1.00.26-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x40c -removeonly
Acer eLock Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}
Acer Empowering Technology framework-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}
Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
Acer ePerformance Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DEE08946-40F0-4890-853E-60A6C3306041}
Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Acer ePresentation Management-->C:\WINDOWS\UnInst32.exe AcerePrj.UNI
Acer eSettings Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
ACT! by Sage 2008 (10.0)-->C:\Program Files\InstallShield Installation Information\{71B038DB-C1F0-45A1-B387-F6C3BE28154D}\setup.exe -runfromtemp -l0x040c
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Media Player-->MsiExec.exe /X{9455959E-D588-EFAE-329C-F66CC797F32A}
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Antispyware-->MsiExec.exe /X{EA9AFC05-F889-466C-9FE8-AE04FBD843A8}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistente de Início de Sessão do Windows Live-->MsiExec.exe /I{28DA1AA2-07F2-4451-A28B-A6A01A9CE8E9}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Cam 3200 Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3606BA17-5D3C-41F1-9F46-729E0301CDE2}\Setup.exe"
Cars-->C:\Program Files\THQ\Disney-Pixar\Cars\_uninst\uninstaller.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Ciel Professionnel Indépendant 10.0-->MsiExec.exe /I{D0D33833-4C1C-4471-83ED-1D60F87D0F20}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
ErrorFix-->MsiExec.exe /X{83A867EF-8D2E-4CAF-A1DD-B3996724CF78}
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{635B7E55-5566-4BE2-AA7D-F006A78A739B}
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
GTOneCare-->MsiExec.exe /X{8B21B9EF-6DBF-4F63-8CC7-9F6A56D1EE8E}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F\HXFSETUP.EXE -U -IWstAzlK.inf
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kit de Connexion Alice ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel
Kiwee Toolbar-->"C:\Program Files\AGI\common\bootstrapper.exe" -uninstall"\"C:/Program Files/AGI/Python25\pythonw.exe\" \"C:\Program Files\AGI\common\pyagcore\installer.pyc\" -u KiweeToolbar"
Lapin Malin Maternelle 2 Sauvons les étoiles !-->C:\Program Files\Mindscape\Lapin Malin Maternelle 2 Sauvons les étoiles !\uninstall.exe
Lapin Malin, L'Atelier créatif-->C:\Program Files\Mindscape\Atelier créatif\uninstall.exe
Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 6500 Series-->C:\Program Files\Lexmark 6500 Series\Install\x86\Uninst.exe
Lexmark Barra de ferramentas-->regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll"
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
Micro Application - 3D Architecte Classic 2007-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21928706-AE9A-48CD-892B-D6A6A4C62AEB}\Setup.exe" -l0x40c
Micro Application - Architecte 3D Classic-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Architecte 3D Classic\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2005 Express Edition (ACT7)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{56B4002F-671C-49F4-984C-C760FE3806B5}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Windows Live OneCare Resources v2.5.2900.15-->MsiExec.exe /I{5660022E-F3F2-4126-8CC5-9726C47150EB}
Microsoft Windows OneCare Live AntiSpyware and AntiVirus-->MsiExec.exe /I{E26B83D1-C0BB-41BC-8F44-31D5354DD6AF}
Microsoft Windows OneCare Live v2.5.2900.15 Idcrl Install-->MsiExec.exe /I{3851147E-5A91-4469-BA4D-13FFFCC8A920}
Microsoft Windows OneCare Live v2.5.2900.15-->MsiExec.exe /I{D07A8E7E-D324-4945-BA8C-E532AD008FF3}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
mMH

Salut flipflaplagirafe


-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

Salut Dédétraqué.

Bon ben là, je ne peux plus allumé mon pc portable. Enfin, plutôt il s'allume mais j'ai tellement de messages de logiciels malveillants que je reviens toujours sur l'écran bleu. Je n'ai donc pas pu télécharger le logiciel que tu m'as indiqué. Puis-je le faire en mode sans échec?
Merci de tes précieuses explications.
@++

Salut flipflaplagirafe


Oui choisi le mode sans échec avec prise en charge réseau


@++

Salut Dédétraqué.
Mon portable ne démarre même plus en mode sans échec. Je demande le mode sans échec avec prise en charge réseau mais il reste sur un écran noir avec le curseur qui clignote.
Y a-t-il une solution s'il te plaît?
@++

Salut flipflaplagirafe


Et sans prise en charge réseau, as-tu fais l'essai?


@++

Salut Dédétraqué.

Je viens d'essayer, mais rien à faire... toujours l'écran noir et le curseur qui clignote.

Cet après-midi j'ai réussi à le démarrer en mode sans échec, mais maintenant...
As-tu une autre solution?

@++

Salut flipflaplagirafe


Je voie pas d'autre solution que Antivir Rescue System

http://www.malekal.com/tutorial_Antivir_Rescue_System.php


@++

Salut Dédétraqué.

Comment puis-je faire étant donné que mon pc s'ouvre bien sous windows, mais au bout de 3 minutes, c'est l'écran bleu avec le message d'erreur de windows. Je n'ai pas le temps d'aller sur le net. Je vais quand même réessayer. On ne sait jamais... un coup de chance. (J'y crois pas trop. Ca n'a fait qu'empirer depuis hier).
@++

Salut Dédétraqué.

Incroyable. Il a démarré en mode sans échec mais sans prise en charge réseau. Tu vois, un peu de chance ça peut aider (enfin j'espère).

@++

Salut flipflaplagirafe


OK, as-tu une clé USB pour mettre les outils?


@++

Salut Dédétraqué.

Non je n'ai pas de clé USB, mais j'ai un disque dur externe si ça peut aider.

@++

Salut flipflaplagirafe


Exact, j'aurais du ajouter où autre support amovible.


Télécharge combofix.exe (de sUBs) :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe


Mettre sur ton DD externe, maintenant faire un copier/coller du fichier sur le bureau du PC malade.


==> Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

Salut Dédétraqué.

Est-ce normal que mon pc est redémarré sans que je lui demande? Je vois que Combofix redémarre sous windows en mode normal, mais des messages d'alerte virus (d'Antivir) continuent d'affluer. Et hop... re-écran bleu. Je réessaye en mode sans échec de nouveau.

@++

Salut flipflaplagirafe


Si Antivir est la cause des alertes et plantage, voir a le désinstaller en mode sans échec, après refais un Combofix.


@++

Salut Dédétraqué.

Je vais essayer de le faire dès que mon pc aura réussi à redémarrer en mode sans échec. Pour l'instant, rien à faire. J'insiste et puis on verra bien.

@++

Salut Dédétraqué.

Toujours impossible de redémarrer mon pc. Y aurait-il un moyen de le faire autrement, que je puisses désinstaller antivir pour voir si c'est bien la cause de mes ennuis? Là vraiment, je n'ai plus trop d'espoir de réussite.
@++

Salut flipflaplagirafe


As-tu le CD de Windows Xp?


@++

Salut Dédétraqué.

Non, je ne l'ai pas. Gros problème ?
@++

Salut flipflaplagirafe


Télécharge la console :
http://www.vista-xp.fr/forum/topic240.html


Une fois démarrer en mode console :

A l’invite de commande C:\WINDOWS>

Tape exactement :

del C:\Program Files\Avira

Et ENTER

Tape exit et ENTER pour quitter la console et redémarrer l’ordinateur comme a l'habitude.


@++

Salut Dédétraqué.

Merci pour l'astuce. J'aurais tout de même une question. Est-ce que je pourrais garder les données qui sont sur mon pc malade? C'est le pc de l'entreprise de mon mari et tous ses devis et factures sont dedans, dans Ciel, mais il n'a pas fait de sauvegarde...
@++

Salut flipflaplagirafe


Oui cela est possible, voir la procédure :

http://www.malekal.com/RecuperationDonnees.php


@++

Salut Dédétraqué.
Merci, je vais faire ça et te tiens au courant pour la suite.
@++

Salut flipflaplagirafe


Oui cela est mieux de faire une sauvegarde des données


@++

Salut Dédétraqué.
Mon pc malade a réussi à démarrer en mode sans échec. J'ai donc désinstaller dans le panneau de configuration, antivir, puis lancer Combofix. Voici le rapport :
ComboFix 09-06-18.02 - joao varela 22/06/2009 11:30.2 - FAT32x86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1014.739 [GMT 2:00]
Lancé depuis: C:\ComboFix.exe
AV: Windows Live OneCare *On-access scanning enabled* (Outdated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\joao varela\Application Data\.#
c:\program files\Antispyware
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\windows\enavurov.dll
c:\windows\obuculih.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\documents and settings\joao varela\Application Data\.#\MBX@14E0@C938B0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@14E0@C938C0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@14E0@C938D0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@14E0@C93900.###
c:\documents and settings\joao varela\Application Data\.#\MBX@14E0@C93940.###
c:\documents and settings\joao varela\Application Data\.#\MBX@14E0@C93950.###
c:\documents and settings\joao varela\Application Data\.#\MBX@14E0@C93970.###
c:\documents and settings\joao varela\Application Data\.#\MBX@1604@C938B0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@1604@C938C0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@1604@C938D0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@1604@C93900.###
c:\documents and settings\joao varela\Application Data\.#\MBX@1604@C93940.###
c:\documents and settings\joao varela\Application Data\.#\MBX@1604@C93950.###
c:\documents and settings\joao varela\Application Data\.#\MBX@1604@C93970.###
c:\documents and settings\joao varela\Application Data\.#\MBX@3F4@C938B0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@3F4@C938C0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@3F4@C938D0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@3F4@C93900.###
c:\documents and settings\joao varela\Application Data\.#\MBX@3F4@C93940.###
c:\documents and settings\joao varela\Application Data\.#\MBX@3F4@C93950.###
c:\documents and settings\joao varela\Application Data\.#\MBX@3F4@C93970.###
c:\documents and settings\joao varela\Application Data\.#\MBX@88C@C938B0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@88C@C938C0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@88C@C938D0.###
c:\documents and settings\joao varela\Application Data\.#\MBX@88C@C93900.###
c:\documents and settings\joao varela\Application Data\.#\MBX@88C@C93940.###
c:\documents and settings\joao varela\Application Data\.#\MBX@88C@C93950.###
c:\documents and settings\joao varela\Application Data\.#\MBX@88C@C93970.###
c:\documents and settings\joao varela\Application Data\wiaserva.log
c:\documents and settings\joao varela\Local Settings\Application Data\siyqy.dat
c:\documents and settings\joao varela\Local Settings\Application Data\siyqy_nav.dat
c:\documents and settings\joao varela\Local Settings\Application Data\siyqy_navps.dat
c:\documents and settings\joao varela\Mes documents\My Documents.url
c:\program files\Antispyware\DataBase.ref
c:\program files\Antispyware\SpyCleaner.dll
c:\program files\Antispyware\TCL.dll
c:\program files\Antispyware\vistaCPtasks.xml
c:\program files\Antispyware\zlib.dll
c:\windows\system32\drivers\acpi32.sys
c:\windows\system32\drivers\ati64si.sys
c:\windows\system32\drivers\fips32cup.sys
c:\windows\system32\drivers\nicsk32.sys
c:\windows\system32\drivers\port135sik.sys
c:\windows\system32\drivers\systemntmi.sys
c:\windows\system32\drivers\ws2_32sik.sys
F:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ACPI32
-------\Legacy_ATI64SI
-------\Legacy_FIPS32CUP
-------\Legacy_I386SI
-------\Legacy_KSI32SK
-------\Legacy_NETSIK
-------\Legacy_NICSK32
-------\Legacy_PORT135SIK
-------\Legacy_SECURENTM
-------\Legacy_SYSTEMNTMI
-------\Legacy_WS2_32SIK
-------\Service_acpi32
-------\Service_ati64si
-------\Service_fips32cup
-------\Service_i386si
-------\Service_ksi32sk
-------\Service_netsik
-------\Service_nicsk32
-------\Service_NPF
-------\Service_port135sik
-------\Service_securentm
-------\Service_systemntmi
-------\Service_WinDHCPsvc
-------\Service_ws2_32sik


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-22 au 2009-06-22 ))))))))))))))))))))))))))))))))))))
.

