Mon ordi s'éteint tou seul!

mel -  
 lapierrelp4 -
bonjour,
Voilà j'ai un souci depui ce matin..j'ai installé antivir, et en faisant un scan, mon pc a planté: il s'est eteint tout seul, sans message d'erreur!et quand je le rallume, c'est normal, comme si je l'avait eteitn normalement..
J'ai alors fait un scan avec spybot, mais la aussi ca a planté avant la fin!j'au juste eu le tps de voir qu'il y avait un spyware nommé "carpé diem".
Je ne sais pas quoi faire...est-il possible que ca plante uniquement quand je fais un scan?
Merci de votre aide...
au fait j'ai windows xp, aces le service pack 2, installé recemment..
merci
Configuration: windosws xp

42 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Le problème décrit survient lorsque l'exécution de scans antivirus et antispyware sous Windows XP SP2 conduit à un plantage du système, puis à un redémarrage sans message d'erreur. Des réponses évoquent une infection potentielle et l'apparition d’un spyware ou trojan, avec notamment des références à TR/P2E.AS et des difficultés à lancer les analyses, suggérant HijackThis et Rav comme pistes. Des conseils portent sur le nettoyage des éléments suspects dans System32, la réinstallation partielle d’outils de sécurité et la collecte de logs pour analyser les démarrages et les services. En outre, une nuance utile est que les symptômes peuvent persister après la suppression apparente des malwares, nécessitant l’analyse des démarrages et des processus pour révéler des composants cachés.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. badboy59 Messages postés 4292 Statut Contributeur 569
     
    mmmm....

    Je pense plutot que tu as un virus bien installé et qui bloque ta machine dés qu'un logiciel balaye le disque dur (en l'occurence, un antivirus !).
    As tu essayer de démarrer en mode sans echec et de scanner ?
    0
  2. mel
     
    salut,
    alors en fait j'ai essayé d'enlever spybot et de faire un antivirus et la ca a marché et maintenant je n'ai plus ce problème...qu'en pensez vous?
    merci de vos reponses!
    0
  3. badboy59 Messages postés 4292 Statut Contributeur 569
     
    carpediem = spyware de site de Q ?

    ton parasite est encore la
    essaye adaware
    0
  4. Utilisateur anonyme
     
    je dirais trojans qui bloque tout pr ma part !
    tu as que antivir comme antivirus?
    spybot+adaware+antivir = parfaitement compatible !!

    ou est le soucis en fait?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. mel
     
    alors je suis en train de faire un scan avec a2 free car mon anti-virus a detecté un truc nommmé "trojan"(desolée je ne sais pas ce que c'est) mais n'arrive pas à regler le pb..
    Oui je n'ai que cet anti-virus, plus le pare-feu de windows (...)
    0
  7. badboy59 Messages postés 4292 Statut Contributeur 569
     
    Essaye AVG et scan.
    0
  8. mel
     
    qu'est-ce que c'est?
    sinon mon anti-virus me dit qu'il a trouvé ce dossier: trojan horse TR/Dldr.wintrim.CD..savez vous ce que c'est??est-ce grave?car je ne peut pas le supprimer car mon anti-virus (antivir) plante qd je veux faire qqch de ce dossier...quellegalère..
    merci à tous ceux qui prennent le tps de me repondre!
    0
  9. Utilisateur anonyme
     
    ok ou est ce dossier ? le nom ou il le detecte?

    a+
    0
    1. mel
       
      alors je ne l'ai pas noté alors il faut que j'attende que le message d'erreur survienne à nouveau...j'ai essayé de faire un scan avec mon antivirus ce matin et il ne me le detecte pas!!byzarre?il y autre chose que je puisse faire pour retrouver l'emplacement de ce dossier?j'ai essayé avec "recherche de dossier ou fichier" mais sans résultats..
      merci de m'aider..
      0
    2. mel
       
      alors le debut de l'emplacement est:
      C:/SYSTEME VOLUME INFORMATION\_RESTORE(DD384CBF-031B-4a .....
      et après je n'ai pas la suite car qd je veux cliquer sur barre deroulante pour voir la suite, le sablier apparait sur la fenetre d'alarme et ca me met que le programme ne repond pas, je ne peux alors que le fermer sans voir la fin de l'emplacement... à la suite ca me met: is teh trojan horse TR/Dldrwintrim.CD
      Au fait ce n'est pas une parenthèse dans l'emplacement mais une accolade (je ne trouve pas le raccourci clavier...
      Que dois-je faire?
      Y a-t-il un moyen de m'en debarrasser?
      Merci
      0
  10. Utilisateur anonyme
     
    salut mel,
    ce trojan se situe dans ta restauration systeme, pour faire simple et te le virer fais cette manip;
    clik droit sur poste de travail, propriete, onglet restauration systeme, coche la case desactiver la restau, supprimes les points de restauration, puis decoche cette case

    Le probleme de ce trojan sera resolu,

    Tiens moi au courant

    a+
    0
    1. mel
       
      alors je suis allée dans ce que tu m'as dit, j'ai coché la case, appliqué ca m'a dit que ca allait supprimer tous les points de restauration, j'ai dit ok, ca a chargé un moment et après j'ai recoché comme tu m'as dit..c'est ok pour la manip?
      Sinon je crois que j'en ai un autre trojan horse TR/p2e.AS..
      il est dans windows systeme 32
      Comment ca se fait que j'en ai tout le tps?comment me protéger mieux?
      merci de ta patience!
      0
  11. Utilisateur anonyme
     
    salut mel;

    1/Ad-Aware :
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html

    Le patch en Français pour Ad-Aware :
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html

    Spybot :
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

    essai ceci,met les a jour, scan et supprime tous ce qu il trouve...
    --------------------------------------------------------------------------
    2/lance un scan chez RAV :
    http://www.ravantivirus.com/scan/

    Clique sur "To continue without subscribing click here" et attends quelques minutes.
    Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
    A la fin de l'analyse, copie/colle le rapport ici
    -------------------------------------------------------------------------
    3/ télécharge hijackthis ici:
    http://www.hijackthis.de/downloads/hijackthis_199.zip
    L'aide est ici:
    http://www.zebulon.fr/articles/HijackThis.php

    Dezippz le dans un dossier prévu a cet effet.
    Par exemple C:\hijackthis
    lancez le puis:
    clic sur "do a system scan and save logfile"
    faire un copier coller du log entier sur le forum.

    5/installe un pare feu ! ceci empechera toutes ces infections
    0
    1. mel
       
      salut!
      alors j'ai fait tout ce que tu m'as dit, avec spybot et ad-ware:durant le scan, mon antivirus n'a pas cessé de me faire des alertes aux "trojan horse" sans jamais que je puisse les supprimer, le programme ne répondant pas... bref, j'ai supprimé tout ce que ces 2 logiciels m'on dit de supprimer!
      pour le scan sur RAV, en cours de route mon ordi s'est éteint tout seul alors je n'ai pas recommencé!
      J'ai fait un scan avec Hijackthis et j'ai mis le log entier sur le forum afin que qqn m'aide...sais-tu le faire toi?si oui je peux te le faire parvenir!
      Voilà..merci de m'aider c'est cool car je ne sais plus quoi faire! Zone alarm est-il un bon pare-feu?
      Merci et bon wk!
      0
  12. Utilisateur anonyme
     
    salut,
    zone alarm < bon pare feu
    pour le log t aurais pu le coller ici pour pas multiplier les postes, qd tu gardes et commence un poste, continue toujours dessu si tu veux des reponses, car si tu entame plusieurs discution, certains ne te repondront pas !
    si tu as le temps de reessayer RAV, si cela s arrete encore, fais avec ton antivirus, et si ta pa de reponse, colle le hijack ici

    a+
    0
    1. mel
       
      ok je savais pas pour les postes différents!alors je vais re essayer SAV comme tu me le conseilles et si ca ne marche pas, je collerais le log de hitjackis ici..
      desolée pour le retard de la reponse..
      merci pour tes conseils!
      a+
      0
    2. mel
       
      voilà le rapport du scan avec RAV..qu'en penses-tu?pendant l'analyse, les alertes suivantes sont apparues
      - C:\windows\system32\netslv32.dll contains the signature of a cost in curring dialer DIAL/9728.A (dialer)
      - trojan horse TR/P2E.AS mais je n'ai pas noté l'emplacement...

