01net    Web


Actuellement en ligne : 1281 Utilisateurs dont 123 dans Sécurité, virus et assimilés >S'inscrire      >S'identifier      >Recherche      >Aide  
modéré par A.Ouloube, naheulbeuk, bibou0007, totoftotof, IL-MAFIOSO  
01net > Forum de 01net > Sécurité, virus et assimilés > Virus
> Virus - pub disk cleaner + accés à 89.188.16.10 [résolu]
Auteur
Message
 
<     1       >
Al1fini
  
   
      ?   @     Posté le 08/06/2007 21:42:57  
Voter pour ce message
Bonsoir,

Je suis puis trois jours victime d'un virus, je pense.

Mon PC lance des pages internet tout seul pour arriver sur une page http://89.188.16.10 ... ou sur une pub pour Disk Cleaner 2006 ... ou une fenêtre m'expliquant qu'il faut que je fasse un ménage dans les virus ...

a priori,la solution n'a pas l'air immédiate et demande une analyse au coup par coup.

Quelqu'un pourrait t-il me donner un coup de main ?

Merci d'avance
-->Message édité par Al1fini le 09/06/2007 21:42:57<--
Malekal_morte
  
  :-)
      ?   @     Posté le 08/06/2007 21:43:39  
Voter pour ce message
Bonjour,

- Télécharge HiJackThis de Merijn sur ton bureau.
- Renomme le fichier HiJackThis.exe en Scanner.exe pour cela, fais un clic droit sur le fichier HiJackThis.exe et choisis renommer dans la liste
- Tape Scanner.exe et Appuye sur la touche Entrée.
- Génère un rapport en suivant ces indications :
- Double-clic sur Scanner.exe
- Exécute le et clique sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note
- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller
Aide : N'hésite pas à consulter l'aide HiJackThis -
-------
Supprimer les popups de pubs intempestives
Sécuriser votre ordinateur
Al1fini
  
   
      ?   @     Posté le 08/06/2007 21:47:12  
Voter pour ce message
Voici mon rapport HijackThis ...

Logfile of HijackThis v1.99.1
Scan saved at 21:46:36, on 08/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\notepad.exe
C:\Scanner.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {890C6610-5BB9-4ADC-A6AB-9131B3315CFF} - C:\WINDOWS\system32\mljgg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {CFDE1CF9-75B3-4B1E-B9A7-B5FB88A171E6} - C:\WINDOWS\system32\awtutqq.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\system32\leolgfut.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\system32\yqpqwsjn.dll",realset
O4 - HKLM\..\Run: [j6261635] rundll32 C:\WINDOWS\system32\j6261635.dll sook
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [FreeBrowser] C:\Program Files\FreeBrowser\FreeBrowser\FreeBrowser.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: FreePCvcR.lnk = C:\Program Files\FreePCvcR\FreePCvcR.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SATARaid.lnk = ?
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_ce(...)
O16 - DPF: {134F7664-943D-3BB9-65F5-70B91DF46C86} - http://www.emcodec.com/v4/eCodec-v4.464.exe
O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O20 - Winlogon Notify: awtutqq - C:\WINDOWS\SYSTEM32\awtutqq.dll
O20 - Winlogon Notify: mljgg - C:\WINDOWS\system32\mljgg.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

Al1fini
  
   
      ?   @     Posté le 08/06/2007 22:03:46  
Voter pour ce message
Désolé, j'ai été un peu long mais mon poste a rebouté et depuis plus de FireFox (il me reste IE) ...
Voici le rapport de SmitFaudfix

SmitFraudFix v2.131

Rapport fait à 22:02:39,90, 08/06/2007
Executé à partir de I:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Alain


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Alain\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Alain\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Al1fini
  
   
      ?   @     Posté le 08/06/2007 22:15:26  
Voter pour ce message
Voila donc ce que j ai trouve - avec mon clavier en qwerty