2009-06-22 09:47 . 2009-06-22 09:48 78208 ----a-w- c:\windows\system32\drivers\b4bfc967.sys
2009-06-22 09:01 . 2009-06-22 09:01 -------- d-sh--w- C:\FOUND.012
2009-06-22 07:52 . 2009-06-22 07:52 -------- d-sh--w- C:\FOUND.011
2009-06-21 22:45 . 2009-06-21 22:45 -------- d-sh--w- C:\FOUND.010
2009-06-21 22:21 . 2009-06-21 22:21 -------- d-sh--w- C:\FOUND.009
2009-06-21 22:12 . 2009-06-21 22:12 -------- d-sh--w- C:\FOUND.008
2009-06-21 22:02 . 2009-06-21 22:02 -------- d-sh--w- C:\FOUND.007
2009-06-21 21:46 . 2009-06-19 23:42 19968 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe
2009-06-21 10:17 . 2009-06-21 10:17 -------- d-sh--w- C:\FOUND.006
2009-06-19 23:33 . 2009-06-19 23:33 -------- d-sh--w- C:\FOUND.005
2009-06-18 22:55 . 2009-06-18 22:53 3028246 ----a-r- C:\ComboFix.exe
2009-06-18 22:15 . 2009-06-18 22:15 -------- d-sh--w- C:\FOUND.004
2009-06-18 13:18 . 2009-06-18 13:18 -------- d-sh--w- C:\FOUND.003
2009-06-18 12:27 . 2009-06-18 12:27 -------- d-sh--w- C:\FOUND.002
2009-06-18 07:54 . 2009-06-18 07:54 -------- d-----w- C:\rsit
2009-06-18 07:51 . 2009-06-18 07:51 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-18 07:50 . 2009-06-18 07:50 152576 ----a-w- c:\documents and settings\joao varela\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-17 22:30 . 2009-06-17 22:30 -------- d-----w- c:\documents and settings\joao varela\Application Data\Malwarebytes
2009-06-17 22:30 . 2009-06-17 22:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-17 22:27 . 2009-06-17 22:27 -------- d-----w- c:\program files\Trend Micro
2009-06-17 20:45 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-17 20:33 . 2009-06-17 20:33 -------- d-sh--w- C:\FOUND.001
2009-06-17 20:24 . 2009-06-17 20:24 -------- d-sh--w- C:\FOUND.000
2009-05-26 23:01 . 2009-05-26 23:01 263680 ----a-w- c:\documents and settings\joao varela\Local Settings\Application Data\uwkksoo.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-21 21:55 . 2009-06-21 21:55 851968 ----a-w- c:\documents and settings\All Users\SPL2.tmp
2009-06-21 21:52 . 2009-06-21 21:52 1205648 ----a-w- c:\documents and settings\All Users\SPL3.tmp
2009-06-21 21:47 . 2009-06-21 21:47 1205648 ----a-w- c:\documents and settings\All Users\SPL5.tmp
2009-06-18 22:16 . 2007-06-13 20:20 90112 ----a-w- c:\windows\DUMP40fd.tmp
2009-06-18 13:19 . 2007-06-13 20:20 90112 ----a-w- c:\windows\DUMP55b1.tmp
2009-06-18 12:18 . 2006-08-19 04:41 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-17 23:24 . 2006-08-19 04:21 581742 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-17 23:24 . 2006-08-19 04:21 111998 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-24 22:24 . 2008-05-26 20:18 350208 ----a-w- c:\windows\system32\mssph.dll
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\Mindscape
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\QuickTime
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\Evernote
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\directx
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\joao varela\Application Data\DriverCure
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\program files\Fichiers communs\ParetoLogic
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2009-05-12 13:12 . 2005-10-13 10:23 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-05-09 15:58 . 2009-05-09 15:58 -------- d-----w- c:\documents and settings\joao varela\Application Data\Boomzap
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\GamesBar
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\Oberon Media
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\Fichiers communs\Oberon Media
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\orange
2009-05-07 15:33 . 2004-08-10 18:00 348672 ------w- c:\windows\system32\localspl.dll
2009-05-03 18:50 . 2009-05-03 18:50 -------- d-----w- c:\documents and settings\LocalService\Application Data\agi
2009-05-03 18:50 . 2009-05-03 18:50 -------- d-----w- c:\program files\Kiwee Toolbar
2009-05-03 18:50 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Kiwee Toolbar
2009-05-03 18:49 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\joao varela\Application Data\agi
2009-05-03 18:49 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\agi
2009-05-03 18:49 . 2009-05-03 18:49 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-05-03 18:49 . 2009-05-03 18:49 2117632 ----a-w- c:\windows\system32\python25.dll
2009-05-03 18:49 . 2009-05-03 18:49 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-05-03 18:48 . 2009-05-03 18:48 -------- d-----w- c:\program files\AGI
2009-05-02 10:05 . 2008-10-03 17:57 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-05-02 10:05 . 2008-10-03 17:57 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-05-02 10:05 . 2008-10-03 17:57 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-04-29 04:45 . 2006-01-09 18:02 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:45 . 2004-08-10 18:00 78336 ------w- c:\windows\system32\ieencode.dll
2009-04-19 23:05 . 2009-04-05 20:54 1 ----a-w- c:\documents and settings\joao varela\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-04-19 19:50 . 2004-08-10 18:00 1847296 ------w- c:\windows\system32\win32k.sys
2009-04-15 14:53 . 2004-08-10 18:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-15 09:09 . 2008-07-13 21:24 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-04-07 19:30 . 2008-07-16 21:42 40936 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2008-01-28 11:22 . 2007-06-17 20:53 356 ----a-w- c:\program files\Favoris Bluetooth.lnk
2007-06-17 19:47 . 2007-06-17 19:47 251 ----a-w- c:\program files\wt3d.ini
2003-09-15 15:30 . 2007-06-17 20:51 49152 ----a-w- c:\program files\BtBalloon.dll
2003-09-15 14:56 . 2003-09-15 14:56 1126484 ----a-w- c:\program files\BTStackServer.exe
2003-09-15 14:53 . 2003-09-15 14:53 503869 ----a-w- c:\program files\BTTray.exe
2003-09-15 14:41 . 2003-09-15 14:41 69632 ----a-w- c:\program files\btsendto_visio2k.vsl
2003-09-15 14:38 . 2003-09-15 14:38 49152 ----a-w- c:\program files\btsendto_explorer.exe
2003-05-29 11:53 . 2003-05-29 11:53 91648 ----a-w- c:\program files\gzip.exe
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_cold_icon_grey.ico
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_hot_icon.ico
2003-05-29 11:53 . 2003-05-29 11:53 1320 ----a-w- c:\program files\btsendto_ie_ctx.htm
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_cold_icon.ico
2003-05-29 11:53 . 2003-05-29 11:53 2681 ----a-w- c:\program files\btsendto_ie.htm
2003-04-14 13:42 . 2003-04-14 13:42 1574 ----a-w- c:\program files\lnuser.id
2003-03-24 08:38 . 2003-03-24 08:38 188402 ----a-w- c:\program files\BTW_hlp.chm
2002-10-02 13:18 . 2002-10-02 13:18 73642 ----a-w- c:\program files\context.hlp
2002-05-15 21:29 . 2002-05-15 21:29 591 ----a-w- c:\program files\bttray.exe.manifest
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-05-03 18:50 277648 ----a-w- c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 307200]
"ErrorFix"="c:\program files\ErrorFix\ErrorFix.exe" [2009-06-12 37340424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"AliceSAV"="c:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe" [2005-12-16 81408]
"GW Port Controller"="c:\progra~1\samsung\smarthru\PORTCTRL.EXE" [2002-01-25 155648]
"Act.Outlook.Service"="c:\program files\ACT\Act for Windows\Act.Outlook.Service.exe" [2007-10-23 9728]
"Act! Preloader"="c:\program files\ACT\Act for Windows\ActSage.exe" [2007-10-23 393216]
"OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2008-08-08 67112]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"lxdfmon.exe"="c:\program files\Lexmark 6500 Series\lxdfmon.exe" [2007-06-11 455600]
"lxdfamon"="c:\program files\Lexmark 6500 Series\lxdfamon.exe" [2007-06-01 20480]
"Lexmark 6500 Series Fax Server"="c:\program files\Lexmark 6500 Series\fm3032.exe" [2007-06-11 308144]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-18 148888]
"KiweeHook"="c:\program files\Kiwee Toolbar\2.8.167\kwtbaim.exe" [2009-05-03 56456]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"Internet Connection Wizard Setup Tool"="c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe" [2009-06-19 19968]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"SSCHBTN.EXE"="SSCHBTN.EXE" - c:\windows\system32\Sschbtn.exe [2002-01-23 36864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\joao varela\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-3-1 143360]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
rncsys32.exe [2008-4-14 20480]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
BTTray.lnk - c:\program files\BTTray.exe [2003-9-15 503869]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Samsung\\SmarThru\\UtlServer.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ACT\\Act for Windows\\ActSage.exe"=
"c:\\Program Files\\Sapo\\SAPO Messenger\\sapoim.exe"=
"c:\\WINDOWS\\System32\\lxdfcoms.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdfpswx.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdftime.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdfjswx.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\FRun.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\LXDFwbgw.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\Wireless\\lxdfwpss.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Desktop Search\\WindowsSearch.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [03/05/2009 20:49 10240]
R2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe -service --> c:\windows\system32\lxdfcoms.exe -service [?]
R2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdfserv.exe [12/12/2008 00:35 99248]
R2 MSSQL$ACT7;SQL Server (ACT7);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22:31 29263712]
R2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\Microsoft Windows OneCare Live\OcHealthMon.exe [08/08/2008 15:23 28200]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [01/10/2006 12:37 26624]
S2 28FBC8B07BE22A20;28FBC8B07BE22A20;\??\c:\documents and settings\joao varela\Bureau\28FBC8B07BE22A20\28FBC8B07BE22A20 --> c:\documents and settings\joao varela\Bureau\28FBC8B07BE22A20\28FBC8B07BE22A20 [?]
S2 amd64si;amd64si; [x]
S2 Ca533av;Cam 3200, WDM Video Capture;c:\windows\system32\drivers\Ca533av.sys [21/08/2008 18:10 515803]
S2 DE3A0E7DDD2AED44;DE3A0E7DDD2AED44;\??\c:\documents and settings\joao varela\Bureau\DE3A0E7DDD2AED44\DE3A0E7DDD2AED44 --> c:\documents and settings\joao varela\Bureau\DE3A0E7DDD2AED44\DE3A0E7DDD2AED44 [?]
S3 asbp2poa;asbp2poa;\??\c:\docume~1\JOAOVA~1\LOCALS~1\Temp\asbp2poa.sys --> c:\docume~1\JOAOVA~1\LOCALS~1\Temp\asbp2poa.sys [?]
S3 USBCamera;DSC Still Image Capture (CA100);c:\windows\system32\drivers\Bulk533.sys [21/08/2008 18:10 11144]
.
Contenu du dossier 'Tâches planifiées'

2009-03-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-06-13 c:\windows\Tasks\ErrorFix Scan.job
- c:\program files\ErrorFix\ErrorFix.exe [2009-06-12 13:21]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{F93872F1-412A-4414-8C2D-31E0F7EC6A88} - (no file)
HKCU-Run-Antispyware - c:\program files\Antispyware\Antispyware.exe
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard


.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uInternet Settings,ProxyOverride = *.local
IE: Envoyer à &Bluetooth - c:\program files\btsendto_ie_ctx.htm
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game08.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************
Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\28FBC8B07BE22A20]
"ImagePath"="\??\c:\documents and settings\joao varela\Bureau\28FBC8B07BE22A20\28FBC8B07BE22A20"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\DE3A0E7DDD2AED44]
"ImagePath"="\??\c:\documents and settings\joao varela\Bureau\DE3A0E7DDD2AED44\DE3A0E7DDD2AED44"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\b4bfc967]
"ImagePath"="\SystemRoot\System32\drivers\b4bfc967.sys"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(5096)
c:\windows\system32\MSNChatHook.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\MSVCR71.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BTNCopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-06-22 11:51 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-22 09:51

Avant-CF: 26 713 817 088 octets libres
Après-CF: 25 931 284 480 octets libres

342 --- E O F --- 2009-06-12 20:15


@++

Salut flipflaplagirafe


- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.

- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :



- Enregistre ce fichier sur le bureau (Impératif)

-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers

- Clique sur Enregistrer et quitte le Bloc Notes

Important Désactive ton Antivirus et antispyware avant de faire le glisser/déposer

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :



* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ ComboFix.txt


Voir si le PC redémarre en mode normal


@++

Salut Dédétraqué.
Voici le rapport :
ComboFix 09-06-22.04 - joao varela 23/06/2009 0:39.4 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1014.631 [GMT 2:00]
Lancé depuis: c:\documents and settings\joao varela\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\joao varela\Bureau\CFScript.txt

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE ::
"c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe"
"c:\documents and settings\All Users\SPL2.tmp"
"c:\documents and settings\All Users\SPL3.tmp"
"c:\documents and settings\All Users\SPL5.tmp"
"c:\documents and settings\joao varela\Local Settings\Application Data\uwkksoo.exe"
"c:\documents and settings\joao varela\Menu Démarrer\Programmes\Démarrage\rncsys32.exe"
"c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe"
"c:\windows\DUMP40fd.tmp"
"c:\windows\DUMP55b1.tmp"
"c:\windows\system32\drivers\b4bfc967.sys"
"c:\windows\system32\perfc00C.dat"
"c:\windows\system32\perfh00C.dat"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\FOUND.002
C:\FOUND.003
C:\FOUND.004
C:\FOUND.005
C:\FOUND.006
C:\FOUND.007
C:\FOUND.008
C:\FOUND.009
C:\FOUND.010
C:\FOUND.011
C:\FOUND.012
c:\program files\GamesBar
c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe
c:\documents and settings\joao varela\Application Data\wiaserva.log
c:\documents and settings\joao varela\Local Settings\Application Data\uwkksoo.exe
c:\documents and settings\joao varela\Menu Démarrer\Programmes\Démarrage\rncsys32.exe
c:\found.002\FILE0000.CHK
c:\found.002\FILE0001.CHK
c:\found.002\FILE0002.CHK
c:\found.002\FILE0003.CHK
c:\found.002\FILE0004.CHK
c:\found.002\FILE0005.CHK
c:\found.002\FILE0006.CHK
c:\found.002\FILE0007.CHK
c:\found.002\FILE0008.CHK
c:\found.002\FILE0009.CHK
c:\found.002\FILE0010.CHK
c:\found.002\FILE0011.CHK
c:\found.002\FILE0012.CHK
c:\found.002\FILE0013.CHK
c:\found.002\FILE0014.CHK
c:\found.002\FILE0015.CHK
c:\found.002\FILE0016.CHK
c:\found.002\FILE0017.CHK
c:\found.002\FILE0018.CHK
c:\found.002\FILE0019.CHK
c:\found.002\FILE0020.CHK
c:\found.002\FILE0021.CHK
c:\found.002\FILE0022.CHK
c:\found.002\FILE0023.CHK
c:\found.003\FILE0000.CHK
c:\found.003\FILE0001.CHK
c:\found.003\FILE0002.CHK
c:\found.003\FILE0003.CHK
c:\found.003\FILE0004.CHK
c:\found.004\FILE0000.CHK
c:\found.004\FILE0001.CHK
c:\found.004\FILE0002.CHK
c:\found.005\FILE0000.CHK
c:\found.005\FILE0001.CHK
c:\found.005\FILE0002.CHK
c:\found.005\FILE0003.CHK
c:\found.005\FILE0004.CHK
c:\found.005\FILE0005.CHK
c:\found.005\FILE0006.CHK
c:\found.005\FILE0007.CHK
c:\found.006\FILE0000.CHK
c:\found.006\FILE0001.CHK
c:\found.006\FILE0002.CHK
c:\found.006\FILE0003.CHK
c:\found.006\FILE0004.CHK
c:\found.006\FILE0005.CHK
c:\found.006\FILE0006.CHK
c:\found.006\FILE0007.CHK
c:\found.006\FILE0008.CHK
c:\found.006\FILE0009.CHK
c:\found.006\FILE0010.CHK
c:\found.006\FILE0011.CHK
c:\found.007\FILE0000.CHK
c:\found.007\FILE0001.CHK
c:\found.007\FILE0002.CHK
c:\found.007\FILE0003.CHK
c:\found.007\FILE0004.CHK
c:\found.007\FILE0005.CHK
c:\found.007\FILE0006.CHK
c:\found.007\FILE0007.CHK
c:\found.007\FILE0008.CHK
c:\found.007\FILE0009.CHK
c:\found.008\FILE0000.CHK
c:\found.009\FILE0000.CHK
c:\found.009\FILE0001.CHK
c:\found.009\FILE0002.CHK
c:\found.009\FILE0003.CHK
c:\found.009\FILE0004.CHK
c:\found.010\FILE0000.CHK
c:\found.010\FILE0001.CHK
c:\found.010\FILE0002.CHK
c:\found.010\FILE0003.CHK
c:\found.010\FILE0004.CHK
c:\found.010\FILE0005.CHK
c:\found.010\FILE0006.CHK
c:\found.010\FILE0007.CHK
c:\found.010\FILE0008.CHK
c:\found.010\FILE0009.CHK
c:\found.011\FILE0000.CHK
c:\found.011\FILE0001.CHK
c:\found.011\FILE0002.CHK
c:\found.011\FILE0003.CHK
c:\found.012\FILE0000.CHK
c:\found.012\FILE0001.CHK
c:\found.012\FILE0002.CHK
c:\program files\GamesBar\Localization2-French.ini
c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
c:\windows\system32\drivers\b4bfc967.sys . . . . impossible à supprimer
c:\windows\system32\perfc00C.dat
c:\windows\system32\perfh00C.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_28FBC8B07BE22A20
-------\Legacy_ASBP2POA
-------\Legacy_DE3A0E7DDD2AED44
-------\Service_28FBC8B07BE22A20
-------\Service_asbp2poa
-------\Service_b4bfc967
-------\Service_DE3A0E7DDD2AED44


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-22 au 2009-06-22 ))))))))))))))))))))))))))))))))))))
.