      Voilà le rapport RAV:

      Scan started at 23.05.2005 09:25:44

      Scanning memory...
      Scanning boot sectors...
      Scanning files...
      C:\Program Files\AVPersonal\INFECTED\shhost.VIR - Backdoor:Win32/Blarul.D -> Infected

      Scanned
      ============================
      Objects: 41759
      Directories: 2792
      Archives: 6355
      Size(Kb): -1417113
      Infected files: 1

      Found
      ============================
      Viruses found: 1
      Suspicious files: 0
      Disinfected files: 0
      Mail files: 73
      0
    3. mel
       
      voilà le log de hijackthis:

      Logfile of HijackThis v1.99.1
      Scan saved at 10:41:27, on 23.05.2005
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AVPersonal\AVGUARD.EXE
      C:\Program Files\AVPersonal\AVWUPSRV.EXE
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\System32\igfxtray.exe
      C:\WINDOWS\System32\hkcmd.exe
      C:\Program Files\Apoint2K\Apoint.exe
      C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\AVPersonal\AVGNT.EXE
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\DOCUME~1\serveur\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis_199.zip\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ch/0SEFRCH/SAOS01
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nightfever.ch/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bluewin.ch/index_f.html
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.myway.com/mysearch/?ptnrS=BW
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-ch\msntb.dll
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
      O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
      O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
      O4 - HKCU\..\Run: [Smile Brush] "C:\Program Files\Smile Brush\Smile Brush.exe" a
      O4 - Global Startup: hp psc 1000 series.lnk = ?
      O4 - Global Startup: hpoddt01.exe.lnk = ?
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
      O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O10 - Hijacked Internet access by New.Net
      O10 - Hijacked Internet access by New.Net
      O10 - Hijacked Internet access by New.Net
      O10 - Hijacked Internet access by New.Net
      O14 - IERESET.INF: START_PAGE_URL=http://www.bluewin.ch/index_f.html
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
      O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0241138cd7c91c4dd020/netzip/RdxIE601_fr.cab
      O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://5759.kit.sexequalite.com/14002/CD/BoisdeboulogneT.exe
      O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_FR_XP.cab
      O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
      O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
      O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
      O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      0
  13. Utilisateur anonyme
     
    ok, alors rend toi dans la quarantaine de antivir:
    poste de travail<c<programmes files<av personal<infected< supprime ce qui y a dedans+ta poubelle

    et ensuite utilise ca:

    http://www.new.net/support/uninstall6_76.exe

    et repose un log hijack this

    a+
    0
    1. mel
       
      salut!alors j'ai fait ce que tu m'as dit mais iln 'y avait rien dans le dossier "infected"...
      J'ai fait l'autre lien que tu me donnais, mais ca me signifiait que je ne pourrais plus atteindre certaines pages internet,c'est grave ou pas?de quelles pages s'agit-il?
      Voilà sinon je te redonne le log de hijackthis:

      Logfile of HijackThis v1.99.1
      Scan saved at 19:56:39, on 23.05.2005
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AVPersonal\AVGUARD.EXE
      C:\Program Files\AVPersonal\AVWUPSRV.EXE
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\System32\igfxtray.exe
      C:\WINDOWS\System32\hkcmd.exe
      C:\Program Files\Apoint2K\Apoint.exe
      C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\AVPersonal\AVGNT.EXE
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\DOCUME~1\serveur\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis_199.zip\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ch/0SEFRCH/SAOS01
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nightfever.ch/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bluewin.ch/index_f.html
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.myway.com/mysearch/?ptnrS=BW
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-ch\msntb.dll
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
      O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
      O4 - HKCU\..\Run: [Smile Brush] "C:\Program Files\Smile Brush\Smile Brush.exe" a
      O4 - Global Startup: hp psc 1000 series.lnk = ?
      O4 - Global Startup: hpoddt01.exe.lnk = ?
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
      O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=http://www.bluewin.ch/index_f.html
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
      O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0241138cd7c91c4dd020/netzip/RdxIE601_fr.cab
      O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://5759.kit.sexequalite.com/14002/CD/BoisdeboulogneT.exe
      O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_FR_XP.cab
      O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
      O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
      O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
      O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      0
  14. Utilisateur anonyme
     
    salut,
    cela a permis de virer les 010 new net

    et pour les sites tu es la 1ere a me le dire, j ai jamais eu de soucis avec ce lien ^^

    relance hijack this puis coche les lignes de vant cela si tu ne connais pas et si tu veux plus le garder:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nightfever.ch/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bluewin.ch/index_f.html

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.myway.com/mysearch/?ptnrS=BW

    fix aussi celle ci, si tu ne connais pas

    O4 - HKCU\..\Run: [Smile Brush] "C:\Program Files\Smile Brush\Smile Brush.exe" a

    fix cela
    O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://5759.kit.sexequalite.com/14002/CD/BoisdeboulogneT.exe<< ohhhhh pas joli looool

    O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_FR_XP.cab

    une fois tu as fait cela, recolle moi un log,

    as tu refais un scan chez RAV?

    presice ou en sont tes soucis

    a+
    0
    1. mel
       
      salut!
      alors j'ai fait ce que tu mâs dit pour hitjackthis sauf qqn car je les connais (page de démarage et serveur d'accès)...
      Je te colle le log de hijackthis ci dessous.
      Sinon j'ai réussi à refaire un scan sur RAV, je crois que je t'ai mis le rapport, non?sinon dis moi et je le referais?
      Pour les soucis mainteant, j'ai moins d'alertes de mon anti-virus et mon ordi plante moins souvent mais encore une fois par jour en moyenne. et l'alerte qui revient encore est le trojan horse TR/P2E.AS qui est dans C:\windows system32\authclient.exe.
      D'ailleurs, je ne sais pas si ca a un lien mais qd je fais un scan avec n'importe quel anti-virus, anti-spyware ou autre, les alertes de mon anti.virus surviennent au moment ou le scan en est dans le systeme 32..
      Voila! je te remercie encore pour ton aide!je n'y arriverais pas sinon!
      A+
      Logfile of HijackThis v1.99.1
      Scan saved at 21:52:21, on 23.05.2005
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\AVPersonal\AVGUARD.EXE
      C:\Program Files\AVPersonal\AVWUPSRV.EXE
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\System32\igfxtray.exe
      C:\WINDOWS\System32\hkcmd.exe
      C:\Program Files\Apoint2K\Apoint.exe
      C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\AVPersonal\AVGNT.EXE
      C:\Program Files\Apoint2K\Apntex.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\DOCUME~1\serveur\LOCALS~1\Temp\Répertoire temporaire 5 pour hijackthis_199.zip\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ch/0SEFRCH/SAOS01
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nightfever.ch/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bluewin.ch/index_f.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: IEHlprObj Class - {F62A47A7-4CA3-9D00-95A3-6724d43a9E8C} - LineAudio.dll (file missing)
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-ch\msntb.dll
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
      O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
      O4 - Global Startup: hp psc 1000 series.lnk = ?
      O4 - Global Startup: hpoddt01.exe.lnk = ?
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
      O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=http://www.bluewin.ch/index_f.html
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
      O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0241138cd7c91c4dd020/netzip/RdxIE601_fr.cab
      O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
      O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
      O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\TOSHIBA\Power Management\CeEPwrSvc.exe
      O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
      0
    2. mel
       
      salut!
      Auj j'ai voulu refaire un scan avec spybot, ad-aware et anti-vir mais il n'y a pas moyen!!le pc plante à tous les coups!!!Que dois-je faire??
      Le trojan suivant apparait sans cesse
      trojan horse TR/P2E.AS situé dans c:\windows system 32\authclient.exe
      ne puis je pas le supprimer directement depuis le system 32?j'ai vu qu'il apparaissait en allant fouiller dans le system 32?
      sinon il y en a un autre, mais ca je ne sais pas ce que c'est: c'est situé dans le system volume information et ca me dit que c'est un backdoor?qu'est-ce que c'est?
      Au secouououours!!!!
      0
    3. badboy59 Messages postés 4292 Statut Contributeur 569 > mel
       
      tu peux toujours le renommer, si il sert à quelque chose, tu lui remettra son nom d'origine.
      0
    4. mel > badboy59 Messages postés 4292 Statut Contributeur
       
      salut!
      merci pour le conseil je vais essayer s'il est encore la car mon anti virus a l'air de vouloir aller jusqu'au bout sans planter..et il m'a demandé si je voulais supprimer ce trojan "authclient.exe". J'ai dit oui en esperant que je pouvais sans endommager mon systeme car ce trojan est dans le system 32...
      Je te tiens au courant et merci d'avoir repondu si vite!
      0
    5. badboy59 Messages postés 4292 Statut Contributeur 569 > mel
       
      t'inquiète pas, bon nombre de cochonneries se logent dans system32 pour justement se protéger !
      0
  15. Utilisateur anonyme
     
    salut,
    juste te signaler, si tu as une alerte de antivir fais cela:
    poste de travail<c<programes files<av personal<
    *infected=quarantaine d antivir, quand quelque chose se situe dedans, supprime le+vide ta corvbeille