06/08/07 22:07:28 [Info]: BlackLight Engine 1.0.61 initialized
06/08/07 22:07:28 [Info]: OS: 5.1 build 2600 (Service Pack 2)
06/08/07 22:07:28 [Note]: 7019 4
06/08/07 22:07:28 [Note]: 7005 0
06/08/07 22:07:45 [Note]: 7006 0
06/08/07 22:07:45 [Note]: 7011 3544
06/08/07 22:07:45 [Note]: 7026 0
06/08/07 22:07:45 [Note]: 7026 0
06/08/07 22:07:48 [Note]: FSRAW library version 1.7.1021
06/08/07 22:12:22 [Note]: 2000 1012
06/08/07 22:12:28 [Note]: 7007 0
Al1fini
  
   
      ?   @     Posté le 08/06/2007 22:52:58  
Voter pour ce message
J'ai récupéré mon clavier en azerty - je ne comprend pas ce qui se passe ... j'ai cassé aussi deux firefox avant de pouvoir le relancer ... avec un plantage quand même ...
Mais bon, vois tu quelque chose
Malekal_morte
  
  :-)
      ?   @     Posté le 08/06/2007 23:27:45  
Voter pour ce message
Télécharge Combofix sUBs : combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Clic sur le menu Démarrer puis executer et copie/colle ceci :
"%userprofile%\Bureau\combofix.exe" /v mljgg awtutqq
puis clic sur OK.

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Copie/colle un nouveau rapport HiJackThis avec.
-------
Supprimer les popups de pubs intempestives
Sécuriser votre ordinateur
Al1fini
  
   
      ?   @     Posté le 08/06/2007 23:50:36  
Voter pour ce message
Ouf, reboot violent avec Combofix ... mais voici le rapport :
"Alain" - 2007-06-08 23:35:41 Service Pack 2 NTFS
ComboFix 07-06-3B - Running from: "C:\Documents and Settings\Alain\Bureau\"
Command switches used :: "/v mljgg awtutqq"

ADS removed - svchost.exe: deleted 68 bytes in 1 streams.

(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\eypahpkp.dll
C:\WINDOWS\system32\jnidwkgr.dll
C:\WINDOWS\system32\mfrxieax.dll
C:\WINDOWS\system32\sillndyf.dll
C:\WINDOWS\system32\wwxkipxb.dll
C:\WINDOWS\system32\ggjlm.bak1
C:\WINDOWS\system32\ggjlm.bak2
C:\WINDOWS\system32\ggjlm.ini
C:\WINDOWS\system32\ggjlm.bak1
C:\WINDOWS\system32\ggjlm.bak2
C:\WINDOWS\system32\ggjlm.ini
C:\WINDOWS\system32\mljgg.dll
C:\WINDOWS\system32\awtutqq.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\All Users.\documents\setup.exe
C:\install.log


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_WINDOWS_LOG


((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))