2009-06-22 16:49 . 2009-06-22 17:25 0 ----a-w- c:\windows\system32\drivers\f32252c9.sys
2009-06-22 09:47 . 2009-06-22 22:44 78208 ----a-w- c:\windows\system32\drivers\b4bfc967.sys
2009-06-18 07:54 . 2009-06-18 07:54 -------- d-----w- C:\rsit
2009-06-18 07:51 . 2009-06-18 07:51 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-18 07:50 . 2009-06-18 07:50 152576 ----a-w- c:\documents and settings\joao varela\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-17 22:30 . 2009-06-17 22:30 -------- d-----w- c:\documents and settings\joao varela\Application Data\Malwarebytes
2009-06-17 22:30 . 2009-06-17 22:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-17 22:27 . 2009-06-17 22:27 -------- d-----w- c:\program files\Trend Micro
2009-06-17 20:45 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-17 20:33 . 2009-06-17 20:33 -------- d-sh--w- C:\FOUND.001
2009-06-17 20:24 . 2009-06-17 20:24 -------- d-sh--w- C:\FOUND.000

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-22 22:41 . 2006-08-19 04:41 12 ----a-w- c:\windows\bthservsdp.dat
2009-05-24 22:24 . 2008-05-26 20:18 350208 ----a-w- c:\windows\system32\mssph.dll
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\Mindscape
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\QuickTime
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\Evernote
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\directx
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\joao varela\Application Data\DriverCure
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\program files\Fichiers communs\ParetoLogic
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2009-05-12 13:12 . 2005-10-13 10:23 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-05-09 15:58 . 2009-05-09 15:58 -------- d-----w- c:\documents and settings\joao varela\Application Data\Boomzap
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\Oberon Media
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\Fichiers communs\Oberon Media
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\orange
2009-05-07 15:33 . 2004-08-10 18:00 348672 ------w- c:\windows\system32\localspl.dll
2009-05-03 18:50 . 2009-05-03 18:50 -------- d-----w- c:\documents and settings\LocalService\Application Data\agi
2009-05-03 18:50 . 2009-05-03 18:50 -------- d-----w- c:\program files\Kiwee Toolbar
2009-05-03 18:50 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Kiwee Toolbar
2009-05-03 18:49 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\joao varela\Application Data\agi
2009-05-03 18:49 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\agi
2009-05-03 18:49 . 2009-05-03 18:49 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-05-03 18:49 . 2009-05-03 18:49 2117632 ----a-w- c:\windows\system32\python25.dll
2009-05-03 18:49 . 2009-05-03 18:49 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-05-03 18:48 . 2009-05-03 18:48 -------- d-----w- c:\program files\AGI
2009-05-02 10:05 . 2008-10-03 17:57 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-05-02 10:05 . 2008-10-03 17:57 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-05-02 10:05 . 2008-10-03 17:57 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-04-29 04:45 . 2006-01-09 18:02 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:45 . 2004-08-10 18:00 78336 ------w- c:\windows\system32\ieencode.dll
2009-04-19 23:05 . 2009-04-05 20:54 1 ----a-w- c:\documents and settings\joao varela\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-04-19 19:50 . 2004-08-10 18:00 1847296 ------w- c:\windows\system32\win32k.sys
2009-04-15 14:53 . 2004-08-10 18:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-15 09:09 . 2008-07-13 21:24 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-04-07 19:30 . 2008-07-16 21:42 40936 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2008-01-28 11:22 . 2007-06-17 20:53 356 ----a-w- c:\program files\Favoris Bluetooth.lnk
2007-06-17 19:47 . 2007-06-17 19:47 251 ----a-w- c:\program files\wt3d.ini
2003-09-15 15:30 . 2007-06-17 20:51 49152 ----a-w- c:\program files\BtBalloon.dll
2003-09-15 14:56 . 2003-09-15 14:56 1126484 ----a-w- c:\program files\BTStackServer.exe
2003-09-15 14:53 . 2003-09-15 14:53 503869 ----a-w- c:\program files\BTTray.exe
2003-09-15 14:41 . 2003-09-15 14:41 69632 ----a-w- c:\program files\btsendto_visio2k.vsl
2003-09-15 14:38 . 2003-09-15 14:38 49152 ----a-w- c:\program files\btsendto_explorer.exe
2003-05-29 11:53 . 2003-05-29 11:53 91648 ----a-w- c:\program files\gzip.exe
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_cold_icon_grey.ico
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_hot_icon.ico
2003-05-29 11:53 . 2003-05-29 11:53 1320 ----a-w- c:\program files\btsendto_ie_ctx.htm
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_cold_icon.ico
2003-05-29 11:53 . 2003-05-29 11:53 2681 ----a-w- c:\program files\btsendto_ie.htm
2003-04-14 13:42 . 2003-04-14 13:42 1574 ----a-w- c:\program files\lnuser.id
2003-03-24 08:38 . 2003-03-24 08:38 188402 ----a-w- c:\program files\BTW_hlp.chm
2002-10-02 13:18 . 2002-10-02 13:18 73642 ----a-w- c:\program files\context.hlp
2002-05-15 21:29 . 2002-05-15 21:29 591 ----a-w- c:\program files\bttray.exe.manifest
.

------- Sigcheck -------

[7] 2008-04-14 00:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\system32\svchost.exe
[-] 2004-08-10 18:00 14336 1BD6C2F707A275CB7C16FD99FE0F31CA c:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2008-04-14 00:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\ServicePackFiles\i386\svchost.exe

[7] 2008-04-14 00:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\system32\user32.dll
[-] 2005-03-02 18:20 578048 C34920EB988CE98910BD6B0417F334EB c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2007-03-08 15:50 579072 4D88AAF39ADABFE45958EA1384E2C4FF c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2004-08-10 18:00 578048 E46FB493E3B33704F0715020CF52106B c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2007-03-08 15:37 578560 753354F594809A9B96F73999B435A533 c:\windows\$NtServicePackUninstall$\user32.dll
[7] 2008-04-14 00:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\ServicePackFiles\i386\user32.dll

[7] 2008-04-14 00:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\system32\ws2_32.dll
[-] 2004-08-10 18:00 82944 BC41F51A39D3B255805FDB759B7814AE c:\windows\$NtServicePackUninstall$\ws2_32.dll
[7] 2008-04-14 00:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\ServicePackFiles\i386\ws2_32.dll

[7] 2009-04-29 04:45 827392 08EFECB3F17F38F23F14148D374ACBC9 c:\windows\system32\wininet.dll
[7] 2009-04-29 04:45 827392 08EFECB3F17F38F23F14148D374ACBC9 c:\windows\system32\dllcache\wininet.dll
[7] 2008-04-23 07:19 827392 78D3D2B0BE6AD3E6D82CCB115CF74310 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[7] 2008-06-23 15:40 827904 52589BAE67DD9859724287372668690B c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 07:10 827904 4B0E70D44297877A313045BD059770E1 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-10-16 17:33 827904 37D1A1BFE3D9904F2C3D11592456F9C0 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 21:47 827904 4E192082A5FCE9EF19198A24CDEA3442 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2009-03-02 23:15 828416 39F71B559A97ED722F939A0EA7235323 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-04-29 04:37 828928 754097815B575A721AB58B1C55476805 c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2004-08-10 18:00 660480 58FE94EF42E074F4CAD8BF02E70E6478 c:\windows\$NtUninstallKB912945$\wininet.dll
[-] 2006-01-09 18:02 666112 5404E2EAD19D7E2A5C4086015062343C c:\windows\$NtUninstallKB933566$\wininet.dll
[-] 2007-04-18 12:44 669696 A3BF56A786B277E881FD9137F55F0B4B c:\windows\$NtUninstallKB942615$\wininet.dll
[-] 2007-10-11 04:59 670208 0465CDE31ADD22F6233FFB4FE4AF01CF c:\windows\ie7\wininet.dll
[7] 2007-08-13 16:54 818688 A4A0FC92358F39538A6494C42EF99FE9 c:\windows\ie7updates\KB950759-IE7\wininet.dll
[7] 2008-04-23 04:16 826368 02D6AABD5F5A32C61478B5CDFE50E4A8 c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2008-06-23 16:28 826368 AC0BD61DC2C64906FBFE50E005FEFA2C c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-08-26 06:11 826368 E30CACD98479B36A3DBFA3267BF62DD0 c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-10-16 18:18 826368 CFBFA47415E85018E2CDC509E5E3D011 c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-12-20 20:47 826368 0551C946E305CEE0A79BA744DC141BFC c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2009-03-02 23:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\ie7updates\KB969897-IE7\wininet.dll
[7] 2008-04-14 00:33 670208 4A6E04EA20F48D750D9BFED8600D516B c:\windows\ServicePackFiles\i386\wininet.dll

[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2007-10-30 15:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2004-08-10 18:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2007-10-30 16:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-04-13 17:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2008-04-13 17:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys

[7] 2008-04-14 00:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\system32\winlogon.exe
[-] 2004-08-10 18:00 506368 D2DE785AEAB0BB8CA4C14A8A199DBE4E c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 00:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\ServicePackFiles\i386\winlogon.exe

[7] 2008-04-13 17:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys
[-] 2004-08-10 18:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[7] 2008-04-13 17:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys

[7] 2008-04-13 16:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-10 18:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[7] 2008-04-13 16:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys

[7] 2009-02-09 10:23 2025984 C9E530E1258352CC8689173AEFD3A3CF c:\windows\system32\ntkrnlpa.exe
[7] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2005-03-02 18:13 2059008 5311776074B6C13F983DC75BAEAC9C0C c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2006-02-21 05:18 2060160 560EBCDE98E8868CA13523C3959148FF c:\windows\$hf_mig$\KB914882\SP2QFE\ntkrnlpa.exe
[7] 2008-08-14 17:26 2068096 755B50949D0DBC0F0136B0DB58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 10:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2004-08-10 18:00 2017280 35567C8C50986C2BC5C3EFD79CB045E4 c:\windows\$NtUninstallKB896256$\ntkrnlpa.exe
[-] 2005-09-29 18:28 2017792 7A319C9E0C14ED6410E8B2753E3A32CE c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[7] 2008-04-14 00:07 2025984 92E82482CDB39929CF7B541A9648AFAE c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[7] 2008-08-14 11:23 2025984 F2DEC52ED964AD57220B1F5AA32B5C61 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2007-02-28 16:08 2019328 3E3DF9F5D56B719F055E7D652E79F96B c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2008-04-14 00:07 2067968 B71A8F101CEFAF82FC5EC16130A54A3F c:\windows\ServicePackFiles\i386\ntkrnlpa.exe

[7] 2009-02-09 10:23 2147328 907C6FCD8D5FB812D74C204060911EA6 c:\windows\system32\ntoskrnl.exe
[7] 2009-02-09 10:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2005-03-02 18:13 2181632 3E2A0A4A0C0B19FC113618A9562A3B2A c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2006-02-21 05:18 2183168 E4F5A850222A8D68F496162F16F1BDC9 c:\windows\$hf_mig$\KB914882\SP2QFE\ntoskrnl.exe
[7] 2008-08-14 17:26 2191232 D79210549BBF09B7638E860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 17:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2004-08-10 18:00 2150400 36F32A5A83DF734E022734D93860A9A4 c:\windows\$NtUninstallKB896256$\ntoskrnl.exe
[-] 2005-09-29 18:28 2138112 CD6A9F81C8B9BAF1E4393C6C476D17E7 c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[7] 2008-04-14 00:07 2147328 B10C36956EB7A8B1586DBE3B43875280 c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[7] 2008-08-14 11:23 2147328 E422F0930804A5D6E697E5D7DBFD9863 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2007-02-28 16:08 2139648 DE41F3B43B9F15E08CCD4B98A7BB2CA3 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2008-04-14 00:08 2191104 099D639DA1EF6968D4E41795BB507E6B c:\windows\ServicePackFiles\i386\ntoskrnl.exe

[7] 2008-04-14 00:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\explorer.exe
[-] 2007-06-13 12:10 1037312 B795475444D6D57A572C14B9E1A29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-10 18:00 1036288 4C33E5B9A6197B6ED215F6CFBA0A2DAA c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2007-06-13 12:22 1037312 D0288319660EDCFED07C7E74C4EA38A5 c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2008-04-14 00:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\ServicePackFiles\i386\explorer.exe

[7] 2009-02-09 10:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\services.exe
[7] 2009-02-09 10:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\dllcache\services.exe
[7] 2009-02-09 10:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 00:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\$NtUninstallKB956572$\services.exe
[-] 2004-08-10 18:00 108544 732E0B1ABAACE15D80EC19056B0A2AF9 c:\windows\$NtServicePackUninstall$\services.exe
[7] 2008-04-14 00:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\ServicePackFiles\i386\services.exe