    *si t as des alertes, rends toi dans:Logfiles<NTGRDRT (fichier texte)
    ceci correpond au journal des evenements d antivir et donc si t as des alertes tu te rend tout en bas et tu nous copie et colle dans un message toutes la journees

    voila
    a+
    0
    1. mel
       
      salut!
      Alors je crois que j'ai réussi à enlever un trojan avec anti-vir!
      Je suis allée dans le dossier des quarantaines et il n'y avait rien. Je te colle ci-dessous la journée d'aujourd'hui que j'ai copier-coller de logfiles RTGRDRT.
      Je te remercie en tout cas de tous tes conseils et surtout de ta patience!Je ne suis pas très forte en informatique et je trouve ce forum extraordinaire!Merci à vous qui nous aidez!
      Dis moi qd meme, stp, s'il y qqch que je peux faire, suite à ce que je colle ici...
      MERCI!!
      a+
      24/05/2005,09:58:36 ---------------------------------------------------------
      24/05/2005,09:58:36 [INIT] The AVGuard Service is starting.
      24/05/2005,09:58:37 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
      24/05/2005,09:58:39 [INFO] Start Filter Device.
      24/05/2005,09:58:39 AntiVirService Version: 6.30.00.06 AVE Version 6.30.0.12 VDF Version: 6.30.0.187
      24/05/2005,09:58:39 AVGuard has been started successfully!
      24/05/2005,10:07:31 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,10:07:31 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaa215cb.
      24/05/2005,10:27:13 [INFO] Stop Filter Device.
      24/05/2005,10:27:13 AVGuard service has been stopped!
      24/05/2005,10:28:10 ---------------------------------------------------------
      24/05/2005,10:28:10 [INIT] The AVGuard Service is starting.
      24/05/2005,10:28:11 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
      24/05/2005,10:28:13 [INFO] Start Filter Device.
      24/05/2005,10:28:13 AntiVirService Version: 6.30.00.06 AVE Version 6.30.0.12 VDF Version: 6.30.0.187
      24/05/2005,10:28:13 AVGuard has been started successfully!
      24/05/2005,10:28:56 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,10:28:56 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab92da.
      24/05/2005,12:06:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Blarul Backdoor server programs !
      C:\SYSTEM VOLUME INFORMATION\_RESTORE{DD384CBF-031B-4A86-AFE3-F6E9DFC0E467}\RP244\A0046805.EXE
      24/05/2005,12:29:13 [INFO] Stop Filter Device.
      24/05/2005,12:29:15 AVGuard service has been stopped!
      24/05/2005,13:16:59 ---------------------------------------------------------
      24/05/2005,13:16:59 [INIT] The AVGuard Service is starting.
      24/05/2005,13:17:01 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
      24/05/2005,13:17:11 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,13:17:11 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa1d32.
      24/05/2005,13:17:14 [INFO] Start Filter Device.
      24/05/2005,13:17:14 AntiVirService Version: 6.30.00.06 AVE Version 6.30.0.12 VDF Version: 6.30.0.187
      24/05/2005,13:17:14 AVGuard has been started successfully!
      24/05/2005,13:20:36 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE
      24/05/2005,13:21:33 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE
      24/05/2005,13:23:49 ---------------------------------------------------------
      24/05/2005,13:23:49 [INIT] The AVGuard Service is starting.
      24/05/2005,13:23:50 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
      24/05/2005,13:23:54 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,13:23:54 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa28e5.
      24/05/2005,13:23:59 [INFO] Start Filter Device.
      24/05/2005,13:23:59 AntiVirService Version: 6.30.00.06 AVE Version 6.30.0.12 VDF Version: 6.30.0.187
      24/05/2005,13:23:59 AVGuard has been started successfully!
      24/05/2005,13:28:54 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE
      24/05/2005,13:30:12 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:30:24 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:30:59 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:31:33 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:32:04 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:32:21 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:32:37 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:32:59 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:33:17 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:33:31 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:33:46 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:34:19 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL
      24/05/2005,13:36:55 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE
      24/05/2005,13:37:29 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE
      24/05/2005,13:37:26 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE
      24/05/2005,13:38:50 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\RECYCLER\S-1-5-21-35635692-4148924931-150763124-1005\DC15.EXE
      24/05/2005,13:39:01 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\RECYCLER\S-1-5-21-35635692-4148924931-150763124-1005\DC15.EXE
      24/05/2005,13:39:44 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\RECYCLER\S-1-5-21-35635692-4148924931-150763124-1005\DC15.EXE
      24/05/2005,13:40:02 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\RECYCLER\S-1-5-21-35635692-4148924931-150763124-1005\DC15.EXE
      24/05/2005,13:40:14 WARNING: Is the Trojan horse TR/P2E.AS!
      C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE
      24/05/2005,14:36:04 ---------------------------------------------------------
      24/05/2005,14:36:04 [INIT] The AVGuard Service is starting.
      24/05/2005,14:36:05 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
      24/05/2005,14:36:07 [INFO] Start Filter Device.
      24/05/2005,14:36:07 AntiVirService Version: 6.30.00.06 AVE Version 6.30.0.12 VDF Version: 6.30.0.187
      24/05/2005,14:36:07 AVGuard has been started successfully!
      24/05/2005,14:36:16 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,14:36:16 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaaa0278.
      24/05/2005,15:00:36 ---------------------------------------------------------
      24/05/2005,15:00:36 [INIT] The AVGuard Service is starting.
      24/05/2005,15:00:36 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
      24/05/2005,15:00:38 [INFO] Start Filter Device.
      24/05/2005,15:00:38 AntiVirService Version: 6.30.00.06 AVE Version 6.30.0.12 VDF Version: 6.30.0.187
      24/05/2005,15:00:38 AVGuard has been started successfully!
      24/05/2005,15:01:59 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,15:01:59 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaab1f77.
      24/05/2005,15:09:09 [INFO] Stop Filter Device.
      24/05/2005,15:09:10 AVGuard service has been stopped!
      24/05/2005,19:32:18 ---------------------------------------------------------
      24/05/2005,19:32:18 [INIT] The AVGuard Service is starting.
      24/05/2005,19:32:19 [INIT] Keyfile contains a valid license. The AVGuard service will run as a fully functional version!
      24/05/2005,19:32:21 [INFO] Start Filter Device.
      24/05/2005,19:32:21 AntiVirService Version: 6.30.00.06 AVE Version 6.30.0.12 VDF Version: 6.30.0.187
      24/05/2005,19:32:21 AVGuard has been started successfully!
      24/05/2005,19:33:10 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,19:33:10 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaaabeafa.
      24/05/2005,22:13:31 [LOGON] Connection request by remote computer. Establishing secure communication channel.
      24/05/2005,22:13:31 [LOGON] Connection to computer 127.0.0.1 established successfully. Session ID = 0xaa3ea50a.
      0
  16. Utilisateur anonyme
     
    salut mel
    tu as pas mal d alertes, cela se traduit par des warning dans ce que tu m as coller:

    24/05/2005,12:06:29 WARNING: Contains a signature of the (dangerous) backdoor program BDS/Blarul Backdoor server programs !
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{DD384CBF-031B-4A86-AFE3-F6E9DFC0E467}\RP244\A0046805.EXE

    tu fais clik droit poste de travail<propriete<onglet restauration systeme<tu coche desactiver la restauration puis decoche la case et supprmes les points de restaurations

    ensuite supprime ceci:
    C:\WINDOWS\SYSTEM32\AUTHCLIENT.EXE

    pour ceci
    C:\RECYCLER\S-1-5-21-35635692-4148924931-150763124-1005\DC15.EXE

    recycler=ta corbeille alors vide la !

    a supprimer:
    C:\WINDOWS\SYSTEM32\P2ESOCKS_1031.DLL

    et enfin si tu peux:
    lance un scan chez RAV :
    http://www.ravantivirus.com/scan/

    Clique sur "To continue without subscribing click here" et attends quelques minutes.
    Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
    A la fin de l'analyse, copie/colle le rapport ici

    a+

    Questions?
    0
    1. mel
       
      salut regis!
      Alors je suis allée dans system 32 et il n'y a plus ni authclient.exe, ni l'autre P2ESOCKS.dll..
      J'ai voulu faire un scan avec RAV mais mon ordi a planté..je vais ré-essayé et dés que j'y arrive, je te colle le rapport!
      POurquoi ca plante encore alors qu'il n'y a plus les deux virus ci-dessus?
      a+
      0
  17. Utilisateur anonyme
     
    re mel,
    pour auto client et l autre la essai d affichier ca avant et de chercher:
    ¤Affiche tous les fichiers et dossiers :
    Clique sur démarrer/panneau de configuration/option des dossiers/affichage

    Cocher afficher les dossiers cacher

    Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

    Décocher masquer les extensions dont le type est connu
    Puis fais «Ok» pour valider les changements.