2007-06-08 21:53 <REP> d-------- C:\backups
2007-06-08 21:07 <REP> d-------- C:\Program Files\Navilog1
2007-06-08 21:06 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
2007-06-08 21:01 58,420 --a------ C:\WINDOWS\system32\leolgfut.dll
2007-06-07 07:28 <REP> d-------- C:\DOCUME~1\Alain\APPLIC~1\InstallShield
2007-06-06 21:58 55,316 --a------ C:\WINDOWS\system32\ofvmdqws.dll
2007-06-06 19:44 <REP> d-------- C:\Program Files\Lavasoft
2007-06-06 19:44 <REP> d-------- C:\DOCUME~1\Alain\APPLIC~1\Lavasoft
2007-06-05 21:56 14,868 --a------ C:\WINDOWS\system32\dffaljfw.exe
2007-06-05 21:56 10,752 --a------ C:\WINDOWS\system32\j6261635.dll
2007-06-04 21:55 2,580 --a------ C:\WINDOWS\system32\ushwbdgf.exe
2007-06-04 21:55 131,124 --a------ C:\WINDOWS\system32\yqpqwsjn.dll
2007-06-04 19:59 <REP> d-------- C:\VProRecovery
2007-06-04 00:12 2,580 --a------ C:\WINDOWS\system32\xhaikyuv.exe
2007-06-03 18:48 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-06-03 18:48 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-06-03 18:48 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-06-03 18:48 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-06-03 18:48 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
2007-06-03 18:48 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-06-03 18:48 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
2007-06-03 18:48 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-06-02 21:38 2,580 --a------ C:\WINDOWS\system32\oqvhvqfg.exe
2007-06-02 13:37 <REP> d-------- C:\Program Files\iTunes
2007-06-01 23:18 37,864 --a------ C:\WINDOWS\system32\drivers\v2imount.sys
2007-06-01 23:18 14,072 --a------ C:\WINDOWS\system32\drivers\vproeventmonitor.sys
2007-06-01 23:18 128,104 --a------ C:\WINDOWS\system32\drivers\WimFltr.sys
2007-06-01 23:17 131,944 --a------ C:\WINDOWS\system32\drivers\symsnap.sys
2007-06-01 23:17 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-06-01 23:12 <REP> d-------- C:\Program Files\Norton Ghost
2007-06-01 21:41 2,580 --a------ C:\WINDOWS\system32\toibpovm.exe
2007-06-01 21:09 <REP> d-------- C:\Program Files\MagicISO
2007-05-28 18:03 <REP> d-------- C:\Test2_fichiers
2007-05-28 17:19 <REP> d-------- C:\Test_fichiers
2007-05-16 21:09 <REP> d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2007-05-16 21:09 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
2007-05-16 21:09 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
2007-05-16 21:09 <REP> d-------- C:\DOCUME~1\Alain\APPLIC~1\ScanSoft
2007-05-16 21:08 <REP> d-------- C:\Program Files\ScanSoft
2007-05-16 21:07 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2007-05-16 21:07 <REP> d-------- C:\Program Files\ArcSoft
2007-05-16 19:41 57,344 --a------ C:\WINDOWS\system32\CNCI600.DLL
2007-05-16 19:41 197,632 --a------ C:\WINDOWS\system32\CNMLM87.DLL
2007-05-16 19:41 135,168 --a------ C:\WINDOWS\system32\CNCL600.DLL
2007-05-16 19:41 106,496 --a------ C:\WINDOWS\system32\cnco600.dll
2007-05-16 19:41 1,298,432 --a------ C:\WINDOWS\system32\CNCC600.DLL
2007-05-16 19:41 <REP> d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2007-05-16 19:41 <REP> d--h----- C:\Program Files\CanonBJ
2007-05-16 19:41 <REP> d--h----- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-08 20:48:23 -------- d-----w C:\DOCUME~1\Alain\APPLIC~1\EoRezo
2007-06-08 20:02:40 1,488 ----a-w C:\WINDOWS\system32\tmp.reg
2007-06-07 05:29:28 -------- d-----w C:\Program Files\TomTom HOME
2007-06-07 05:29:04 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-06 19:23:11 -------- d-----w C:\Program Files\AdwareAlert
2007-06-03 10:01:50 71,248 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-06-03 10:01:50 458,230 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-06-02 20:22:32 -------- d-----w C:\DOCUME~1\Alain\APPLIC~1\Symantec
2007-06-02 18:49:21 -------- d-----w C:\Program Files\Mahjongg Towers
2007-06-02 11:38:09 -------- d-----w C:\Program Files\iPod
2007-06-01 21:14:11 -------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-06-01 20:34:31 -------- d-----w C:\Program Files\eMule
2007-05-16 19:12:26 -------- d-----w C:\Program Files\Canon
2007-05-16 19:09:32 -------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-05-05 17:49:07 -------- d-----w C:\Program Files\QuickTime
2007-05-04 05:18:59 -------- d-----w C:\DOCUME~1\Alain\APPLIC~1\ItsLabel
2007-05-04 05:07:21 -------- d-----w C:\Program Files\eoRezo
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 -c--a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-28 21:05:58 -------- d-----w C:\DOCUME~1\Alain\APPLIC~1\vlc
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-03-28 18:12:18 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll
2007-03-17 13:44:47 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-08 15:37:50 578,560 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:37:50 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:37:50 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 15:33:58 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{64F56FC1-1272-44CD-BA6E-39723696E350}=C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll [2007-01-25 10:22]
{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}=C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 14:37]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll [2006-10-12 11:38]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45]
"Norton Ghost 12.0"="C:\Program Files\Norton Ghost\Agent\VProTray.exe" [2007-03-28 20:41]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-05-26 12:45]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 16:52]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2005-03-14 01:37]
"Norton SystemWorks"="C:\Program Files\Norton SystemWorks\cfgwiz.exe" [2004-09-21 13:35]
"FreeBrowser"="C:\Program Files\FreeBrowser\FreeBrowser\FreeBrowser.exe" [2006-01-27 23:31]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe" [2006-10-22 11:22]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"none"=C:\Program Files\Video ActiveX Object\pmsngr.exe