[7] 2008-04-14 00:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\system32\lsass.exe
[-] 2004-08-10 18:00 13312 9F3744A5C6F49291A7A685040A013399 c:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2008-04-14 00:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\ServicePackFiles\i386\lsass.exe

[7] 2008-04-14 00:34 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\system32\ctfmon.exe
[-] 2004-08-10 18:00 15360 5584247B568C2E53934873F4B655FE6A c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2008-04-14 00:34 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\ServicePackFiles\i386\ctfmon.exe

[7] 2008-04-14 00:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\system32\spoolsv.exe
[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2004-08-10 18:00 57856 B4EF928E4FAD79364A80ACBA6D999934 c:\windows\$NtUninstallKB896423$\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2008-04-14 00:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\ServicePackFiles\i386\spoolsv.exe

[7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe
[7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 00:34 112640 7E3DEFE771CB451B0FF630BFA435417E c:\windows\ServicePackFiles\i386\wuauclt.exe

[7] 2008-04-14 00:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\userinit.exe
[-] 2004-08-10 18:00 25088 D6D65EA32B190401B57EDB6706F29669 c:\windows\$NtServicePackUninstall$\userinit.exe
[7] 2008-04-14 00:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\ServicePackFiles\i386\userinit.exe

[7] 2008-04-14 00:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\system32\termsrv.dll
[-] 2004-08-10 18:00 297984 7D521B8CF926459E270D18C559323815 c:\windows\$NtUninstallKB895961$\termsrv.dll
[-] 2005-03-10 07:50 297984 70921DE4C83652DC301A05F0CC46C985 c:\windows\$NtServicePackUninstall$\termsrv.dll
[7] 2008-04-14 00:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\ServicePackFiles\i386\termsrv.dll

[7] 2009-03-21 13:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\kernel32.dll
[7] 2009-03-21 13:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\dllcache\kernel32.dll
[-] 2007-04-16 16:11 1051136 62E3F0E9ABFCBCEE62C51546F622C455 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[7] 2009-03-21 13:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2004-08-10 18:00 1048576 7830E20C74611281B1BDAE5888CD50F5 c:\windows\$NtUninstallKB935839$\kernel32.dll
[7] 2008-04-14 00:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2007-04-16 15:53 1049600 6F1FE2AE7B22EB9CED1BFF533C9455EA c:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2008-04-14 00:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\ServicePackFiles\i386\kernel32.dll

[7] 2008-04-14 00:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\system32\powrprof.dll
[-] 2004-08-10 18:00 17408 B02E4DDBE0E98F42F3B61292DDB3A104 c:\windows\$NtServicePackUninstall$\powrprof.dll
[7] 2008-04-14 00:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\ServicePackFiles\i386\powrprof.dll

[7] 2008-04-14 00:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\system32\imm32.dll
[-] 2004-08-10 18:00 110080 39EE5FAF56260EBB8D77A08F525EBBB4 c:\windows\$NtServicePackUninstall$\imm32.dll
[7] 2008-04-14 00:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\ServicePackFiles\i386\imm32.dll

[7] 2008-04-14 00:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\system32\sfcfiles.dll
[-] 2004-08-10 18:00 1548288 ACF04FB3448D2C2CD3A851C138EC8AB6 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[7] 2008-04-14 00:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\ServicePackFiles\i386\sfcfiles.dll

[7] 2008-04-14 00:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\system32\appmgmts.dll
[-] 2004-08-10 18:00 176640 CE66077813D83C2D6908CDC64AE7E55A c:\windows\$NtServicePackUninstall$\appmgmts.dll
[7] 2008-04-14 00:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\ServicePackFiles\i386\appmgmts.dll

[7] 2008-04-14 00:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\system32\drivers\kbdclass.sys
[7] 2004-08-10 18:00 25216 E798705E8DC7FAB596EF6BFDF167E007 c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\kbdclass.sys
[7] 2004-08-10 18:00 25216 E798705E8DC7FAB596EF6BFDF167E007 c:\windows\$NtServicePackUninstall$\kbdclass.sys
[7] 2008-04-14 00:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\ServicePackFiles\i386\kbdclass.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-06-22_09.48.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-22 22:43 . 2009-06-22 22:43 16384 c:\windows\temp\Perflib_Perfdata_448.dat
+ 2009-06-22 22:43 . 2009-06-22 22:43 16384 c:\windows\temp\Perflib_Perfdata_370.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-05-03 18:50 277648 ----a-w- c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 307200]
"ErrorFix"="c:\program files\ErrorFix\ErrorFix.exe" [2009-06-12 37340424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"AliceSAV"="c:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe" [2005-12-16 81408]
"GW Port Controller"="c:\progra~1\samsung\smarthru\PORTCTRL.EXE" [2002-01-25 155648]
"Act.Outlook.Service"="c:\program files\ACT\Act for Windows\Act.Outlook.Service.exe" [2007-10-23 9728]
"Act! Preloader"="c:\program files\ACT\Act for Windows\ActSage.exe" [2007-10-23 393216]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"lxdfmon.exe"="c:\program files\Lexmark 6500 Series\lxdfmon.exe" [2007-06-11 455600]
"lxdfamon"="c:\program files\Lexmark 6500 Series\lxdfamon.exe" [2007-06-01 20480]
"Lexmark 6500 Series Fax Server"="c:\program files\Lexmark 6500 Series\fm3032.exe" [2007-06-11 308144]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-18 148888]
"KiweeHook"="c:\program files\Kiwee Toolbar\2.8.167\kwtbaim.exe" [2009-05-03 56456]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"SSCHBTN.EXE"="SSCHBTN.EXE" - c:\windows\system32\Sschbtn.exe [2002-01-23 36864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\joao varela\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-3-1 143360]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
BTTray.lnk - c:\program files\BTTray.exe [2003-9-15 503869]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Samsung\\SmarThru\\UtlServer.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ACT\\Act for Windows\\ActSage.exe"=
"c:\\Program Files\\Sapo\\SAPO Messenger\\sapoim.exe"=
"c:\\WINDOWS\\System32\\lxdfcoms.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdfpswx.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdftime.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdfjswx.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\FRun.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\LXDFwbgw.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\Wireless\\lxdfwpss.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Desktop Search\\WindowsSearch.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [03/05/2009 20:49 10240]
R2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe -service --> c:\windows\system32\lxdfcoms.exe -service [?]
R2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdfserv.exe [12/12/2008 00:35 99248]
R2 MSSQL$ACT7;SQL Server (ACT7);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22:31 29263712]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [01/10/2006 12:37 26624]
S1 f32252c9;f32252c9;c:\windows\system32\drivers\f32252c9.sys [22/06/2009 18:49 0]
S2 amd64si;amd64si; [x]
S2 Ca533av;Cam 3200, WDM Video Capture;c:\windows\system32\drivers\Ca533av.sys [21/08/2008 18:10 515803]
S3 USBCamera;DSC Still Image Capture (CA100);c:\windows\system32\drivers\Bulk533.sys [21/08/2008 18:10 11144]
.
Contenu du dossier 'Tâches planifiées'

2009-03-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{F93872F1-412A-4414-8C2D-31E0F7EC6A88} - (no file)


.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uInternet Settings,ProxyOverride = *.local
IE: Envoyer à &Bluetooth - c:\program files\btsendto_ie_ctx.htm
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game08.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-23 00:43
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AliceSAV = c:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\b4bfc967]
"ImagePath"="\SystemRoot\System32\drivers\b4bfc967.sys"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2864)
c:\windows\system32\MSNChatHook.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\MSVCR71.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BTNCopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\acer\Empowering Technology\admServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\bin\btwdins.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\lxdfcoms.exe
c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\documents and settings\joao varela\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\docume~1\JOAOVA~1\LOCALS~1\Temp\RtkBtMnt.exe
.
**************************************************************************
.
Heure de fin: 2009-06-22 0:47 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-22 22:47
ComboFix2.txt 2009-06-22 09:51

Avant-CF: 26 784 268 288 octets libres
Après-CF: 26 801 602 560 octets libres

525 --- E O F --- 2009-06-12 20:15


Mon pc avait déjà redémarré en mode normal après le premier scan combofix que j'avais fait.
@++

Salut flipflaplagirafe


- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.

- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :



- Enregistre ce fichier sur le bureau (Impératif)

-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers

- Clique sur Enregistrer et quitte le Bloc Notes

Important Désactive ton Antivirus et antispyware avant de faire le glisser/déposer

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :



* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ ComboFix.txt


@++

Salut Dédétraqué.

Voici le nouveau rapport Combofix :

ComboFix 09-06-22.04 - joao varela 23/06/2009 10:32.5 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1014.562 [GMT 2:00]
Lancé depuis: c:\documents and settings\joao varela\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\joao varela\Bureau\CFScript.txt

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE ::
"c:\windows\system32\drivers\b4bfc967.sys"
"c:\windows\system32\drivers\f32252c9.sys"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\FOUND.000
C:\FOUND.001
c:\found.000\FILE0000.CHK
c:\found.000\FILE0001.CHK
c:\found.000\FILE0002.CHK
c:\found.000\FILE0003.CHK
c:\found.000\FILE0004.CHK
c:\found.001\FILE0000.CHK
c:\found.001\FILE0001.CHK
c:\found.001\FILE0002.CHK
c:\windows\system32\drivers\b4bfc967.sys . . . . impossible à supprimer
c:\windows\system32\drivers\f32252c9.sys

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AMD64SI
-------\Service_amd64si
-------\Service_b4bfc967
-------\Service_f32252c9


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-23 au 2009-06-23 ))))))))))))))))))))))))))))))))))))
.

2009-06-22 22:46 . 2009-06-22 22:46 -------- d-----w- c:\windows\system32\dllcache\cache
2009-06-22 09:47 . 2009-06-23 08:39 78208 ----a-w- c:\windows\system32\drivers\b4bfc967.sys
2009-06-18 07:54 . 2009-06-18 07:54 -------- d-----w- C:\rsit
2009-06-18 07:51 . 2009-06-18 07:51 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-18 07:50 . 2009-06-18 07:50 152576 ----a-w- c:\documents and settings\joao varela\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-17 22:30 . 2009-06-17 22:30 -------- d-----w- c:\documents and settings\joao varela\Application Data\Malwarebytes
2009-06-17 22:30 . 2009-06-17 22:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-17 22:27 . 2009-06-17 22:27 -------- d-----w- c:\program files\Trend Micro
2009-06-17 20:45 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-23 08:35 . 2006-08-19 04:41 12 ----a-w- c:\windows\bthservsdp.dat
2009-05-24 22:24 . 2008-05-26 20:18 350208 ----a-w- c:\windows\system32\mssph.dll
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\Mindscape
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\QuickTime
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\Evernote
2009-05-12 21:58 . 2009-05-12 21:58 -------- d-----w- c:\program files\directx
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\joao varela\Application Data\DriverCure
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\program files\Fichiers communs\ParetoLogic
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-05-12 20:42 . 2009-05-12 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2009-05-12 13:12 . 2005-10-13 10:23 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-05-09 15:58 . 2009-05-09 15:58 -------- d-----w- c:\documents and settings\joao varela\Application Data\Boomzap
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\Oberon Media
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\Fichiers communs\Oberon Media
2009-05-09 14:06 . 2009-05-09 14:06 -------- d-----w- c:\program files\orange
2009-05-07 15:33 . 2004-08-10 18:00 348672 ------w- c:\windows\system32\localspl.dll
2009-05-03 18:50 . 2009-05-03 18:50 -------- d-----w- c:\documents and settings\LocalService\Application Data\agi
2009-05-03 18:50 . 2009-05-03 18:50 -------- d-----w- c:\program files\Kiwee Toolbar
2009-05-03 18:50 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Kiwee Toolbar
2009-05-03 18:49 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\joao varela\Application Data\agi
2009-05-03 18:49 . 2009-05-03 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\agi
2009-05-03 18:49 . 2009-05-03 18:49 339968 ----a-w- c:\windows\system32\pythoncom25.dll
2009-05-03 18:49 . 2009-05-03 18:49 2117632 ----a-w- c:\windows\system32\python25.dll
2009-05-03 18:49 . 2009-05-03 18:49 114688 ----a-w- c:\windows\system32\pywintypes25.dll
2009-05-03 18:48 . 2009-05-03 18:48 -------- d-----w- c:\program files\AGI
2009-05-02 10:05 . 2008-10-03 17:57 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-05-02 10:05 . 2008-10-03 17:57 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-05-02 10:05 . 2008-10-03 17:57 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-04-29 04:45 . 2006-01-09 18:02 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:45 . 2004-08-10 18:00 78336 ------w- c:\windows\system32\ieencode.dll
2009-04-19 23:05 . 2009-04-05 20:54 1 ----a-w- c:\documents and settings\joao varela\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-04-19 19:50 . 2004-08-10 18:00 1847296 ------w- c:\windows\system32\win32k.sys
2009-04-15 14:53 . 2004-08-10 18:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-15 09:09 . 2008-07-13 21:24 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-04-07 19:30 . 2008-07-16 21:42 40936 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2008-01-28 11:22 . 2007-06-17 20:53 356 ----a-w- c:\program files\Favoris Bluetooth.lnk
2007-06-17 19:47 . 2007-06-17 19:47 251 ----a-w- c:\program files\wt3d.ini
2003-09-15 15:30 . 2007-06-17 20:51 49152 ----a-w- c:\program files\BtBalloon.dll
2003-09-15 14:56 . 2003-09-15 14:56 1126484 ----a-w- c:\program files\BTStackServer.exe
2003-09-15 14:53 . 2003-09-15 14:53 503869 ----a-w- c:\program files\BTTray.exe
2003-09-15 14:41 . 2003-09-15 14:41 69632 ----a-w- c:\program files\btsendto_visio2k.vsl
2003-09-15 14:38 . 2003-09-15 14:38 49152 ----a-w- c:\program files\btsendto_explorer.exe
2003-05-29 11:53 . 2003-05-29 11:53 91648 ----a-w- c:\program files\gzip.exe
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_cold_icon_grey.ico
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_hot_icon.ico
2003-05-29 11:53 . 2003-05-29 11:53 1320 ----a-w- c:\program files\btsendto_ie_ctx.htm
2003-05-29 11:53 . 2003-05-29 11:53 3158 ----a-w- c:\program files\bt_cold_icon.ico
2003-05-29 11:53 . 2003-05-29 11:53 2681 ----a-w- c:\program files\btsendto_ie.htm
2003-04-14 13:42 . 2003-04-14 13:42 1574 ----a-w- c:\program files\lnuser.id
2003-03-24 08:38 . 2003-03-24 08:38 188402 ----a-w- c:\program files\BTW_hlp.chm
2002-10-02 13:18 . 2002-10-02 13:18 73642 ----a-w- c:\program files\context.hlp
2002-05-15 21:29 . 2002-05-15 21:29 591 ----a-w- c:\program files\bttray.exe.manifest
.