    Et appliquer !

    antivir te detect encore des choses

    a+ mel, tiens moi au courant
    0
    1. mel
       
      salut regis,
      alors j'ai fait ce que tu as dit, mais la non plus je ne trouve pas ses dossiers..
      Je n'ai plus d'alertes de mon anti-virus par contre dés que je veux lancer un scan RAV ou spybot, rien à faire, ca plante!
      Je ne sais pas pourquoi car visiblement, les trojan ne me sont plus signalés sytematiquement comme il y a qqes jours..
      que crois tu que je doive faire?
      0
  18. greg
     
    slt!!
    pour eviter que ton pc plante lors du scan essaie ce qui suit:
    -demarre ton antivirus (pas le scan juste l antivirus)
    -fer CTRL+ALT+SUPPR en mm temps
    -va ds processus
    -si tu utilise antivir tu doi trouver en majuscule"AVGNT.EXE"
    -selectione en clik droit puis fer definir la prioriter et la tu selectionne "haute"
    -lance enfin ton scan et laisse le travailler
    -si tu utilise un otre logiciel antivirus ou autre fer la mm manip et trouve le nom de ton logiciel ds le processus
    ton logiciel primera sur les autres.
    sinn j essairai de trouver d otre soluce a ton pb!!
    essaie de telecharger TUNEUP utilities 2004(version 30jour d essai) et essaie le tt les fonctions du logiciel son expliké.
    bonne chance a+++
    0
    1. mel
       
      ok merci je vais essayer et je te redis..mais en général, anti-vir va jusqu'au bout, c'est spybot et RAV qui font que mon pc plante...
      Merci pour ton aide!
      a+
      0
  19. Utilisateur anonyme
     
    t as supprimer les points exe de la derniere fois?

    plus d alertes d antivir? fais le tourner pour voir et colle tout le rapport

    a+
    0
    1. mel
       
      ok je le fais et je te l'envoie..
      oui j'avais supprimé via l'anti-virus..
      0
  20. Utilisateur anonyme
     
    sinon fais ca
    demarer<poste de travail<c<program files<av personal<logfiles<NTGRDRT<(rapport journalier) et copie colle ou il y a les alertes, si tu les a eu aujourd hui met le rapport d aujourd hui
    0
  21. mel
     
    alors voila le rapport de anti-vir(excuse je ne suis pas sure que ca soit ca, ca me semble un peu trp long...sinon il ne m'a rien detecté..je viens de lancer ad-aware, en esperant que ca ne plante pas..

    Creation date of the report file: jeudi, 26. mai 2005 22:33

    AntiVir®/XP (2000 + NT) PersonalEdition Classic Build 1035, 16.03.2005
    Mainprogram 6.30.00.17 of 07.03.2005
    VDF file 6.30.0.202 (0) of 25.05.2005

    This program is for PERSONAL USE only.
    Any other use is PROHIBITED.
    Informations regarding commercial versions of AntiVir may be obtained from:
    www.antivir-pe.com.

    Scanning for 172826 virus strains and unwanted programs.

    Licensed for: AntiVir Personal Edition
    Serial number: 0000149996-ADJIE-0001
    FUSE: Basic license

    Please enter the workstation and
    contact name with phone number in this form:

    Name ___________________________________________

    Street ___________________________________________

    Town ___________________________________________

    Phone/Fax ___________________________________________

    Email ___________________________________________

    Platform: Windows NT Workstation
    Windows version: 5.1 Build 2600 (Service Pack 2)
    Username: serveur
    Processor: Pentium
    Working memory: 489904 KB free

    Version information:
    AVWIN.DLL : 6.30.00.17 561192 16.03.2005 10:18:06
    AVEWIN32.DLL : 6.30.0.15 823808 25.05.2005 19:29:08
    AVGNT.EXE : 6.30.00.01 163943 17.02.2005 12:53:00
    AVGUARD.EXE : 6.30.00.06 240168 01.03.2005 16:19:28
    GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:12
    AVGCMSG.DLL : 6.30.00.01 290933 02.02.2005 10:51:50
    AVGNTDW.SYS : 6.30.00.04 32640 28.01.2005 12:55:44
    AVPACK32.DLL : 6.30.0.7 372816 16.03.2005 10:18:06
    AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20
    AVWIN.DLL : 6.30.00.17 561192 16.03.2005 10:18:06
    AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 18:10:22
    AVSched32.EXE : 6.30.00.00 110632 01.02.2005 11:24:12
    AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:12
    AVREG.DLL : 6.30.00.03 41000 10.02.2005 18:47:48
    AVRep.DLL : 6.30.00.202 1126440 25.05.2005 19:29:18
    INETUPD.EXE : 6.30.00.17 266299 16.03.2005 10:18:06
    INETUPD.DLL : 6.30.00.17 143360 16.03.2005 10:18:06
    CTL3D32.DLL : 2.31.000 27136 30.08.2002 15:00:00
    MFC42.DLL : 6.02.4131.0 1028096 20.08.2004 01:09:30
    MSVCRT.DLL : 7.0.2600.2180 (xpsp_sp2_rtm.0408
    MSVCRT.DLL : 7.0.2600.2180 343040 20.08.2004 01:09:34
    CTL3DV2.DLL : No information

    Configuration file:

    Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
    Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
    Start path: C:\Program Files\AVPersonal
    Command line:
    Start mode: unknown

    Mode of report file:
    [ ] Do not create report
    [X] Overwrite report
    [ ] Append new report

    Data in report file:
    [X] Infected files
    [ ] Infected files with paths
    [ ] All scanned files
    [ ] Full information

    Abridge report file:
    [ ] Abridge report file

    Warnings in report:
    [X] Access denied/file locked
    [X] Wrong file size in directory
    [X] Wrong creation time in directory
    [ ] COM file is too large
    [X] Invalid start address
    [X] Invalid EXE header
    [X] Possibly damaged

    Summary report:
    [X] Create summary report
    Output file: AVWIN.ACT
    Maximum number of entries: 100

    Where to search:
    [X] Memory
    [X] Boot record of selected drives
    [ ] Report unknown boot sectors
    [ ] All files
    [X] Program files
    Extensions: .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP

    Response in case of a detection:
    [X] Repair with prompt
    [ ] Repair without prompt
    [ ] Delete with prompt
    [ ] Delete without prompt
    [ ] Write in report file only
    [X] Acoustic alarm

    Response in case of destroyed files:
    [X] Delete with prompt
    [ ] Delete without prompt
    [ ] Ignore

    Response in case of destroyed files:
    [X] No change
    [ ] Current system time
    [ ] Correct date

    Drag&drop settings:
    [X] Scan subdirectories

    Profile settings:
    [X] Scan subdirectories

    Archive options
    [X] Search archive
    [X] All archive types

    Miscellaneous options:
    Temporary path: %TEMP% -> C:\DOCUME~1\serveur\LOCALS~1\Temp
    [X] Overwrite infected files
    [ ] Detect idle time
    [X] Allow interruptions of scan
    [X] Load AVWin®/NT Guard on System start

    General settings:
    [X] Save options on exiting AntiVir
    Priority: medium

    Drives:
    C: Hard disk
    D: Hard disk
    E: CD-ROM

    Start of scan: jeudi, 26. mai 2005 22:33

    Memory test OK
    Master boot record of hard disk HD0 OK
    Boot record of drive C: OK