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6d5c193-bd1d-11db-9b4c-000ea601a0ca}]
AutoRun\command- H:\InstallTomTomHOME.exe


Contents of the 'Scheduled Tasks' folder
2007-06-02 08:14:04 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-08 23:43:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-08 23:44:17 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-08 23:44

--- E O F ---


Quant au rapport HiJackThis, le voici maintenant :

Logfile of HijackThis v1.99.1
Scan saved at 23:50:28, on 08/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [FreeBrowser] C:\Program Files\FreeBrowser\FreeBrowser\FreeBrowser.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: FreePCvcR.lnk = C:\Program Files\FreePCvcR\FreePCvcR.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SATARaid.lnk = ?
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_ce(...)
O16 - DPF: {134F7664-943D-3BB9-65F5-70B91DF46C86} - http://www.emcodec.com/v4/eCodec-v4.464.exe
O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE


Malekal_morte
  
  :-)
      ?   @     Posté le 08/06/2007 23:56:00  
Voter pour ce message
Avast! est loin de ce que l'on a fait de mieux en matière de protection, voir ce lien pour plus d'informations : http://forum.malekal.com/ftopic3123.php

Clairement, Antivir est beaucoup plus performant, c'est pourquoi, je te conseille TRES VIVEMENT de désinstaller Avast! et installer Antivir à la place : http://www.malekal.com/tutorial_antivir.php
- Après l'installation, mets le à jour - si ton firewall fait une alerte.. accepte la connexion.

-- Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

- Cliquez sur l'onglet Scanner.
- Sélectionne Manual Selection
- Sélectionne le disque C
- Lance le scan - Mets en quarantaine tous les éléments détectés.
- Une fois le scan terminé Enregistre le rapport.

Redémarre en mode normal.

Poste le rapport ici.

Poste un nouveau rapport HijackThis.
-------
Supprimer les popups de pubs intempestives
Sécuriser votre ordinateur
Al1fini
  
   
      ?   @     Posté le 09/06/2007 13:10:34  
Voter pour ce message
Bonjour,

Me revoici, je ne me suis pas endormi mais le scan de 750 Go vient de se terminer ... car cette nuit je n'étais pas devant pour répondre aux alertes.

Voilà le rapport du scan :



AntiVir PersonalEdition Classic
Report file date: samedi 9 juin 2007 00:13

Scanning for 811469 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Administrateur
Computer name: FRODON

Version information:
BUILD.DAT : 247 14437 Bytes 10/05/2007 11:55:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.38.1.170 5569024 Bytes 21/05/2007 22:07:34
ANTIVIR2.VDF : 6.38.1.227 320000 Bytes 05/06/2007 22:07:34
ANTIVIR3.VDF : 6.38.2.10 77312 Bytes 08/06/2007 22:07:34
AVEWIN32.DLL : 7.4.0.32 2478592 Bytes 08/06/2007 22:07:34
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.10 360488 Bytes 08/06/2007 22:07:34
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: K:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 9 juin 2007 00:13

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'H:\'
[NOTE] No virus was found!
Boot sector 'I:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '35' files ).