------- Sigcheck -------

[7] 2008-04-14 00:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\system32\svchost.exe
[-] 2004-08-10 18:00 14336 1BD6C2F707A275CB7C16FD99FE0F31CA c:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2008-04-14 00:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\ServicePackFiles\i386\svchost.exe

[7] 2008-04-14 00:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\system32\user32.dll
[-] 2005-03-02 18:20 578048 C34920EB988CE98910BD6B0417F334EB c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2007-03-08 15:50 579072 4D88AAF39ADABFE45958EA1384E2C4FF c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2004-08-10 18:00 578048 E46FB493E3B33704F0715020CF52106B c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2007-03-08 15:37 578560 753354F594809A9B96F73999B435A533 c:\windows\$NtServicePackUninstall$\user32.dll
[7] 2008-04-14 00:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\ServicePackFiles\i386\user32.dll

[7] 2008-04-14 00:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\system32\ws2_32.dll
[-] 2004-08-10 18:00 82944 BC41F51A39D3B255805FDB759B7814AE c:\windows\$NtServicePackUninstall$\ws2_32.dll
[7] 2008-04-14 00:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\ServicePackFiles\i386\ws2_32.dll

[7] 2009-04-29 04:45 827392 08EFECB3F17F38F23F14148D374ACBC9 c:\windows\system32\wininet.dll
[7] 2009-04-29 04:45 827392 08EFECB3F17F38F23F14148D374ACBC9 c:\windows\system32\dllcache\wininet.dll
[7] 2008-04-23 07:19 827392 78D3D2B0BE6AD3E6D82CCB115CF74310 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[7] 2008-06-23 15:40 827904 52589BAE67DD9859724287372668690B c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 07:10 827904 4B0E70D44297877A313045BD059770E1 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-10-16 17:33 827904 37D1A1BFE3D9904F2C3D11592456F9C0 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 21:47 827904 4E192082A5FCE9EF19198A24CDEA3442 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2009-03-02 23:15 828416 39F71B559A97ED722F939A0EA7235323 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-04-29 04:37 828928 754097815B575A721AB58B1C55476805 c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2004-08-10 18:00 660480 58FE94EF42E074F4CAD8BF02E70E6478 c:\windows\$NtUninstallKB912945$\wininet.dll
[-] 2006-01-09 18:02 666112 5404E2EAD19D7E2A5C4086015062343C c:\windows\$NtUninstallKB933566$\wininet.dll
[-] 2007-04-18 12:44 669696 A3BF56A786B277E881FD9137F55F0B4B c:\windows\$NtUninstallKB942615$\wininet.dll
[-] 2007-10-11 04:59 670208 0465CDE31ADD22F6233FFB4FE4AF01CF c:\windows\ie7\wininet.dll
[7] 2007-08-13 16:54 818688 A4A0FC92358F39538A6494C42EF99FE9 c:\windows\ie7updates\KB950759-IE7\wininet.dll
[7] 2008-04-23 04:16 826368 02D6AABD5F5A32C61478B5CDFE50E4A8 c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2008-06-23 16:28 826368 AC0BD61DC2C64906FBFE50E005FEFA2C c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-08-26 06:11 826368 E30CACD98479B36A3DBFA3267BF62DD0 c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-10-16 18:18 826368 CFBFA47415E85018E2CDC509E5E3D011 c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-12-20 20:47 826368 0551C946E305CEE0A79BA744DC141BFC c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2009-03-02 23:13 826368 68A2567FDD62AE7E31D8A885C5173EF9 c:\windows\ie7updates\KB969897-IE7\wininet.dll
[7] 2008-04-14 00:33 670208 4A6E04EA20F48D750D9BFED8600D516B c:\windows\ServicePackFiles\i386\wininet.dll

[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2007-10-30 15:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2004-08-10 18:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2007-10-30 16:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-04-13 17:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2008-04-13 17:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys

[7] 2008-04-14 00:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\system32\winlogon.exe
[-] 2004-08-10 18:00 506368 D2DE785AEAB0BB8CA4C14A8A199DBE4E c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 00:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\ServicePackFiles\i386\winlogon.exe

[7] 2008-04-13 17:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys
[-] 2004-08-10 18:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[7] 2008-04-13 17:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys

[7] 2008-04-13 16:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-10 18:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[7] 2008-04-13 16:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys

[7] 2009-02-09 10:23 2025984 C9E530E1258352CC8689173AEFD3A3CF c:\windows\system32\ntkrnlpa.exe
[7] 2009-02-10 17:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2005-03-02 18:13 2059008 5311776074B6C13F983DC75BAEAC9C0C c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2006-02-21 05:18 2060160 560EBCDE98E8868CA13523C3959148FF c:\windows\$hf_mig$\KB914882\SP2QFE\ntkrnlpa.exe
[7] 2008-08-14 17:26 2068096 755B50949D0DBC0F0136B0DB58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 10:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2004-08-10 18:00 2017280 35567C8C50986C2BC5C3EFD79CB045E4 c:\windows\$NtUninstallKB896256$\ntkrnlpa.exe
[-] 2005-09-29 18:28 2017792 7A319C9E0C14ED6410E8B2753E3A32CE c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[7] 2008-04-14 00:07 2025984 92E82482CDB39929CF7B541A9648AFAE c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[7] 2008-08-14 11:23 2025984 F2DEC52ED964AD57220B1F5AA32B5C61 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2007-02-28 16:08 2019328 3E3DF9F5D56B719F055E7D652E79F96B c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2008-04-14 00:07 2067968 B71A8F101CEFAF82FC5EC16130A54A3F c:\windows\ServicePackFiles\i386\ntkrnlpa.exe

[7] 2009-02-09 10:23 2147328 907C6FCD8D5FB812D74C204060911EA6 c:\windows\system32\ntoskrnl.exe
[7] 2009-02-09 10:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2005-03-02 18:13 2181632 3E2A0A4A0C0B19FC113618A9562A3B2A c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2006-02-21 05:18 2183168 E4F5A850222A8D68F496162F16F1BDC9 c:\windows\$hf_mig$\KB914882\SP2QFE\ntoskrnl.exe
[7] 2008-08-14 17:26 2191232 D79210549BBF09B7638E860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 17:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2004-08-10 18:00 2150400 36F32A5A83DF734E022734D93860A9A4 c:\windows\$NtUninstallKB896256$\ntoskrnl.exe
[-] 2005-09-29 18:28 2138112 CD6A9F81C8B9BAF1E4393C6C476D17E7 c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[7] 2008-04-14 00:07 2147328 B10C36956EB7A8B1586DBE3B43875280 c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[7] 2008-08-14 11:23 2147328 E422F0930804A5D6E697E5D7DBFD9863 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2007-02-28 16:08 2139648 DE41F3B43B9F15E08CCD4B98A7BB2CA3 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2008-04-14 00:08 2191104 099D639DA1EF6968D4E41795BB507E6B c:\windows\ServicePackFiles\i386\ntoskrnl.exe

[7] 2008-04-14 00:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\explorer.exe
[-] 2007-06-13 12:10 1037312 B795475444D6D57A572C14B9E1A29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-10 18:00 1036288 4C33E5B9A6197B6ED215F6CFBA0A2DAA c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2007-06-13 12:22 1037312 D0288319660EDCFED07C7E74C4EA38A5 c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2008-04-14 00:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\ServicePackFiles\i386\explorer.exe

[7] 2009-02-09 10:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\services.exe
[7] 2009-02-09 10:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\dllcache\services.exe
[7] 2009-02-09 10:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 00:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\$NtUninstallKB956572$\services.exe
[-] 2004-08-10 18:00 108544 732E0B1ABAACE15D80EC19056B0A2AF9 c:\windows\$NtServicePackUninstall$\services.exe
[7] 2008-04-14 00:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\ServicePackFiles\i386\services.exe

[7] 2008-04-14 00:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\system32\lsass.exe
[-] 2004-08-10 18:00 13312 9F3744A5C6F49291A7A685040A013399 c:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2008-04-14 00:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\ServicePackFiles\i386\lsass.exe

[7] 2008-04-14 00:34 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\system32\ctfmon.exe
[-] 2004-08-10 18:00 15360 5584247B568C2E53934873F4B655FE6A c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2008-04-14 00:34 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\ServicePackFiles\i386\ctfmon.exe

[7] 2008-04-14 00:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\system32\spoolsv.exe
[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2004-08-10 18:00 57856 B4EF928E4FAD79364A80ACBA6D999934 c:\windows\$NtUninstallKB896423$\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2008-04-14 00:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\ServicePackFiles\i386\spoolsv.exe

[7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe
[7] 2008-10-16 12:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 00:34 112640 7E3DEFE771CB451B0FF630BFA435417E c:\windows\ServicePackFiles\i386\wuauclt.exe

[7] 2008-04-14 00:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\userinit.exe
[-] 2004-08-10 18:00 25088 D6D65EA32B190401B57EDB6706F29669 c:\windows\$NtServicePackUninstall$\userinit.exe
[7] 2008-04-14 00:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\ServicePackFiles\i386\userinit.exe

[7] 2008-04-14 00:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\system32\termsrv.dll
[-] 2004-08-10 18:00 297984 7D521B8CF926459E270D18C559323815 c:\windows\$NtUninstallKB895961$\termsrv.dll
[-] 2005-03-10 07:50 297984 70921DE4C83652DC301A05F0CC46C985 c:\windows\$NtServicePackUninstall$\termsrv.dll
[7] 2008-04-14 00:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\ServicePackFiles\i386\termsrv.dll

[7] 2009-03-21 13:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\kernel32.dll
[7] 2009-03-21 13:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\dllcache\kernel32.dll
[-] 2007-04-16 16:11 1051136 62E3F0E9ABFCBCEE62C51546F622C455 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[7] 2009-03-21 13:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2004-08-10 18:00 1048576 7830E20C74611281B1BDAE5888CD50F5 c:\windows\$NtUninstallKB935839$\kernel32.dll
[7] 2008-04-14 00:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2007-04-16 15:53 1049600 6F1FE2AE7B22EB9CED1BFF533C9455EA c:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2008-04-14 00:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\ServicePackFiles\i386\kernel32.dll

[7] 2008-04-14 00:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\system32\powrprof.dll
[-] 2004-08-10 18:00 17408 B02E4DDBE0E98F42F3B61292DDB3A104 c:\windows\$NtServicePackUninstall$\powrprof.dll
[7] 2008-04-14 00:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\ServicePackFiles\i386\powrprof.dll

[7] 2008-04-14 00:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\system32\imm32.dll
[-] 2004-08-10 18:00 110080 39EE5FAF56260EBB8D77A08F525EBBB4 c:\windows\$NtServicePackUninstall$\imm32.dll
[7] 2008-04-14 00:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\ServicePackFiles\i386\imm32.dll

[7] 2008-04-14 00:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\system32\sfcfiles.dll
[-] 2004-08-10 18:00 1548288 ACF04FB3448D2C2CD3A851C138EC8AB6 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[7] 2008-04-14 00:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\ServicePackFiles\i386\sfcfiles.dll

[7] 2008-04-14 00:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\system32\appmgmts.dll
[-] 2004-08-10 18:00 176640 CE66077813D83C2D6908CDC64AE7E55A c:\windows\$NtServicePackUninstall$\appmgmts.dll
[7] 2008-04-14 00:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\ServicePackFiles\i386\appmgmts.dll

[7] 2008-04-14 00:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\system32\drivers\kbdclass.sys
[7] 2004-08-10 18:00 25216 E798705E8DC7FAB596EF6BFDF167E007 c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\kbdclass.sys
[7] 2004-08-10 18:00 25216 E798705E8DC7FAB596EF6BFDF167E007 c:\windows\$NtServicePackUninstall$\kbdclass.sys
[7] 2008-04-14 00:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\ServicePackFiles\i386\kbdclass.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-06-22_09.48.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-23 08:36 . 2009-06-23 08:36 16384 c:\windows\temp\Perflib_Perfdata_370.dat
+ 2009-06-23 08:37 . 2009-06-23 08:37 16384 c:\windows\temp\Perflib_Perfdata_214.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-05-03 18:50 277648 ----a-w- c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 307200]
"ErrorFix"="c:\program files\ErrorFix\ErrorFix.exe" [2009-06-12 37340424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"AliceSAV"="c:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe" [2005-12-16 81408]
"GW Port Controller"="c:\progra~1\samsung\smarthru\PORTCTRL.EXE" [2002-01-25 155648]
"Act.Outlook.Service"="c:\program files\ACT\Act for Windows\Act.Outlook.Service.exe" [2007-10-23 9728]
"Act! Preloader"="c:\program files\ACT\Act for Windows\ActSage.exe" [2007-10-23 393216]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"lxdfmon.exe"="c:\program files\Lexmark 6500 Series\lxdfmon.exe" [2007-06-11 455600]
"lxdfamon"="c:\program files\Lexmark 6500 Series\lxdfamon.exe" [2007-06-01 20480]
"Lexmark 6500 Series Fax Server"="c:\program files\Lexmark 6500 Series\fm3032.exe" [2007-06-11 308144]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-18 148888]
"KiweeHook"="c:\program files\Kiwee Toolbar\2.8.167\kwtbaim.exe" [2009-05-03 56456]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"SSCHBTN.EXE"="SSCHBTN.EXE" - c:\windows\system32\Sschbtn.exe [2002-01-23 36864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\joao varela\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2009-3-1 143360]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
BTTray.lnk - c:\program files\BTTray.exe [2003-9-15 503869]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Samsung\\SmarThru\\UtlServer.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ACT\\Act for Windows\\ActSage.exe"=
"c:\\Program Files\\Sapo\\SAPO Messenger\\sapoim.exe"=
"c:\\WINDOWS\\System32\\lxdfcoms.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdfpswx.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdftime.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdfjswx.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\FRun.exe"=
"c:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\LXDFwbgw.exe"=
"c:\\Program Files\\Lexmark 6500 Series\\Wireless\\lxdfwpss.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Desktop Search\\WindowsSearch.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [03/05/2009 20:49 10240]
R2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe -service --> c:\windows\system32\lxdfcoms.exe -service [?]
R2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdfserv.exe [12/12/2008 00:35 99248]
R2 MSSQL$ACT7;SQL Server (ACT7);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22:31 29263712]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [01/10/2006 12:37 26624]
S2 Ca533av;Cam 3200, WDM Video Capture;c:\windows\system32\drivers\Ca533av.sys [21/08/2008 18:10 515803]
S3 USBCamera;DSC Still Image Capture (CA100);c:\windows\system32\drivers\Bulk533.sys [21/08/2008 18:10 11144]
.
Contenu du dossier 'Tâches planifiées'