    C:\
    hiberfil.sys
    Access denied! Error during file opening!
    Error code: 0x000D
    WARNING! Access error/file locked!
    pagefile.sys
    Access denied! Error during file opening!
    This is a Windows swap file. This file is locked by Windows.
    Error code: 0x000D
    WARNING! Access error/file locked!
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery
    CarpeDiemVars.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication1.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication10.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication11.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication2.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication3.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication4.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication5.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication6.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication7.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication8.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    ConnectMFCApplication9.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MagicControlAgent.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar1.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar2.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar3.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar4.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar5.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar6.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar7.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    MyWayMyBar8.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    RadLightMediaPlayer.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer1.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer10.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer11.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer12.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer13.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer14.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer15.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer2.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer3.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer4.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer5.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer6.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer7.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer8.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    webHancer9.zip
    ArchiveType: ZIP
    NOTE! The whole archive is password protected
    C:\I386
    DRIVER.CAB
    ArchiveType: CAB (Microsoft)
    --> irda.sys
    WARNING! Error open file
    --> irftp.exe
    NOTE! Invalid compressed data
    --> irmk7.sys
    NOTE! Invalid compressed data
    --> irmon.dll
    NOTE! Invalid compressed data
    --> irprops.cpl
    NOTE! Invalid compressed data
    --> irsir.sys
    NOTE! Invalid compressed data
    --> irstusb.sys
    NOTE! Invalid compressed data
    --> msircomm.sys
    NOTE! Invalid compressed data
    --> nscirda.sys
    NOTE! Invalid compressed data
    --> ntapm.sys
    NOTE! Invalid compressed data
    --> ntgrip.sys
    NOTE! Invalid compressed data
    --> nv3.dll
    NOTE! Invalid compressed data
    --> nv3.sys
    NOTE! Invalid compressed data
    --> rasirda.sys
    NOTE! Invalid compressed data
    --> reslog32.dll
    NOTE! Invalid compressed data
    --> smcirda.sys
    NOTE! Invalid compressed data
    --> swpdflt2.dll
    NOTE! Invalid compressed data
    --> swpidflt.dll
    NOTE! Invalid compressed data
    --> swusbflt.sys
    NOTE! Invalid compressed data
    --> tos4mo.sys
    NOTE! Invalid compressed data
    --> viairda.sys
    NOTE! Invalid compressed data
    --> vinwm.sys
    NOTE! Invalid compressed data
    --> wbfirdma.sys
    NOTE! Invalid compressed data
    --> wshirda.dll
    NOTE! Invalid compressed data
    --> xcci2032.dll
    NOTE! Invalid compressed data
    --> 1394bus.sys
    NOTE! Invalid compressed data
    --> 1394vdbg.sys
    NOTE! Invalid compressed data
    --> 31x5hc01.hlp
    NOTE! Invalid compressed data
    --> 31x5hs01.hlp
    NOTE! Invalid compressed data
    --> 31x5lc04.dll
    NOTE! Invalid compressed data
    --> 31x5ls04.dll
    NOTE! Invalid compressed data
    --> 31x5rc04.dll
    NOTE! Invalid compressed data
    --> 31x5rs04.dll
    NOTE! Invalid compressed data
    --> 31x5uc04.dll
    NOTE! Invalid compressed data
    --> 31x5uc04.ini
    NOTE! Invalid compressed data
    --> 31x5us04.dll
    NOTE! Invalid compressed data
    --> 31x5us04.ini
    NOTE! Invalid compressed data
    --> 3cwmcru.sys
    NOTE! Invalid compressed data
    --> 3dfxvs.dll
    NOTE! Invalid compressed data
    --> 3dfxvsm.sys
    NOTE! Invalid compressed data
    --> 4mmdat.sys
    NOTE! Invalid compressed data
    --> 61883.sys
    NOTE! Invalid compressed data
    --> 720pphlp.htm
    NOTE! Invalid compressed data
    --> 740pphlp.htm
    NOTE! Invalid compressed data
    --> 8514a.dll
    NOTE! Invalid compressed data
    --> a3d.dll
    NOTE! Invalid compressed data
    --> a3dapi.dll
    NOTE! Invalid compressed data
    --> abp480n5.sys
    NOTE! Invalid compressed data
    --> ac300nd5.sys
    NOTE! Invalid compressed data
    --> ac97ali.sys
    NOTE! Invalid compressed data
    --> ac97intc.sys
    NOTE! Invalid compressed data
    --> ac97sis.sys
    NOTE! Invalid compressed data
    --> ac97via.sys
    NOTE! Invalid compressed data
    --> acerscad.dll
    NOTE! Invalid compressed data
    --> acpi.sys
    NOTE! Invalid compressed data
    --> acpiec.sys
    NOTE! Invalid compressed data
    --> adicvls.sys
    NOTE! Invalid compressed data
    --> adm8511.sys
    NOTE! Invalid compressed data
    --> adm8810.sys
    NOTE! Invalid compressed data
    --> adm8820.sys
    NOTE! Invalid compressed data
    --> adm8830.sys
    NOTE! Invalid compressed data
    --> admjoy.sys
    NOTE! Invalid compressed data
    --> adptsf50.sys
    NOTE! Invalid compressed data
    --> adpu160m.sys
    NOTE! Invalid compressed data
    --> aec.sys
    NOTE! Invalid compressed data
    --> agcgauge.ax
    NOTE! Invalid compressed data
    --> agp440.sys
    NOTE! Invalid compressed data
    --> agpcpq.sys
    NOTE! Invalid compressed data
    --> aha154x.sys
    NOTE! Invalid compressed data
    --> aic78u2.sys
    NOTE! Invalid compressed data
    --> aic78xx.sys
    NOTE! Invalid compressed data
    --> air300pp.dll
    NOTE! Invalid compressed data
    --> ali5261.sys
    NOTE! Invalid compressed data
    --> aliide.sys
    NOTE! Invalid compressed data
    --> alim1541.sys
    NOTE! Invalid compressed data
    --> alpsres.dll
    NOTE! Invalid compressed data
    --> alpsres.ini
    NOTE! Invalid compressed data
    --> amb8002.sys
    NOTE! Invalid compressed data
    --> amdagp.sys
    NOTE! Invalid compressed data
    --> amdk6.sys
    NOTE! Invalid compressed data
    --> amsint.sys
    NOTE! Invalid compressed data
    --> an983.sys
    NOTE! Invalid compressed data
    --> arp1394.sys
    NOTE! Invalid compressed data
    --> asc.sys
    NOTE! Invalid compressed data
    --> asc3350p.sys
    NOTE! Invalid compressed data
    --> asc3550.sys
    NOTE! Invalid compressed data
    --> aspndis3.sys
    NOTE! Invalid compressed data
    --> atapi.sys
    NOTE! Invalid compressed data
    --> ati.dll
    NOTE! Invalid compressed data
    --> ati.sys
    NOTE! Invalid compressed data
    --> ati2draa.dll
    NOTE! Invalid compressed data
    --> ati2mpaa.sys
    NOTE! Invalid compressed data
    --> atibt829.sys
    NOTE! Invalid compressed data
    --> atidrab.dll
    NOTE! Invalid compressed data
    --> atidrae.dll
    NOTE! Invalid compressed data
    --> atidvag.dll
    NOTE! Invalid compressed data
    --> atidvai.dll
    NOTE! Invalid compressed data
    --> atievxx.exe
    NOTE! Invalid compressed data
    --> atimpab.sys
    NOTE! Invalid compressed data
    --> atimpae.sys
    NOTE! Invalid compressed data
    --> atimtag.sys
    NOTE! Invalid compressed data
    --> atimtai.sys
    NOTE! Invalid compressed data
    --> atipcxxx.sys
    NOTE! Invalid compressed data
    --> atiraged.dll
    NOTE! Invalid compressed data
    --> atiragem.sys