Starting the file scan:

Begin scan in 'C:\' <System500A>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\backups\backup-20070608-215334-563.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '46ccd4e3.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0F967136.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs
[INFO] The file was moved to '46a2d4e8.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0F9A1B32.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs
[INFO] The file was moved to '46a2d4eb.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0F9A1B32.fil
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.AY Backdoor server programs
[INFO] The file was moved to '46a2d4ee.qua'!
C:\Program Files\Xinox Software\JCreatorV3\loader.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '46cad856.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\All Users\Documents\setup.exe.vir
[DETECTION] Is the Trojan horse TR/Proxy.Horst.Gen
[INFO] The file was moved to '46ddd84f.qua'!
C:\WINDOWS\$NtServicePackUninstall$\rtcimsp.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\dffaljfw.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\j6261635.dll
[DETECTION] Is the Trojan horse TR/Click.Small.MW
[INFO] The file was moved to '469bda7c.qua'!
C:\WINDOWS\system32\leolgfut.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ofvmdqws.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\oqvhvqfg.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\toibpovm.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ushwbdgf.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\xhaikyuv.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\yqpqwsjn.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\dtscsi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd9181.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Data500A>
D:\Download\Logiciels\Jeux\Elisa\Kidz - Rayman CP Calcul - 6 à 7 ans - CloneCD - francais - drizzt.ace
[0] Archive type: ACE
--> Rayman CP Calcul et lecture - 6 … 7 ans - jacquette front.BMP
[WARNING] Error creating the file
--> Rayman CP Calcul et lecture - 6 … 7 ans - jacquette back.BMP
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Logiciels\Jeux\Elisa\Kidz - Rayman CP Lecture - 6 à 7 ans - CloneCD - francais - drizzt.ace
[0] Archive type: ACE
--> Rayman CP Calcul et lecture - 6 … 7 ans - jacquette front.BMP
[WARNING] Error creating the file
--> Rayman CP Calcul et lecture - 6 … 7 ans - jacquette back.BMP
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Logiciels\Utilitaires\DupKillerSetup.exe
[WARNING] The file could not be opened!
D:\Download\Logiciels\Utilitaires\DupSetup.exe
[WARNING] The file could not be opened!
D:\Download\Logiciels\Utilitaires\JCreator_Pro_v3[1].00.092_Fixed.zip
[0] Archive type: ZIP
--> loader.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[INFO] The file was moved to '46dc51db.qua'!
D:\Download\Logiciels\Utilitaires\Webroot.Spy.Sweeper.v4.5.5.607.Multilingual.WinALL.Retail.Read.NFO.rar
[0] Archive type: RAR
--> keygen.exe
[DETECTION] Contains signature of the dropper DR/SdBot.537088
[INFO] The file was moved to '46cc5245.qua'!
D:\Download\Logiciels\Utilitaires\winamp524_full_bundle_emusic-7plus.exe
[WARNING] The file could not be opened!
D:\Download\Musique\Corneille.-.Parce.Qu.On.Vient.De.Loin.-.Mp3.-.2003.-.By.The.Dude.teste.www.divxovore.com.ace
[0] Archive type: ACE
--> Corneille Parce Qu'On Vient De Loin - MP3 - 2003 - By The Dude\05-Rˆves_De_Star.mp3
[WARNING] Error creating the file
--> Corneille Parce Qu'On Vient De Loin - MP3 - 2003 - By The Dude\06-Avec_Classe.mp3
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\Henri.Des.comptines.12.albums.complet.par.oncleblu.rar
[0] Archive type: RAR
--> La.R‚cr‚.-.Les.jolies.chansons.de.nos.Enfants--_--.livret.illust
[1] Archive type: ACE
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Avignon.jpg
[WARNING] Error creating the file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Dodo_l'enfant_do.jpg
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\Indochine.Paradize.Nouvel.Album.2002.testé.www.divxovore.com.ace
[0] Archive type: ACE
--> INDOCHINE - Paradize - Nouvel Album 2002 - 192Kbit -par Freddo\Indochine - 09 - La Nuit Des F‚es.mp3
[WARNING] Error creating the file
--> INDOCHINE - Paradize - Nouvel Album 2002 - 192Kbit -par Freddo\Indochine - 01 - Paradize.mp3
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\Joe_Cocker___Greatest_Hits_@192kbps.ace
[0] Archive type: ACE
--> Joe Cocker\Desktop.ini
[WARNING] Error creating the file
--> Joe Cocker\Greatest Hits [EMI]\Desktop.ini
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\L'integral De Hf Thiefaine (22 Albums).ace
[0] Archive type: ACE
--> Program Files\eMule\Incoming\HUBERT FELIX THIEFAINE - 84.88\84.88.jpg
[WARNING] Error creating the file
--> Program Files\eMule\Incoming\HUBERT FELIX THIEFAINE - 84.88\84.88 back.jpg
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\Les Garçons Bouchers - Vacarmelite Ou La Nonne Bruyante ( EAC, MPC, Extreme).ace
[0] Archive type: ACE
--> Les Gar‡ons Bouchers - Vacarm‚lite ou la nonne bruyante\front.jpg
[WARNING] Error creating the file
--> Les Gar‡ons Bouchers - Vacarm‚lite ou la nonne bruyante\Vacarm‚lite ou la nonne bruyante.m3u
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\Michel Polnareff - Présent Passé - Album Compil' 2003 256Kbs By Cybermen.ace
[0] Archive type: ACE
--> MichelPolnareff - Pr‚sentPass‚ - FaceCD.jpg
[WARNING] Error creating the file
--> MichelPolnareff - Pr‚sentPass‚ - DosCD.jpg
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\Michel.Sardou.-.Best.of.MS.-.Album.complet.Nov.2003.+.covers.by.Fire.ace
[0] Archive type: ACE
--> Michel Sardou - Best of MS - Album complet Nov 2003 + covers by Fire\MS CD 2\Michel Sardou - Best of MS - CD 2 - 05 - Il ‚tait l… (le fauteuil).mp3
[WARNING] Error creating the file
--> Michel Sardou - Best of MS - Album complet Nov 2003 + covers by Fire\MS CD 2\Michel Sardou - Best of MS - CD 2 - 02 - Verdun.mp3
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Download\Musique\Sinead O'connor - Discografia mp3 - By Char 2002.ace
[0] Archive type: ACE
--> S¡nead O'Connor by CHAR 2002\So far...... the best of\Sinead_O_Conner_-_Sofar-front.jpg
[WARNING] Error creating the file
--> S¡nead O'Connor by CHAR 2002\So far...... the best of\Sinead_O_Conner_-_Sofar-back.jpg
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
D:\Emule\Incoming\Hot Games Pack 5.2.zip
[0] Archive type: ZIP
--> Hot Games Pack 5.2.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
D:\Windows _ uninstall\$NtServicePackUninstall$\1394bus.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\61883.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\6to4svc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\accwiz.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\acgenral.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\aclayers.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\aclua.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\aclui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\acpi.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\acspecfc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\activeds.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\actmovie.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\actxprxy.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\acverfyr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\acxtrnal.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\admexs.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\admin.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\admin.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\admparse.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\admwprox.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\adsiis51.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\adsldp.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\adsldpc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\adsmsext.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\adsnt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\advapi32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\advpack.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\aec.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\afd.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentanm.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentctl.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentdp2.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentdpv.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentmpx.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentpsh.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentsr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agentsvr.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\agtintl.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ahui.