2009-03-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{F93872F1-412A-4414-8C2D-31E0F7EC6A88} - (no file)


.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uInternet Settings,ProxyOverride = *.local
IE: Envoyer à &Bluetooth - c:\program files\btsendto_ie_ctx.htm
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game08.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-23 10:37
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AliceSAV = c:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\b4bfc967]
"ImagePath"="\SystemRoot\System32\drivers\b4bfc967.sys"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1868)
c:\windows\system32\MSNChatHook.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\MSVCR71.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BTNCopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\acer\Empowering Technology\admServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\bin\btwdins.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\lxdfcoms.exe
c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\documents and settings\joao varela\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\docume~1\JOAOVA~1\LOCALS~1\Temp\RtkBtMnt.exe
.
**************************************************************************
.
Heure de fin: 2009-06-23 10:41 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-23 08:41
ComboFix2.txt 2009-06-22 22:48
ComboFix3.txt 2009-06-22 09:51

Avant-CF: 26 873 430 016 octets libres
Après-CF: 26 858 258 432 octets libres

415 --- E O F --- 2009-06-12 20:15


@++

Salut flipflaplagirafe


Faire un scan de ce fichier Sschbtn.exe ici :

http://www.virustotal.com/fr/


Clique sur Parcourir et copie/colle ceci :
c:\windows\system32\Sschbtn.exe
Après tu clique sur Envoyer le fichier et attendre le résultat de l’analyse.


Poste le résultat au complet

Aide : http://bibou0007.com/scans-en-ligne-f75/tutorial-sur-virustotal-t190.htm


@++

Salut Dédétraqué.
Voici le résultat de l'analyse :Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.23 -
AhnLab-V3 5.0.0.2 2009.06.23 -
AntiVir 7.9.0.193 2009.06.23 -
Antiy-AVL 2.0.3.1 2009.06.23 -
Authentium 5.1.2.4 2009.06.23 -
Avast 4.8.1335.0 2009.06.22 -
AVG 8.5.0.339 2009.06.23 -
BitDefender 7.2 2009.06.23 -
CAT-QuickHeal 10.00 2009.06.22 -
ClamAV 0.94.1 2009.06.23 -
Comodo 1399 2009.06.23 -
DrWeb 5.0.0.12182 2009.06.23 -
eSafe 7.0.17.0 2009.06.22 -
eTrust-Vet 31.6.6573 2009.06.22 -
F-Prot 4.4.4.56 2009.06.23 -
F-Secure 8.0.14470.0 2009.06.23 -
Fortinet 3.117.0.0 2009.06.23 -
GData 19 2009.06.23 -
Ikarus T3.1.1.59.0 2009.06.23 -
Jiangmin 11.0.706 2009.06.23 -
K7AntiVirus 7.10.768 2009.06.19 -
Kaspersky 7.0.0.125 2009.06.23 -
McAfee 5654 2009.06.22 -
McAfee+Artemis 5654 2009.06.22 -
McAfee-GW-Edition 6.7.6 2009.06.23 -
Microsoft 1.4803 2009.06.23 -
NOD32 4180 2009.06.23 -
Norman 6.01.09 2009.06.23 -
nProtect 2009.1.8.0 2009.06.23 -
Panda 10.0.0.16 2009.06.23 -
PCTools 4.4.2.0 2009.06.22 -
Prevx 3.0 2009.06.23 -
Rising 21.35.14.00 2009.06.23 -
Sophos 4.42.0 2009.06.23 -
Sunbelt 3.2.1858.2 2009.06.23 -
Symantec 1.4.4.12 2009.06.23 -
TheHacker 6.3.4.3.351 2009.06.22 -
TrendMicro 8.950.0.1094 2009.06.23 -
VBA32 3.12.10.7 2009.06.23 -
ViRobot 2009.6.23.1800 2009.06.23 -
VirusBuster 4.6.5.0 2009.06.22 -
Information additionnelle
File size: 36864 bytes
MD5...: 249ebb6683e2e8a831b470e6b396133b
SHA1..: fa333fc9783729f649676296add88a80ca7844dd
SHA256: 333c5653cce387a4b20e0219c7c534ce3521478eb606376cf054110ec47e44ba
ssdeep: 768:ceAhYw5/WqAHR14XpgAyNQSiWOnvae6oBJJ4F6cNo:hy5/0R14XiHFi7nvah
oBJJ4V

PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2ea8
timedatestamp.....: 0x3c4e685c (Wed Jan 23 07:38:04 2002)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x4a7d 0x5000 6.24 c1a63c37c19f5741648b0b45a2436377
.rdata 0x6000 0xd42 0x1000 4.69 edd746124a1034cd2b18b5828cf5945c
.data 0x7000 0x1a8c 0x1000 4.59 8b7be88d231093011e49d5454b551d2c
.rsrc 0x9000 0xef8 0x1000 3.57 94cc853eb8e34b965363ac2e7810389d

( 5 imports )
> KERNEL32.dll: GetExitCodeThread, Sleep, GetTickCount, GetProcAddress, ExitThread, GetVersionExA, GetSystemPowerStatus, lstrcatA, GetSystemDirectoryA, CreateThread, FreeLibrary, GetModuleFileNameA, GetPrivateProfileStringA, SetLastError, CreateProcessA, GetExitCodeProcess, CloseHandle, GetLastError, FormatMessageA, LocalFree, lstrcpyA, LoadLibraryA, GetStartupInfoA, GetModuleHandleA, VirtualAlloc, HeapAlloc, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, MultiByteToWideChar, WriteFile, HeapReAlloc, OutputDebugStringA, GetCommandLineA, RtlUnwind, VirtualFree, HeapCreate, HeapDestroy, GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, WideCharToMultiByte, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, ExitProcess, HeapFree, GetACP, GetOEMCP, GetVersion, GetCPInfo
> USER32.dll: wvsprintfA, MessageBoxA, DispatchMessageA, TranslateMessage, PeekMessageA, WaitForInputIdle, AppendMenuA, CreatePopupMenu, wsprintfA, LoadStringA, LoadIconA, ModifyMenuA, PostMessageA, DestroyMenu, GetMessageA, CreateWindowExA, ShowWindow, UpdateWindow, LoadCursorA, RegisterClassA, GetDesktopWindow, GetWindowRect, SetMenuDefaultItem, TrackPopupMenu, PostQuitMessage, DefWindowProcA
> GDI32.dll: GetStockObject
> ADVAPI32.dll: RegDeleteKeyA, RegCloseKey, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegOpenKeyExA, RegQueryValueExA, RegOpenKeyA
> SHELL32.dll: Shell_NotifyIconA

( 0 exports )

PDFiD.: -
RDS...: NSRL Reference Data Set
-

@++

Salut flipflaplagirafe


Télécharge OTM (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTM.exe


Double-clique sur OTM.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTM\MovedFiles.


@++

Salut Dédétraqué.

Voici le rapport OTM :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver b4bfc967 not found.
Service\Driver b4bfc967 not found.
========== FILES ==========
File move failed. c:\windows\system32\drivers\b4bfc967.sys scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 507904 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 766089 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 95710 bytes

User: Administrateur
->Temp folder emptied: 0 bytes

User: joao varela
File delete failed. C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\LWEAMZH1\CAOZ8068CAKQ256XCAZI2RF2CA1E4HJZCA4LJ1A5CAUFYDXACAO3J1KGCALACNV8CA5U0FLXCA4OV80VCA70KOXUCAQCV72DCAL511H9CAL2B6AHCA8RTYKQCA56OHD2CA4BX8CFCANF8SAQCAVPEFLRCADLA9HFCAUU28ZH scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\LWEAMZH1\CA054JZ2CA624WKPCA5TN0KUCAYME98ECAQT9P3QCAIKNJ7UCAKKQD3ZCASNMTZCCA85Y3V1CA7BI1WHCA37UOYWCAYBZZ7TCA2JDPKMCALD2I1FCA24F5QNCAFTRVZ6CAF15P6SCANWQDQZCAS8TZPFCASVXNXNCA3OJ7QZ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\LWEAMZH1\CAHTRVVLCAXYOA04CAVDMH4ECAXU26JACAVP2NB6CATFHCVXCA2600FFCAOFTVI1CA0PS6AECA5M3SMOCAX62R7RCAXYA8SECANSKBBXCAX0BZK0CAA83LTHCAAU2R7VCABJMXGCCA9WX33ZCAUZGSDDCABMBXXUCAU51D4Q scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\TI6FBUD5\CA6L9XV5CANDU6P5CA5NUHRCCA44FKSQCAPSJVR9CA9L3PKICARDG04SCA20CMKRCAGNM6NVCA9RZ65VCAAYXFG6CA34BY70CAWJPH7UCA00E5N8CATLUVSPCAKRATIYCAI2882VCAPF102HCA01P9GCCAHZ2MZOCATQLEEB scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\TI6FBUD5\CAC0HCWVCA1D0PTMCAX7OYMGCAFDUYJ8CAOF7Q5RCAAHPU6BCAA713A2CAAI9LCBCAYRGG1KCANYA3DFCA0ZMV1TCATVEKDACAI25P26CAIM4SKGCAUAPBRNCA12SK7RCATTLFN2CAHM63QECADKK8G2CARPCUPWCA5CTLQW scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\8O8OLTKW\CA6OYCIMCAA9GM08CAVV8MHUCAKCEW97CA6GLZ57CAP1H9UOCAZXE2MUCARMBS28CAKD1C8XCAUK5S1SCAXB0WQQCAGSAPV9CAXXV4YGCA2BEVW9CAOQHRWSCA6A7GLZCAZ9UFD6CA7DZ09ZCAJ18J65CACZ7ZVUCACWFP4M scheduled to be deleted on reboot.
->Temp folder emptied: 11841099 bytes
->Temporary Internet Files folder emptied: 95710 bytes
->Java cache emptied: 7656636 bytes
->Apple Safari cache emptied: 3191975 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 23,04 mb


OTM by OldTimer - Version 3.0.0.1 log created on 06232009_232712

Files moved on Reboot...
File c:\windows\system32\drivers\b4bfc967.sys not found!
File C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\LWEAMZH1\CAOZ8068CAKQ256XCAZI2RF2CA1E4HJZCA4LJ1A5CAUFYDXACAO3J1KGCALACNV8CA5U0FLXCA4OV80VCA70KOXUCAQCV72DCAL511H9CAL2B6AHCA8RTYKQCA56OHD2CA4BX8CFCANF8SAQCAVPEFLRCADLA9HFCAUU28ZH not found!
File C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\LWEAMZH1\CA054JZ2CA624WKPCA5TN0KUCAYME98ECAQT9P3QCAIKNJ7UCAKKQD3ZCASNMTZCCA85Y3V1CA7BI1WHCA37UOYWCAYBZZ7TCA2JDPKMCALD2I1FCA24F5QNCAFTRVZ6CAF15P6SCANWQDQZCAS8TZPFCASVXNXNCA3OJ7QZ not found!
File C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\LWEAMZH1\CAHTRVVLCAXYOA04CAVDMH4ECAXU26JACAVP2NB6CATFHCVXCA2600FFCAOFTVI1CA0PS6AECA5M3SMOCAX62R7RCAXYA8SECANSKBBXCAX0BZK0CAA83LTHCAAU2R7VCABJMXGCCA9WX33ZCAUZGSDDCABMBXXUCAU51D4Q not found!
File C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\TI6FBUD5\CA6L9XV5CANDU6P5CA5NUHRCCA44FKSQCAPSJVR9CA9L3PKICARDG04SCA20CMKRCAGNM6NVCA9RZ65VCAAYXFG6CA34BY70CAWJPH7UCA00E5N8CATLUVSPCAKRATIYCAI2882VCAPF102HCA01P9GCCAHZ2MZOCATQLEEB not found!
File C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\TI6FBUD5\CAC0HCWVCA1D0PTMCAX7OYMGCAFDUYJ8CAOF7Q5RCAAHPU6BCAA713A2CAAI9LCBCAYRGG1KCANYA3DFCA0ZMV1TCATVEKDACAI25P26CAIM4SKGCAUAPBRNCA12SK7RCATTLFN2CAHM63QECADKK8G2CARPCUPWCA5CTLQW not found!
File C:\Documents and Settings\joao varela\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\8O8OLTKW\CA6OYCIMCAA9GM08CAVV8MHUCAKCEW97CA6GLZ57CAP1H9UOCAZXE2MUCARMBS28CAKD1C8XCAUK5S1SCAXB0WQQCAGSAPV9CAXXV4YGCA2BEVW9CAOQHRWSCA6A7GLZCAZ9UFD6CA7DZ09ZCAJ18J65CACZ7ZVUCACWFP4M not found!

Registry entries deleted on Reboot...

@++

Salut flipflaplagirafe


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Salut Dédétraqué.