    NOTE! Invalid compressed data
    --> atirtcap.sys
    NOTE! Invalid compressed data
    --> atirtsnd.sys
    NOTE! Invalid compressed data
    --> atitunep.sys
    NOTE! Invalid compressed data
    --> atitvsnd.sys
    NOTE! Invalid compressed data
    --> ativmdcd.sys
    NOTE! Invalid compressed data
    --> ativttxx.sys
    NOTE! Invalid compressed data
    --> ativxbar.sys
    NOTE! Invalid compressed data
    --> atixbar.sys
    NOTE! Invalid compressed data
    --> audstub.sys
    NOTE! Invalid compressed data
    --> avc.sys
    NOTE! Invalid compressed data
    --> avcaudio.sys
    NOTE! Invalid compressed data
    --> avcstrm.sys
    NOTE! Invalid compressed data
    --> avmc20.dll
    NOTE! Invalid compressed data
    --> avmc2032.dll
    NOTE! Invalid compressed data
    --> avmcapi.dll
    NOTE! Invalid compressed data
    --> avmcoxp.dll
    NOTE! Invalid compressed data
    --> avmenum.dll
    NOTE! Invalid compressed data
    --> avmwan.sys
    NOTE! Invalid compressed data
    --> aztw2320.sys
    NOTE! Invalid compressed data
    --> b1cbase.sys
    NOTE! Invalid compressed data
    --> b57xp32.sys
    NOTE! Invalid compressed data
    --> banshee.dll
    NOTE! Invalid compressed data
    --> banshee.sys
    NOTE! Invalid compressed data
    --> battc.sys
    NOTE! Invalid compressed data
    --> bcm42u.sys
    NOTE! Invalid compressed data
    --> bcm42xx5.sys
    NOTE! Invalid compressed data
    --> bcm4e5.sys
    NOTE! Invalid compressed data
    --> bcmdm.sys
    NOTE! Invalid compressed data
    --> bdaplgin.ax
    NOTE! Invalid compressed data
    --> bdasup.sys
    NOTE! Invalid compressed data
    --> binlsvc.dll
    NOTE! Invalid compressed data
    --> bioprime.bin
    NOTE! Invalid compressed data
    --> br24res.dll
    NOTE! Invalid compressed data
    --> br9res.dll
    NOTE! Invalid compressed data
    --> brbidiif.dll
    NOTE! Invalid compressed data
    --> brcl00ui.dll
    NOTE! Invalid compressed data
    --> brclr.dll
    NOTE! Invalid compressed data
    --> brclr.ini
    NOTE! Invalid compressed data
    --> brclr0.dll
    NOTE! Invalid compressed data
    --> brclr0.ini
    NOTE! Invalid compressed data
    --> brclr00.dll
    NOTE! Invalid compressed data
    --> brclr00.ini
    NOTE! Invalid compressed data
    --> brclr0ui.dll
    NOTE! Invalid compressed data
    --> brclrui.dll
    NOTE! Invalid compressed data
    --> brcoinst.dll
    NOTE! Invalid compressed data
    --> brevif.dll
    NOTE! Invalid compressed data
    --> brfilt.sys
    NOTE! Invalid compressed data
    --> brfiltlo.sys
    NOTE! Invalid compressed data
    --> brfiltup.sys
    NOTE! Invalid compressed data
    --> brhjres.dll
    NOTE! Invalid compressed data
    --> brhlres.dll
    NOTE! Invalid compressed data
    --> brmfbidi.dll
    NOTE! Invalid compressed data
    --> brmfbidi.ini
    NOTE! Invalid compressed data
    --> brmfcwia.dll
    NOTE! Invalid compressed data
    --> brmflpt.dll
    NOTE! Invalid compressed data
    --> brmfpmon.dll
    NOTE! Invalid compressed data
    --> brmfrsmg.exe
    NOTE! Invalid compressed data
    --> brmfusb.dll
    NOTE! Invalid compressed data
    --> brmsi01.bin
    NOTE! Invalid compressed data
    --> brmsi02.bin
    NOTE! Invalid compressed data
    --> brmsi02f.bin
    NOTE! Invalid compressed data
    --> brmsi03.bin
    NOTE! Invalid compressed data
    --> brmsi03f.bin
    NOTE! Invalid compressed data
    --> brmsl01.bin
    NOTE! Invalid compressed data
    --> brmsl01f.bin
    NOTE! Invalid compressed data
    --> brmsl02.bin
    NOTE! Invalid compressed data
    --> brmsl03.bin
    NOTE! Invalid compressed data
    --> brmsl04.bin
    NOTE! Invalid compressed data
    --> brother.dll
    NOTE! Invalid compressed data
    --> brother.ini
    NOTE! Invalid compressed data
    --> brothui.dll
    NOTE! Invalid compressed data
    --> brparimg.sys
    NOTE! Invalid compressed data
    --> brparwdm.sys
    NOTE! Invalid compressed data
    --> brscnrsm.dll
    NOTE! Invalid compressed data
    --> brserif.dll
    NOTE! Invalid compressed data
    --> brserwdm.sys
    NOTE! Invalid compressed data
    --> brusbmdm.sys
    NOTE! Invalid compressed data
    --> brusbscn.sys
    NOTE! Invalid compressed data
    --> brzwlan.sys
    NOTE! Invalid compressed data
    --> bul18res.dll
    NOTE! Invalid compressed data
    --> bul24res.dll
    NOTE! Invalid compressed data
    --> bull9res.dll
    NOTE! Invalid compressed data
    --> bulltlp3.sys
    NOTE! Invalid compressed data
    --> c2.bin
    NOTE! Invalid compressed data
    --> c4.bin
    NOTE! Invalid compressed data
    --> camdro21.sys
    NOTE! Invalid compressed data
    --> camdrv21.sys
    NOTE! Invalid compressed data
    --> camdrv30.sys
    NOTE! Invalid compressed data
    --> camexo20.ax
    NOTE! Invalid compressed data
    --> camexo20.dll
    NOTE! Invalid compressed data
    --> camext20.ax
    NOTE! Invalid compressed data
    --> camext20.dll
    NOTE! Invalid compressed data
    --> camext30.ax
    NOTE! Invalid compressed data
    --> camext30.dll
    NOTE! Invalid compressed data
    --> cb102.sys
    NOTE! Invalid compressed data
    --> cb325.sys
    NOTE! Invalid compressed data
    --> cben5.sys
    NOTE! Invalid compressed data
    --> cbidf2k.sys
    NOTE! Invalid compressed data
    --> cbmdmkxx.sys
    NOTE! Invalid compressed data
    --> ccdecode.sys
    NOTE! Invalid compressed data
    --> cd20xrnt.sys
    NOTE! Invalid compressed data
    --> cdaudio.sys
    NOTE! Invalid compressed data
    --> cdrom.sys
    NOTE! Invalid compressed data
    --> ce2n5.sys
    NOTE! Invalid compressed data
    --> ce3n5.sys
    NOTE! Invalid compressed data
    --> cem28n5.sys
    NOTE! Invalid compressed data
    --> cem33n5.sys
    NOTE! Invalid compressed data
    --> cem56n5.sys
    NOTE! Invalid compressed data
    --> changer.sys
    NOTE! Invalid compressed data
    --> cinemclc.sys
    NOTE! Invalid compressed data
    --> cinemst2.sys
    NOTE! Invalid compressed data
    --> cirrus.dll
    NOTE! Invalid compressed data
    --> cirrus.sys
    NOTE! Invalid compressed data
    --> citohres.dll
    NOTE! Invalid compressed data
    --> citohres.ini
    NOTE! Invalid compressed data
    --> cl5465.dll
    NOTE! Invalid compressed data
    --> cl546x.dll
    NOTE! Invalid compressed data
    --> cl546xm.sys
    NOTE! Invalid compressed data
    --> cmbatt.sys
    NOTE! Invalid compressed data
    --> cmbp0wdm.sys
    NOTE! Invalid compressed data
    --> cmdide.sys
    NOTE! Invalid compressed data
    --> cn1000.hlp
    NOTE! Invalid compressed data
    --> cn1000.ini
    NOTE! Invalid compressed data
    --> cn10000.dll
    NOTE! Invalid compressed data
    --> cn10001.dll
    NOTE! Invalid compressed data
    --> cn10002.dll
    NOTE! Invalid compressed data
    --> cn160.hlp
    NOTE! Invalid compressed data
    --> cn160.ini
    NOTE! Invalid compressed data
    --> cn1600.dll
    NOTE! Invalid compressed data
    --> cn1601.dll
    NOTE! Invalid compressed data
    --> cn1602.dll
    NOTE! Invalid compressed data
    --> cn1760e.hlp
    NOTE! Invalid compressed data
    --> cn1760e.ini
    NOTE! Invalid compressed data
    --> cn1760e0.dll
    NOTE! Invalid compressed data
    --> cn1760e1.dll
    NOTE! Invalid compressed data
    --> cn1760e2.dll
    NOTE! Invalid compressed data
    --> cn200.hlp
    NOTE! Invalid compressed data
    --> cn200.ini
    NOTE! Invalid compressed data
    --> cn2000.dll
    NOTE! Invalid compressed data
    --> cn2001.dll
    NOTE! Invalid compressed data
    --> cn2002.dll
    NOTE! Invalid compressed data
    --> cn3260.hlp
    NOTE! Invalid compressed data
    --> cn3260.ini
    NOTE! Invalid compressed data
    --> cn32600.dll
    NOTE! Invalid compressed data
    --> cn32601.dll
    NOTE! Invalid compressed data
    --> cn32602.dll
    NOTE! Invalid compressed data
    --> cn330res.dll
    NOTE! Invalid compressed data
    --> cnb1000.dll
    NOTE! Invalid compressed data
    --> cnb1000s.dll
    NOTE! Invalid compressed data
    --> cnb2000.dll
    NOTE! Invalid compressed data
    --> cnb2000s.dll
    NOTE! Invalid compressed data
    --> cnb210.dll
    NOTE! Invalid compressed data
    --> cnb2100.dll
    NOTE! Invalid compressed data
    --> cnb2100s.dll
    NOTE! Invalid compressed data