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\alg.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\alrsvc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\amdk6.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\amdk7.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\amstream.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\appconf.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\apphelp.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\appmgmts.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\appmgr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\arp1394.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\asferror.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\asfsipc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\asp51.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\asr_fmt.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\asr_pfu.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\asycfilt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\asyncmac.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\at.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atapi.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ati2dvaa.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ati2dvag.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ati2mtaa.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ati2mtag.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ati3d1ag.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ati3d2ag.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinbtxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinmdxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinpdxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinraxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinrvxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinsnxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinttxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atintuxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinxbxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atinxsxx.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atl.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atmadm.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atmarpc.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atmfd.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atmlane.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\atmlib.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\audiosrv.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\author.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\author.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\authz.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\autochk.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\autoconv.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\autofmt.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\autolfn.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\avc.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\avifil32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\basesrv.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\batmeter.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\batt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\bdasup.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\bidispl.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\bitsprx2.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\bitsprx3.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\blackbox.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\bridge.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\browselc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\browser.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\browseui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\browsewm.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cabinet.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cabview.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\callcont.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\camocx.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\catsrv.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\catsrvps.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\catsrvut.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ccdecode.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cdfs.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cdfview.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cdm.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cdosys.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cdrom.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\certcli.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\certmgr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cewmdm.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cfgbkend.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cfgmgr32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cfgwiz.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cimwin32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cintime.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cintsetp.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ciodm.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cipher.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cisvc.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\classpnp.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\clbcatex.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\clbcatq.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cleanmgr.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cliconfg.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cliconfg.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\clipbrd.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\clipsrv.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\clusapi.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmbatt.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmcfg32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmd.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmdevtgprov.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmdial32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmdl32.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmmon32.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmprops.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmstp.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cmutil.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cnbjmon.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\coadmin.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\colbact.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\comadmin.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\comctl32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\comdlg32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\compatui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\compfilt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\compstui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\comrepl.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\comres.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\comsvcs.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\comuid.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\conf.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\confmrsl.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\conime.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\corpol.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cplexe.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\credui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\crusoe.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\crypt32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cryptdlg.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cryptdll.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cryptext.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cryptnet.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cryptsvc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cryptui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cscdll.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cscript.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\cscui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\csrsrv.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\csrss.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ctfmon.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\custsat.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\d3d8.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\d3d8thk.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\d3d9.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\d3dim700.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\danim.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dao360.