Voici les rapports RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by joao varela at 2009-06-24 00:40:59
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 26 GB (47%) free of 54 GB
Total RAM: 1014 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:41:03, on 24/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AGI\common\win32\PythonService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdfserv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\lxdfcoms.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\WINDOWS\system32\SSCHBTN.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\progra~1\samsung\smarthru\PORTCTRL.EXE
C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lexmark 6500 Series\lxdfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Lexmark 6500 Series\lxdfamon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\ErrorFix\ErrorFix.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\DOCUME~1\JOAOVA~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\joao varela\Bureau\RSIT.exe
C:\Program Files\trend micro\joao varela.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barra de ferramentas - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {F93872F1-412A-4414-8C2D-31E0F7EC6A88} - (no file)
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [SSCHBTN.EXE] SSCHBTN.EXE
O4 - HKLM\..\Run: [GW Port Controller] c:\progra~1\samsung\smarthru\PORTCTRL.EXE
O4 - HKLM\..\Run: [Act.Outlook.Service] "C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe"
O4 - HKLM\..\Run: [Act! Preloader] "C:\Program Files\ACT\Act for Windows\ActSage.exe" -preload
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [lxdfmon.exe] "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"
O4 - HKLM\..\Run: [lxdfamon] "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe"
O4 - HKLM\..\Run: [Lexmark 6500 Series Fax Server] "C:\Program Files\Lexmark 6500 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [ErrorFix] C:\Program Files\ErrorFix\ErrorFix.exe -boot
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\btsendto_ie_ctx.htm
O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Joindre la page Web au contact ACT! - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: Joindre la page Web au contact ACT!... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxdfCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe
O23 - Service: lxdf_device - - C:\WINDOWS\system32\lxdfcoms.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\program files\fichiers communs\protexis\license service\psiservice_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 13141 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Barra de ferramentas - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-10-07 372736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2009-05-03 277648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programa Auxiliar de Início de Sessão do Windows Live

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5233FCD-D258-4903-89B8-FB1568E7413D}]
Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - C:\WINDOWS\system32\mscoree.dll [2008-07-25 282112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-18 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F93872F1-412A-4414-8C2D-31E0F7EC6A88}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2009-05-03 277648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-21 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2006-05-15 45056]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-08-10 352256]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-05-22 3080704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"AliceSAV"=C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe [2005-12-16 81408]
"SSCHBTN.EXE"=C:\WINDOWS\system32\SSCHBTN.EXE [2002-01-23 36864]
"GW Port Controller"=c:\progra~1\samsung\smarthru\PORTCTRL.EXE [2002-01-25 155648]
"Act.Outlook.Service"=C:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exe [2007-10-23 9728]
"Act! Preloader"=C:\Program Files\ACT\Act for Windows\ActSage.exe [2007-10-23 393216]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-26 177472]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"lxdfmon.exe"=C:\Program Files\Lexmark 6500 Series\lxdfmon.exe [2007-06-12 455600]
"lxdfamon"=C:\Program Files\Lexmark 6500 Series\lxdfamon.exe [2007-06-01 20480]
"Lexmark 6500 Series Fax Server"=C:\Program Files\Lexmark 6500 Series\fm3032.exe [2007-06-12 308144]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-18 148888]
"KiweeHook"=C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe [2009-05-03 56456]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"updateMgr"=c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2004-11-22 307200]
"ErrorFix"=C:\Program Files\ErrorFix\ErrorFix.exe [2009-06-12 37340424]

C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
BTTray.lnk - C:\Program Files\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\joao varela\Menu Démarrer\Programmes\Démarrage
Outil de notification Live Search.lnk - C:\Documents and Settings\joao varela\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoThumbnailCache"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\System32\usmt\migwiz.exe"="C:\WINDOWS\System32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Samsung\SmarThru\UtlServer.EXE"="C:\Program Files\Samsung\SmarThru\UtlServer.EXE:*:Enabled:SmarThru Utl Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ACT\Act for Windows\ActSage.exe"="C:\Program Files\ACT\Act for Windows\ActSage.exe:*:Enabled:ACT! by Sage"
"C:\Program Files\Sapo\SAPO Messenger\sapoim.exe"="C:\Program Files\Sapo\SAPO Messenger\sapoim.exe:*:Enabled:Sapo Messenger"
"C:\WINDOWS\System32\lxdfcoms.exe"="C:\WINDOWS\System32\lxdfcoms.exe:*:Enabled:6500 Series Server"
"C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"="C:\Program Files\Lexmark 6500 Series\lxdfmon.exe:*:Enabled:Printer Device Monitor"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfpswx.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfpswx.exe:*:Enabled:Printer Status Window Interface"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdftime.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdftime.exe:*:Enabled:Lexmark Connect Time Executable"
"C:\Program Files\Lexmark 6500 Series\LXDFFax.exe"="C:\Program Files\Lexmark 6500 Series\LXDFFax.exe:*:Enabled:Fax Solutions Software"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfjswx.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\lxdfjswx.exe:*:Enabled:Job Status Window Interface"
"C:\Program Files\Lexmark 6500 Series\FRun.exe"="C:\Program Files\Lexmark 6500 Series\FRun.exe:*:Enabled:Printing Application"
"C:\WINDOWS\System32\spool\drivers\W32X86\3\LXDFwbgw.exe"="C:\WINDOWS\System32\spool\drivers\W32X86\3\LXDFwbgw.exe:*:Enabled:Lexmark Web Gateway"
"C:\Program Files\Lexmark 6500 Series\Wireless\lxdfwpss.exe"="C:\Program Files\Lexmark 6500 Series\Wireless\lxdfwpss.exe:*:Enabled: "
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Windows Desktop Search\WindowsSearch.exe"="C:\Program Files\Windows Desktop Search\WindowsSearch.exe:*:Enabled:ENABLE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2009-06-24 00:40:59 ----D---- C:\rsit
2009-06-23 23:27:22 ----SHD---- C:\Recycled
2009-06-23 23:27:12 ----D---- C:\_OTM
2009-06-23 10:41:51 ----A---- C:\ComboFix.txt
2009-06-23 10:35:11 ----D---- C:\WINDOWS\temp
2009-06-23 00:30:48 ----SHD---- C:\Config.Msi
2009-06-22 01:48:11 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-06-19 01:01:02 ----A---- C:\WINDOWS\zip.exe
2009-06-19 01:01:02 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-06-19 01:01:02 ----A---- C:\WINDOWS\SWSC.exe
2009-06-19 01:01:02 ----A---- C:\WINDOWS\SWREG.exe
2009-06-19 01:01:02 ----A---- C:\WINDOWS\sed.exe
2009-06-19 01:01:02 ----A---- C:\WINDOWS\PEV.exe
2009-06-19 01:01:02 ----A---- C:\WINDOWS\NIRCMD.exe
2009-06-19 01:01:02 ----A---- C:\WINDOWS\grep.exe
2009-06-19 01:00:59 ----D---- C:\WINDOWS\ERDNT
2009-06-19 00:55:50 ----D---- C:\Qoobox
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\java.exe
2009-06-18 09:51:44 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-18 00:34:16 ----A---- C:\WINDOWS\ntbtlog.txt
2009-06-18 00:30:25 ----D---- C:\Documents and Settings\joao varela\Application Data\Malwarebytes
2009-06-18 00:30:15 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-18 00:27:20 ----D---- C:\Program Files\Trend Micro
2009-06-12 22:15:09 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 22:14:55 ----HD---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 22:14:27 ----HD---- C:\WINDOWS\$NtUninstallKB963093$
2009-06-12 08:42:37 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 08:39:37 ----HD---- C:\WINDOWS\$NtUninstallKB968537$

======List of files/folders modified in the last 1 months======

2009-06-23 23:31:38 ----A---- C:\WINDOWS\system32\eRLog.ini
2009-06-23 23:28:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-23 10:39:04 ----A---- C:\WINDOWS\system.ini
2009-06-18 01:24:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-12 22:15:16 ----A---- C:\WINDOWS\imsins.BAK
2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-25 00:24:06 ----A---- C:\WINDOWS\system32\mssph.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-06-13 21275]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-10 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-10 55936]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R2 s24trans;Transporte WLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 usbhub;DSC Composite USB Device; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 Ca533av;Cam 3200, WDM Video Capture; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\JOAOVA~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
S3 HidIr;Pilote HID infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 IrBus;Pilote de filtre de bus infrarouge pour les contrôles distants eHome; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-19 6144]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBCamera;DSC Still Image Capture (CA100); C:\WINDOWS\System32\Drivers\Bulk533.sys [2002-12-04 11144]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2009-05-03 10240]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\bin\btwdins.exe [2003-09-15 135168]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-18 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 lxdf_device;lxdf_device; C:\WINDOWS\system32\lxdfcoms.exe [2007-05-29 598960]
R2 lxdfCATSCustConnectService;lxdfCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe [2007-05-29 99248]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MSSQL$ACT7;SQL Server (ACT7); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PSI_SVC_2;Protexis Licensing V2; c:\program files\fichiers communs\protexis\license service\psiservice_2.exe [2007-04-12 178752]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-06-24 00:41:05

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -fc:\progra~1\samsung\smarthru\Unlang.isu
-->C:\WINDOWS\IsUn0c0c.exe -fC:\WINDOWS\DeIsL6.isu -c"C:\WINDOWS\system32\FoUnin.dll"
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Acer eDataSecurity Management 1.00.26-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x40c -removeonly
Acer eLock Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}
Acer Empowering Technology framework-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}
Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
Acer ePerformance Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DEE08946-40F0-4890-853E-60A6C3306041}
Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Acer ePresentation Management-->C:\WINDOWS\UnInst32.exe AcerePrj.UNI
Acer eSettings Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
ACT! by Sage 2008 (10.0)-->C:\Program Files\InstallShield Installation Information\{71B038DB-C1F0-45A1-B387-F6C3BE28154D}\setup.exe -runfromtemp -l0x040c
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Media Player-->MsiExec.exe /X{9455959E-D588-EFAE-329C-F66CC797F32A}
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Antispyware-->MsiExec.exe /X{EA9AFC05-F889-466C-9FE8-AE04FBD843A8}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistente de Início de Sessão do Windows Live-->MsiExec.exe /I{28DA1AA2-07F2-4451-A28B-A6A01A9CE8E9}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Cam 3200 Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3606BA17-5D3C-41F1-9F46-729E0301CDE2}\Setup.exe"
Cars-->C:\Program Files\THQ\Disney-Pixar\Cars\_uninst\uninstaller.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Ciel Professionnel Indépendant 10.0-->MsiExec.exe /I{D0D33833-4C1C-4471-83ED-1D60F87D0F20}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
ErrorFix-->MsiExec.exe /X{83A867EF-8D2E-4CAF-A1DD-B3996724CF78}
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{635B7E55-5566-4BE2-AA7D-F006A78A739B}
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F\HXFSETUP.EXE -U -IWstAzlK.inf
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kit de Connexion Alice ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel
Kiwee Toolbar-->"C:\Program Files\AGI\common\bootstrapper.exe" -uninstall"\"C:/Program Files/AGI/Python25\pythonw.exe\" \"C:\Program Files\AGI\common\pyagcore\installer.pyc\" -u KiweeToolbar"
Lapin Malin Maternelle 2 Sauvons les étoiles !-->C:\Program Files\Mindscape\Lapin Malin Maternelle 2 Sauvons les étoiles !\uninstall.exe
Lapin Malin, L'Atelier créatif-->C:\Program Files\Mindscape\Atelier créatif\uninstall.exe
Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 6500 Series-->C:\Program Files\Lexmark 6500 Series\Install\x86\Uninst.exe
Lexmark Barra de ferramentas-->regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll"
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
Micro Application - 3D Architecte Classic 2007-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21928706-AE9A-48CD-892B-D6A6A4C62AEB}\Setup.exe" -l0x40c
Micro Application - Architecte 3D Classic-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Architecte 3D Classic\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2005 Express Edition (ACT7)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{56B4002F-671C-49F4-984C-C760FE3806B5}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
MobileMe Control Panel-->MsiExec.exe /I{44A91B04-3D0C-47F9-B644-7F682869AFF3}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
NTI Backup NOW! 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B06B842F-2450-494F-BBDE-217CDC151A37}\setup.exe" -l0x9 -uninst -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything
Pilote d'impression Samsung SCX-1100 Series-->C:\WINDOWS\IsUn0c0c.exe -fC:\WINDOWS\DeIsL5.isu -c"C:\WINDOWS\system32\Sschinst.dll"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.EXE" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
ROUTE 66 Route 2003-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6A85397C-D086-4C7A-AF97-8CC33F41C872}\setup.exe"
Safari-->MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x816 -removeonly
Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x816 -removeonly
SAPO Messenger-->MsiExec.exe /I{974911C5-793E-45AA-9AA9-1DEFB49E5E8C}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
WIDCOMM Bluetooth Software-->MsiExec.exe /X{FE90E9E7-A158-4687-8853-DF677A939A61}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{418001D0-F48E-4910-966C-0DCCC996A87A}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{44AECAEE-BCE9-4928-A0C7-F1A44706D3CC}
Windows Live Mail-->MsiExec.exe /I{B7D70C6D-8034-423A-A9CB-F331024A0BFE}
Windows Live Messenger-->MsiExec.exe /X{BF6CDAFB-F8C3-4DE1-B2E6-25F4EC27CAA2}
Windows Live Sync-->MsiExec.exe /X{36CCDA14-7935-4D90-8AE7-7440CCA315B8}
Windows Live Writer-->MsiExec.exe /X{52F1F403-6AD6-4CBA-BFE5-CF283CF839C2}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======System event log======

Computer Name: JOAOVARELA
Event Code: 17
Message:
Record Number: 5
Source Name: avgntflt
Time Written: 20090619013816.000000+120
Event Type: Informations
User:

Computer Name: JOAOVARELA
Event Code: 3100
Message: Le pilote de l'édition Développeur IPv6 Microsoft a été démarré.

Record Number: 4
Source Name: Tcpip6
Time Written: 20090619013816.000000+120
Event Type: Informations
User:

Computer Name: JOAOVARELA
Event Code: 1001
Message: L'ordinateur a redémarré après une vérification d'erreur. La vérification d'erreur était :
0x1000000a (0xc340c033, 0x0000001c, 0x00000001, 0x804f8abc).
Un vidage a été enregistré dans : C:\WINDOWS\Minidump\Mini061909-03.dmp.

Record Number: 3
Source Name: Save Dump
Time Written: 20090619013749.000000+120
Event Type: Informations
User:

Computer Name: JOAOVARELA
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090619013748.000000+120
Event Type: Informations
User:

Computer Name: JOAOVARELA
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090619013748.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: JOAOVARELA
Event Code: 4113
Message:
Record Number: 17759
Source Name: Avira AntiVir
Time Written: 20090617012229.000000+120
Event Type: Avertissement
User: AUTORITE NT\

Salut flipflaplagirafe


-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

Salut Dédétraqué.