    --> cnb210sp.dll
    NOTE! Invalid compressed data
    --> cnb240.dll
    NOTE! Invalid compressed data
    --> cnb250.dll
    NOTE! Invalid compressed data
    --> cnb255sp.dll
    NOTE! Invalid compressed data
    --> cnb265sp.dll
    NOTE! Invalid compressed data
    --> cnb3000.dll
    NOTE! Invalid compressed data
    --> cnb4000.dll
    NOTE! Invalid compressed data
    --> cnb4100.dll
    NOTE! Invalid compressed data
    --> cnb4200.dll
    NOTE! Invalid compressed data
    --> cnb4200s.dll
    NOTE! Invalid compressed data
    --> cnb4300.dll
    NOTE! Invalid compressed data
    --> cnb4300s.dll
    NOTE! Invalid compressed data
    --> cnb4400.dll
    NOTE! Invalid compressed data
    --> cnb4550.dll
    NOTE! Invalid compressed data
    --> cnb4650.dll
    NOTE! Invalid compressed data
    --> cnb50.dll
    NOTE! Invalid compressed data
    --> cnb55.dll
    NOTE! Invalid compressed data
    --> cnb5500.dll
    NOTE! Invalid compressed data
    --> cnb600.dll
    NOTE! Invalid compressed data
    --> cnb6000.dll
    NOTE! Invalid compressed data
    --> cnb600e.dll
    NOTE! Invalid compressed data
    --> cnb610.dll
    NOTE! Invalid compressed data
    --> cnb6100.dll
    NOTE! Invalid compressed data
    --> cnb620.dll
    NOTE! Invalid compressed data
    --> cnb6200.dll
    NOTE! Invalid compressed data
    --> cnb6500.dll
    NOTE! Invalid compressed data
    --> cnb70.dll
    NOTE! Invalid compressed data
    --> cnb7000.dll
    NOTE! Invalid compressed data
    --> cnb7100.dll
    NOTE! Invalid compressed data
    --> cnb80.dll
    NOTE! Invalid compressed data
    --> cnb800.dll
    NOTE! Invalid compressed data
    --> cnb8000.dll
    NOTE! Invalid compressed data
    --> cnb820.dll
    NOTE! Invalid compressed data
    --> cnb85.dll
    NOTE! Invalid compressed data
    --> cnbj.ini
    NOTE! Invalid compressed data
    --> cnbj2.ini
    NOTE! Invalid compressed data
    --> cnbjcres.dll
    NOTE! Invalid compressed data
    --> cnbjdrc.dll
    NOTE! Invalid compressed data
    --> cnbjdrs.dll
    NOTE! Invalid compressed data
    --> cnbjdrv.dll
    NOTE! Invalid compressed data
    --> cnbjdrv2.dll
    NOTE! Invalid compressed data
    --> cnbjhlp.hlp
    NOTE! Invalid compressed data
    --> cnbjhlp2.hlp
    NOTE! Invalid compressed data
    --> cnbjmon.dll
    NOTE! Invalid compressed data
    --> cnbjmon2.dll
    NOTE! Invalid compressed data
    --> cnbjsp.ini
    NOTE! Invalid compressed data
    --> cnbjui.dll
    NOTE! Invalid compressed data
    --> cnbjui2.dll
    NOTE! Invalid compressed data
    --> cnbo59.dll
    NOTE! Invalid compressed data
    --> cnbo64.dll
    NOTE! Invalid compressed data
    --> cnbostd.dll
    NOTE! Invalid compressed data
    --> cnbpgr01.dll
    NOTE! Invalid compressed data
    --> cnbpgr02.dll
    NOTE! Invalid compressed data
    --> cnbpgr03.dll
    NOTE! Invalid compressed data
    --> cnbpgr05.dll
    NOTE! Invalid compressed data
    --> cnbpgr08.dll
    NOTE! Invalid compressed data
    --> cnbs400.dll
    NOTE! Invalid compressed data
    --> cnbs450.dll
    NOTE! Invalid compressed data
    --> cnbs4500.dll
    NOTE! Invalid compressed data
    --> cnlbpres.dll
    NOTE! Invalid compressed data
    --> cnusd.dll
    NOTE! Invalid compressed data
    --> cnxt1803.sys
    NOTE! Invalid compressed data
    --> compbatt.sys
    NOTE! Invalid compressed data
    --> cpqarray.sys
    NOTE! Invalid compressed data
    --> cpqdap01.sys
    NOTE! Invalid compressed data
    --> cpqndis5.sys
    NOTE! Invalid compressed data
    --> cpqtrnd5.sys
    NOTE! Invalid compressed data
    --> cpscan.dll
    NOTE! Invalid compressed data
    --> cq12fcic.dll
    NOTE! Invalid compressed data
    --> cq12icur.dll
    NOTE! Invalid compressed data
    --> cq12sdrv.ini
    NOTE! Invalid compressed data
    --> cq12srdr.dll
    NOTE! Invalid compressed data
    --> cq12sres.dll
    NOTE! Invalid compressed data
    --> cq12sui.dll
    NOTE! Invalid compressed data
    --> cq30fcic.dll
    NOTE! Invalid compressed data
    --> cq30icur.dll
    NOTE! Invalid compressed data
    --> cq30sdrv.ini
    NOTE! Invalid compressed data
    --> cq30srdr.dll
    NOTE! Invalid compressed data
    --> cq30sres.dll
    NOTE! Invalid compressed data
    --> cq30sui.dll
    NOTE! Invalid compressed data
    --> cq60fcic.dll
    NOTE! Invalid compressed data
    --> cq60icur.dll
    NOTE! Invalid compressed data
    --> cq60sdrv.ini
    NOTE! Invalid compressed data
    --> cq60srdr.dll
    NOTE! Invalid compressed data
    --> cq60sres.dll
    NOTE! Invalid compressed data
    --> cq60sui.dll
    NOTE! Invalid compressed data
    --> cq70fcic.dll
    NOTE! Invalid compressed data
    --> cq70icur.dll
    NOTE! Invalid compressed data
    --> cq70sdrv.ini
    NOTE! Invalid compressed data
    --> cq70srdr.dll
    NOTE! Invalid compressed data
    --> cq70sres.dll
    NOTE! Invalid compressed data
    --> cq70sui.dll
    NOTE! Invalid compressed data
    --> cq75fcic.dll
    NOTE! Invalid compressed data
    --> cq75icur.dll
    NOTE! Invalid compressed data
    --> cq75sdrv.ini
    NOTE! Invalid compressed data
    --> cq75srdr.dll
    NOTE! Invalid compressed data
    --> cq75sres.dll
    NOTE! Invalid compressed data
    --> cq75sui.dll
    NOTE! Invalid compressed data
    --> cq90fcic.dll
    NOTE! Invalid compressed data
    --> cq90icur.dll
    NOTE! Invalid compressed data
    --> cq90sdrv.ini
    NOTE! Invalid compressed data
    --> cq90srdr.dll
    NOTE! Invalid compressed data
    --> cq90sres.dll
    NOTE! Invalid compressed data
    --> cq90sui.dll
    NOTE! Invalid compressed data
    --> cqsdclr1.dll
    NOTE! Invalid compressed data
    --> cqsdclr2.dll
    NOTE! Invalid compressed data
    --> crtaud.sys
    NOTE! Invalid compressed data
    --> crusoe.sys
    NOTE! Invalid compressed data
    --> csamsp.dll
    NOTE! Invalid compressed data
    --> ct24res.dll
    NOTE! Invalid compressed data
    --> ct9res.dll
    NOTE! Invalid compressed data
    --> ctlfacem.sys
    NOTE! Invalid compressed data
    --> ctljystk.sys
    NOTE! Invalid compressed data
    --> ctlsb16.sys
    NOTE! Invalid compressed data
    --> ctmasetp.chm
    NOTE! Invalid compressed data
    --> ctmasetp.dll
    NOTE! Invalid compressed data
    --> ctwdm32.dll
    NOTE! Invalid compressed data
    --> cwbase.sys
    NOTE! Invalid compressed data
    --> cwbaudio.bin
    NOTE! Invalid compressed data
    --> cwbmidi.sys
    NOTE! Invalid compressed data
    --> cwbwdm.sys
    NOTE! Invalid compressed data
    --> cwcosnt5.sys
    NOTE! Invalid compressed data
    --> cwcspud.dat
    NOTE! Invalid compressed data
    --> cwcspud.sys
    NOTE! Invalid compressed data
    --> cwcwdm.sys
    NOTE! Invalid compressed data
    --> cwrwdm.sys
    NOTE! Invalid compressed data
    --> cxcon.bin
    NOTE! Invalid compressed data
    --> cxpbios.bin
    NOTE! Invalid compressed data
    --> cxpfep.bin
    NOTE! Invalid compressed data
    --> cyclad-z.sys
    NOTE! Invalid compressed data
    --> cyclom-y.sys
    NOTE! Invalid compressed data
    --> cyycoins.chm
    NOTE! Invalid compressed data
    --> cyycoins.dll
    NOTE! Invalid compressed data
    --> cyyport.sys
    NOTE! Invalid compressed data
    --> cyyports.dll
    NOTE! Invalid compressed data
    --> cyzcoins.chm
    NOTE! Invalid compressed data
    --> cyzcoins.dll
    NOTE! Invalid compressed data
    --> cyzport.sys
    NOTE! Invalid compressed data
    --> cyzports.dll
    NOTE! Invalid compressed data
    --> d100ib5.sys
    NOTE! Invalid compressed data
    --> dac2w2k.sys
    NOTE! Invalid compressed data
    --> dac960nt.sys
    NOTE! Invalid compressed data
    --> dc210_32.dll
    NOTE! Invalid compressed data
    --> dc210usd.dll
    NOTE! Invalid compressed data
    --> dc21x4.sys
    NOTE! Invalid compressed data
    --> dc240usd.dll
    NOTE! Invalid compressed data
    --> dc24res.dll
    NOTE! Invalid compressed data
    --> dc260usd.dll
    NOTE! Invalid compressed data
    --> dc9res.dll
    NOTE! Invalid compressed data
    --> dclsres.dll
    NOTE! Invalid compressed data
    --> dclsres.ini
    NOTE! Invalid compressed data
    --> ddsmc.sys
    NOTE! Invalid compressed data
    --> defpa.sys
    NOTE! Invalid compressed data
    --> devcon32.dll
    NOTE! Invalid compressed data