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dataclen.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\davcdata.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\davclnt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dbghelp.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dbmsrpcn.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dbnetlib.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dbnmpntw.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dcap32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dciman32.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ddeshare.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ddraw.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ddrawex.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\defrag.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\devenum.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\devmgr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dfrgfat.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dfrgntfs.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dfrgsnap.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dfrgui.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dfsshlex.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dgnet.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dhcpcsvc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dialer.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\diantz.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\digest.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dinput.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dinput8.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\directdb.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\disk.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\diskdump.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\diskpart.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dlimport.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dllhost.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmadmin.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmband.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmboot.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmcompos.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmdskmgr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmime.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmio.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmloader.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmremote.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmscript.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmserver.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmstyle.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmsynth.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmusic.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmusic.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dmutil.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dnsapi.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dnsrslvr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\docprop2.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dosx.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpcdll.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dplaysvr.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dplayx.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpmodemx.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpnaddr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpnet.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpnhpast.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpnhupnp.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpnlobby.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpnsvr.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpvacm.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpvoice.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpvsetup.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpvvox.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dpwsockx.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\drmclien.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\drmk.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\drmkaud.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\drmstor.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\drmv2clt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\drprov.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ds32gt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsdmo.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsdmoprp.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dskquota.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsound.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsound3d.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsprop.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsprpres.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsquery.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dssec.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dssenh.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dsuiext.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dswave.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dumprep.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\duser.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dvdupgrd.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dwwin.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dx7vb.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dx8vb.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dxdiag.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dxdiagn.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dxg.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dxmasf.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dxmrtp.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dxtmsft.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\dxtrans.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\efsadu.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\els.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\encapi.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\encdec.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\ersvc.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\es.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\esent.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\esscli.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\eudcedit.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\evcreate.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\eventcreate.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\eventlog.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\evntagnt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\evntcmd.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\evntrprv.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\evntwin.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\evtgprov.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\explorer.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\expsrv.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\exstrace.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\extrac32.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fastfat.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fastprox.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\faultrep.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\faxpatch.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fdc.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fdeploy.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\feclient.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\filemgmt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\findstr.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fldrclnr.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\flpydisk.sys
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fontext.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fontview.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp40ext.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4amsft.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4anscp.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4apws.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4areg.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4atxt.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4autl.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4avnb.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4avss.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4awebs.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp4awel.dll
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUninstall$\fp98sadm.exe
[WARNING] The file could not be opened!
D:\Windows _ uninstall\$NtServicePackUnin