Voici le rapport MalwareByte's :

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2330
Windows 5.1.2600 Service Pack 3

25/06/2009 01:06:26
mbam-log-2009-06-25 (01-06-25).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 182326
Temps écoulé: 1 hour(s), 35 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 55
Fichier(s) infecté(s): 946

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{44b71ad2-4f42-4312-bff3-9b68a41de078} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\e20d6ec50a67ec04083b1251f2935d09 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\e20d6ec50a67ec04083b1251f2935d09 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{44b71ad2-4f42-4312-bff3-9b68a41de078} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\10cd00a0c66d64141805e4416afb7576 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\77b12cd46424a9b459aed6602d99c187 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\856d81ed094ec834f8e9b0200b2661db (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f3cb2b9f6374b3f4fa195696edbc71c1 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f93664c5193d3144e99dc1ac7da0c6a6 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Backdoor check (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\webmedia.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\documents and settings\joao varela\Application Data\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-21-230 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-26-260 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-26-590 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-27-330 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-51-500 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 20-18-110 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-17 09-21-140 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 00-50-310 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 00-52-410 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 00-53-150 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 01-23-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 01-58-520 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 01-59-310 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 02-03-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-19 02-13-100 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-19 23-27-000 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-25 22-12-420 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-25 22-14-290 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-27 00-24-330 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-27 10-33-200 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-27 10-34-000 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-28 10-00-190 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-01 21-42-310 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-02 00-56-090 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-03 21-37-170 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-03 21-38-150 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-07 23-08-530 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-11 22-13-080 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-15 12-35-140 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-19 10-16-150 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-20 22-17-140 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-20 22-18-230 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-24 19-29-540 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-25 22-50-430 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-27 09-23-420 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-27 15-13-450 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-26 22-54-040 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-04-04 12-09-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-17 02-03-400 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-06-330 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-07-070 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-08-240 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-13-540 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 18-45-030 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 19-22-450 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 19-24-060 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 19-25-130 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Backups (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Backups\2009-02-18 01-00-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Results (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\joao varela\Bureau\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\antispyware\quarantine\17-02-2009-22-13-37\14.qit (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\antispyware\quarantine\17-02-2009-22-13-37\423.qit (Rogue.Privacycomponents) -> Quarantined and deleted successfully.
c:\program files\ErrorFix\ErrorFix.exe (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP386\A0065358.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP386\A0066368.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066420.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066421.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066422.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066423.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066424.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066425.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066426.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066427.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066428.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066429.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066430.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066431.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066467.dll (Trojan.Agent.V) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075703.dll (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075707.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075708.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075709.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075710.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075712.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075713.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0080696.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0087695.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0090694.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0090701.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098877.dll (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098880.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098881.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098882.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098883.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098885.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098886.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098938.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098939.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099036.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099038.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099081.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099082.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099380.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP350\A0058440.exe (Rogue.TotalCleaner) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP362\A0060076.rbf (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP362\A0060129.exe (Rogue.TotalCleaner) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\joao varela\menu démarrer\programmes\démarrage\rncsys32.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\all users\application data\microsoft\shortcuts\icwsetup.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\antispyware\SpyCleaner.dll.vir (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\internet explorer\connection wizard\icwsetup.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\acpi32.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\ati64si.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\fips32cup.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\nicsk32.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\systemntmi.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\ws2_32sik.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\resultsw.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\spy_ignore.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 17-03-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 17-48-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 17-48-331.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 18-01-590.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 20-09-490.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 20-17-350.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-17 09-15-390.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-17 13-37-570.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-17 22-20-260.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-18 00-49-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-18 01-53-450.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-18 01-56-410.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 02-12-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 12-00-011.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 23-26-570.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-22 12-22-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-22 20-57-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-22 22-47-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-24 12-00-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-24 12-00-021.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-25 22-05-590.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-25 22-06-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-26 11-20-550.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-26 12-00-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-26 12-00-031.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-27 00-24-300.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-27 10-32-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-28 09-58-300.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-28 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-28 12-00-001.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-01 21-34-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-01 21-34-450.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-01 23-47-380.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-02 00-15-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-02 00-54-350.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-03 21-36-080.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-04 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-04 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-05 22-44-070.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-05 23-27-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-07 23-05-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-07 23-05-430.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-10 10-06-190.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-11 22-11-590.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-12 12-24-580.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-12 12-56-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-12 23-33-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-13 22-19-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 10-51-370.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 12-00-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 14-21-180.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-20 12-00-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-20 12-00-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-20 22-16-570.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-24 19-26-550.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-24 19-26-551.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-24 21-26-510.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-25 22-46-520.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-25 22-47-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-27 09-22-310.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-27 15-03-280.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-27 15-03-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-26 22-52-270.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-30 11-23-050.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-30 22-00-270.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-30 23-05-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-31 21-07-390.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-31 21-26-460.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-04 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-04 12-00-011.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-07 21-31-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-13 22-41-200.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-15 08-57-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 01-59-250.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 02-09-230.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-08-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-26-210.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-26-560.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-36-310.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-53-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 23-53-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 00-00-150.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 00-00-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 00-07-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 01-19-440.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 09-44-510.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 14-35-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 14-39-460.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 15-46-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-19 00-58-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-19 01-39-240.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-20 01-41-350.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 11-56-310.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 12-31-470.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-45-500.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-46-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-50-540.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-52-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-56-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-15-580.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-23-410.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-24-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-34-060.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 09-47-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 10-21-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 11-46-460.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 18-43-280.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 18-48-200.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 19-20-190.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 19-27-490.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 00-44-430.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 09-33-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 09-45-210.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 10-26-190.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 10-38-250.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 17-21-070.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 23-21-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 23-30-080.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-24 08-55-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-24 20-44-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-0.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-1.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-2.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-3.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-4.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-5.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-6.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-7.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-8.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-9.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-10.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-11.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-12.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-13.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-14.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-15.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-16.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-17.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-18.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-19.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-20.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-21.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-22.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-23.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-24.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-25.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-26.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-27.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-28.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-29.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-30.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-31.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-32.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-33.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-34.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-35.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-36.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-37.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-38.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-39.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-40.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-41.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-42.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-43.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-44.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-45.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-46.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-47.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-48.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-49.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-50.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-51.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-52.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-53.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-54.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-55.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-56.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-57.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-58.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-59.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-60.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-61.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-62.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-63.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-64.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-65.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-66.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-67.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-68.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-69.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-70.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-71.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-72.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-73.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-74.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-75.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-76.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-77.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-78.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-79.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-80.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-81.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-82.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-83.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-84.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-85.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-86.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-87.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-88.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-89.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-90.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-91.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-92.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-93.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-94.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-95.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-96.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-97.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-98.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-99.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-100.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-101.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-102.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-103.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-104.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-105.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-106.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-107.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-108.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-109.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-110.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-111.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-112.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-113.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-114.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-115.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-116.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-117.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-118.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-119.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-120.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-121.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-122.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-123.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-124.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-125.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-126.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-127.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-128.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-129.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-130.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-131.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-132.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-133.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-134.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-135.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-136.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-137.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-138.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-139.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-140.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-141.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-142.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-143.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-144.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-145.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-146.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-147.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-148.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-149.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-150.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-151.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-152.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-153.db (Rogue.E

Salut Dédétraqué.

Voici le rapport MalwareByte's :

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2330
Windows 5.1.2600 Service Pack 3

25/06/2009 01:06:26
mbam-log-2009-06-25 (01-06-25).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 182326
Temps écoulé: 1 hour(s), 35 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 55
Fichier(s) infecté(s): 946

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{44b71ad2-4f42-4312-bff3-9b68a41de078} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\e20d6ec50a67ec04083b1251f2935d09 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\e20d6ec50a67ec04083b1251f2935d09 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{44b71ad2-4f42-4312-bff3-9b68a41de078} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\10cd00a0c66d64141805e4416afb7576 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\77b12cd46424a9b459aed6602d99c187 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\856d81ed094ec834f8e9b0200b2661db (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f3cb2b9f6374b3f4fa195696edbc71c1 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f93664c5193d3144e99dc1ac7da0c6a6 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Backdoor check (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\webmedia.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\documents and settings\joao varela\Application Data\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-21-230 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-26-260 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-26-590 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-27-330 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-51-500 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 20-18-110 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-17 09-21-140 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 00-50-310 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 00-52-410 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 00-53-150 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 01-23-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 01-58-520 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 01-59-310 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-18 02-03-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-19 02-13-100 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-19 23-27-000 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-25 22-12-420 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-25 22-14-290 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-27 00-24-330 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-27 10-33-200 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-27 10-34-000 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-28 10-00-190 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-01 21-42-310 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-02 00-56-090 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-03 21-37-170 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-03 21-38-150 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-07 23-08-530 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-11 22-13-080 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-15 12-35-140 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-19 10-16-150 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-20 22-17-140 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-20 22-18-230 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-24 19-29-540 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-25 22-50-430 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-27 09-23-420 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-27 15-13-450 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-03-26 22-54-040 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-04-04 12-09-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-17 02-03-400 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-06-330 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-07-070 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-08-240 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-18 00-13-540 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 18-45-030 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 19-22-450 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 19-24-060 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-06-22 19-25-130 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Backups (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Backups\2009-02-18 01-00-490 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Results (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\joao varela\Bureau\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\antispyware\quarantine\17-02-2009-22-13-37\14.qit (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\antispyware\quarantine\17-02-2009-22-13-37\423.qit (Rogue.Privacycomponents) -> Quarantined and deleted successfully.
c:\program files\ErrorFix\ErrorFix.exe (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP386\A0065358.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP386\A0066368.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066420.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066421.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066422.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066423.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066424.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066425.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066426.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066427.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066428.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066429.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066430.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066431.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP387\A0066467.dll (Trojan.Agent.V) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075703.dll (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075707.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075708.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075709.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075710.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075712.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0075713.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0080696.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0087695.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0090694.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0090701.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098877.dll (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098880.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098881.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098882.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098883.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098885.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098886.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098938.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP388\A0098939.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099036.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099038.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099081.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099082.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP389\A0099380.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP350\A0058440.exe (Rogue.TotalCleaner) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP362\A0060076.rbf (Rogue.RegTool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fe9db679-8b9f-4569-9471-bfcefdf23881}\RP362\A0060129.exe (Rogue.TotalCleaner) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\joao varela\menu démarrer\programmes\démarrage\rncsys32.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\all users\application data\microsoft\shortcuts\icwsetup.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\antispyware\SpyCleaner.dll.vir (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\internet explorer\connection wizard\icwsetup.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\acpi32.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\ati64si.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\fips32cup.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\nicsk32.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\systemntmi.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\system32\drivers\ws2_32sik.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\resultsw.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\spy_ignore.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 17-03-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 17-48-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 17-48-331.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 18-01-590.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 20-09-490.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-16 20-17-350.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-17 09-15-390.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-17 13-37-570.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-17 22-20-260.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-18 00-49-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-18 01-53-450.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-18 01-56-410.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 02-12-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 12-00-011.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-19 23-26-570.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-22 12-22-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-22 20-57-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-22 22-47-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-24 12-00-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-24 12-00-021.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-25 22-05-590.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-25 22-06-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-26 11-20-550.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-26 12-00-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-26 12-00-031.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-27 00-24-300.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-27 10-32-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-28 09-58-300.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-28 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-02-28 12-00-001.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-01 21-34-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-01 21-34-450.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-01 23-47-380.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-02 00-15-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-02 00-54-350.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-03 21-36-080.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-04 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-04 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-05 22-44-070.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-05 23-27-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-07 23-05-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-07 23-05-430.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-10 10-06-190.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-11 22-11-590.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-12 12-24-580.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-12 12-56-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-12 23-33-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-13 22-19-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 10-51-370.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 12-00-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-15 14-21-180.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-20 12-00-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-20 12-00-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-20 22-16-570.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-24 19-26-550.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-24 19-26-551.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-24 21-26-510.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-25 22-46-520.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-25 22-47-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-27 09-22-310.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-27 15-03-280.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-27 15-03-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-26 22-52-270.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-30 11-23-050.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-30 22-00-270.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-30 23-05-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-31 21-07-390.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-03-31 21-26-460.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-04 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-04 12-00-011.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-07 21-31-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-13 22-41-200.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-04-15 08-57-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 01-59-250.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 02-09-230.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-08-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-26-210.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-26-560.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-36-310.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 22-53-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-17 23-53-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 00-00-150.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 00-00-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 00-07-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 01-19-440.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 09-44-510.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 14-35-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 14-39-460.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-18 15-46-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-19 00-58-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-19 01-39-240.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-20 01-41-350.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 11-56-310.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 12-31-470.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-45-500.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-46-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-50-540.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-52-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-21 23-56-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-15-580.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-23-410.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-24-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 00-34-060.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 09-47-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 10-21-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 11-46-460.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 18-43-280.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 18-48-200.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 19-20-190.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-22 19-27-490.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 00-44-430.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 09-33-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 09-45-210.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 10-26-190.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 10-38-250.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 17-21-070.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 23-21-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-23 23-30-080.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-24 08-55-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\Logs\2009-06-24 20-44-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-0.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-1.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-2.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-3.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-4.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-5.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-6.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-7.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-8.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-9.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-10.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-11.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-12.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-13.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-14.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-15.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-16.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-17.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-18.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-19.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-20.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-21.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-22.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-23.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-24.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-25.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-26.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-27.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-28.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-29.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-30.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-31.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-32.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-33.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-34.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-35.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-36.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-37.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-38.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-39.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-40.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-41.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-42.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-43.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-44.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-45.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-46.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-47.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-48.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-49.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-50.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-51.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-52.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-53.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-54.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-55.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-56.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-57.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-58.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-59.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-60.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-61.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-62.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-63.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-64.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-65.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-66.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-67.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-68.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-69.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-70.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-71.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-72.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-73.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-74.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-75.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-76.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-77.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-78.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-79.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-80.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-81.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-82.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-83.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-84.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-85.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-86.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-87.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-88.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-89.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-90.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-91.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-92.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-93.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-94.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-95.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-96.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-97.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-98.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-99.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-100.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-101.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-102.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-103.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-104.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-105.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-106.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-107.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-108.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-109.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-110.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-111.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-112.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-113.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-114.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-115.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-116.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-117.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-118.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-119.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-120.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-121.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-122.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
c:\documents and settings\joao varela\application data\ErrorFix\quarantinew\2009-02-16 17-04-410\regb-123.db (Rogue.ErrorFix)