    --> devldr32.exe
    NOTE! Invalid compressed data
    --> dfe650.sys
    NOTE! Invalid compressed data
    --> dfe650d.sys
    NOTE! Invalid compressed data
    --> dgapci.sys
    NOTE! Invalid compressed data
    --> dgconfig.dll
    NOTE! Invalid compressed data
    --> dgconfig.hlp
    NOTE! Invalid compressed data
    --> dhcpctrs.ini
    NOTE! Invalid compressed data
    --> diapi2.dll
    NOTE! Invalid compressed data
    --> diapi2.sys
    NOTE! Invalid compressed data
    --> diapi232.dll
    NOTE! Invalid compressed data
    --> diapi2nt.dll
    NOTE! Invalid compressed data
    --> diconres.dll
    NOTE! Invalid compressed data
    --> digiasyn.dll
    NOTE! Invalid compressed data
    --> digiasyn.sys
    NOTE! Invalid compressed data
    --> digidbp.dll
    NOTE! Invalid compressed data
    --> digidxb.sys
    NOTE! Invalid compressed data
    --> digifep5.sys
    NOTE! Invalid compressed data
    --> digifwrk.dll
    NOTE! Invalid compressed data
    --> digihlc.dll
    NOTE! Invalid compressed data
    --> digiinf.dll
    NOTE! Invalid compressed data
    --> digiisdn.dll
    NOTE! Invalid compressed data
    --> digiisdn.sys
    NOTE! Invalid compressed data
    --> digiras.chm
    NOTE! Invalid compressed data
    --> digirlpt.chm
    NOTE! Invalid compressed data
    --> digirlpt.dll
    NOTE! Invalid compressed data
    --> digirlpt.sys
    NOTE! Invalid compressed data
    --> digiview.chm
    NOTE! Invalid compressed data
    --> digiview.exe
    NOTE! Invalid compressed data
    --> dimaint.sys
    NOTE! Invalid compressed data
    --> disk.sys
    NOTE! Invalid compressed data
    --> disrvci.dll
    NOTE! Invalid compressed data
    --> disrvpp.dll
    NOTE! Invalid compressed data
    --> disrvsu.dll
    NOTE! Invalid compressed data
    --> ditrace.exe
    NOTE! Invalid compressed data
    --> divaci.dll
    NOTE! Invalid compressed data
    --> divaprop.dll
    NOTE! Invalid compressed data
    --> divasu.dll
    NOTE! Invalid compressed data
    --> diwan.sys
    NOTE! Invalid compressed data
    --> dlh5xnd5.sys
    NOTE! Invalid compressed data
    --> dlttape.sys
    NOTE! Invalid compressed data
    --> dm9pci5.sys
    NOTE! Invalid compressed data
    --> dmusic.sys
    NOTE! Invalid compressed data
    --> dmutil.dll
    NOTE! Invalid compressed data
    --> dot4.sys
    NOTE! Invalid compressed data
    --> dot4prt.sys
    NOTE! Invalid compressed data
    --> dot4scan.sys
    NOTE! Invalid compressed data
    --> dot4usb.sys
    NOTE! Invalid compressed data
    --> dp83820.sys
    NOTE! Invalid compressed data
    --> dpcres.dll
    NOTE! Invalid compressed data
    --> dpti2o.sys
    NOTE! Invalid compressed data
    --> drmk.sys
    NOTE! Invalid compressed data
    --> drmkaud.sys
    NOTE! Invalid compressed data
    --> ds1wdm.sys
    NOTE! Invalid compressed data
    --> dshowext.ax
    NOTE! Invalid compressed data
    --> dspcli.bin
    NOTE! Invalid compressed data
    --> dspdload.bin
    NOTE! Invalid compressed data
    --> dspdqsig.bin
    NOTE! Invalid compressed data
    --> dvdplay.exe
    NOTE! Invalid compressed data
    --> e1000nt5.sys
    NOTE! Invalid compressed data
    --> e100b325.sys
    NOTE! Invalid compressed data
    --> e100isa4.sys
    NOTE! Invalid compressed data
    --> ecp2eres.dll
    NOTE! Invalid compressed data
    --> el515.sys
    NOTE! Invalid compressed data
    --> el556nd5.sys
    NOTE! Invalid compressed data
    --> el574nd4.sys
    NOTE! Invalid compressed data
    --> el575nd5.sys
    NOTE! Invalid compressed data
    --> el589nd5.sys
    NOTE! Invalid compressed data
    --> el656cd5.sys
    NOTE! Invalid compressed data
    --> el656ct5.sys
    NOTE! Invalid compressed data
    --> el656nd5.sys
    NOTE! Invalid compressed data
    --> el656se5.sys
    NOTE! Invalid compressed data
    --> el90xbc5.sys
    NOTE! Invalid compressed data
    --> el90xnd5.sys
    NOTE! Invalid compressed data
    --> el985n51.sys
    NOTE! Invalid compressed data
    --> el98xn5.sys
    NOTE! Invalid compressed data
    --> el99xn51.sys
    NOTE! Invalid compressed data
    --> elmsmc.sys
    NOTE! Invalid compressed data
    --> elnk3.sys
    NOTE! Invalid compressed data
    --> em556n4.sys
    NOTE! Invalid compressed data
    --> emu10k1m.sys
    NOTE! Invalid compressed data
    --> enum1394.sys
    NOTE! Invalid compressed data
    --> ep24res.dll
    NOTE! Invalid compressed data
    --> ep2bres.dll
    NOTE! Invalid compressed data
    --> ep9bres.dll
    NOTE! Invalid compressed data
    --> ep9res.dll
    NOTE! Invalid compressed data
    --> epcfw2k.sys
    NOTE! Invalid compressed data
    --> epcl5res.dll
    NOTE! Invalid compressed data
    --> epcl5ui.dll
    NOTE! Invalid compressed data
    --> epcl5ui.ini
    NOTE! Invalid compressed data
    --> eplrcz00.dll
    NOTE! Invalid compressed data
    --> eplvcd00.dll
    NOTE! Invalid compressed data
    --> eplvcd00.ini
    NOTE! Invalid compressed data
    --> epndde01.dat
    NOTE! Invalid compressed data
    --> epndde02.dat
    NOTE! Invalid compressed data
    --> epndde03.dat
    NOTE! Invalid compressed data
    --> epndde04.dat
    NOTE! Invalid compressed data
    --> epndde05.dat
    NOTE! Invalid compressed data
    --> epndde06.dat
    NOTE! Invalid compressed data
    --> epndde08.dat
    NOTE! Invalid compressed data
    --> epndde09.dat
    NOTE! Invalid compressed data
    --> epndde0a.dat
    NOTE! Invalid compressed data
    --> epndde11.dat
    NOTE! Invalid compressed data
    --> epndde12.dat
    NOTE! Invalid compressed data
    --> epndde13.dat
    NOTE! Invalid compressed data
    --> epndde14.dat
    NOTE! Invalid compressed data
    --> epndde15.dat
    NOTE! Invalid compressed data
    --> epndde16.dat
    NOTE! Invalid compressed data
    --> epndde2h.dat
    NOTE! Invalid compressed data
    --> epndde2j.dat
    NOTE! Invalid compressed data
    --> epndde2k.dat
    NOTE! Invalid compressed data
    --> epndde2m.dat
    NOTE! Invalid compressed data
    --> epndde3n.dat
    NOTE! Invalid compressed data
    --> epndde3o.dat
    NOTE! Invalid compressed data
    --> epndde3p.dat
    NOTE! Invalid compressed data
    --> epndde3q.dat
    NOTE! Invalid compressed data
    --> epndde3t.dat
    NOTE! Invalid compressed data
    --> epndde3v.dat
    NOTE! Invalid compressed data
    --> epndde4a.dat
    NOTE! Invalid compressed data
    --> epndde4b.dat
    NOTE! Invalid compressed data
    --> epndde4c.dat
    NOTE! Invalid compressed data
    --> epndde4d.dat
    NOTE! Invalid compressed data
    --> epndde4g.dat
    NOTE! Invalid compressed data
    --> epndde4h.dat
    NOTE! Invalid compressed data
    --> epndde4i.dat
    NOTE! Invalid compressed data
    --> epndde4j.dat
    NOTE! Invalid compressed data
    --> epndde4k.dat
    NOTE! Invalid compressed data
    --> epndde4l.dat
    NOTE! Invalid compressed data
    --> epndde4n.dat
    NOTE! Invalid compressed data
    --> epndde4p.dat
    NOTE! Invalid compressed data
    --> epndde4s.dat
    NOTE! Invalid compressed data
    --> epndde5a.dat
    NOTE! Invalid compressed data
    --> epndde5d.dat
    NOTE! Invalid compressed data
    --> epndrv01.dll
    NOTE! Invalid compressed data
    --> epndve01.ini
    NOTE! Invalid compressed data
    --> epndve02.ini
    NOTE! Invalid compressed data
    --> epndve03.ini
    NOTE! Invalid compressed data
    --> epndve04.ini
    NOTE! Invalid compressed data
    --> epndve05.ini
    NOTE! Invalid compressed data
    --> epndve06.ini
    NOTE! Invalid compressed data
    --> epndve08.ini
    NOTE! Invalid compressed data
    --> epndve09.ini
    NOTE! Invalid compressed data
    --> epndve0a.ini
    NOTE! Invalid compressed data
    --> epndve11.ini
    NOTE! Invalid compressed data
    --> epndve12.ini
    NOTE! Invalid compressed data
    --> epndve13.ini
    NOTE! Invalid compressed data
    --> epndve14.ini
    NOTE! Invalid compressed data
    --> epndve15.ini
    NOTE! Invalid compressed data
    --> epndve16.ini
    NOTE! Invalid compressed data
    --> epndve2h.ini
    NOTE! Invalid compressed data
    --> epndve2j.ini
    NOTE! Invalid compressed data
    --> epndve2k.ini
    NOTE! Invalid compressed data
    --> epndve2m.ini
    NOTE! Invalid compressed data
    --> epndve3n.ini
    NOTE! Invalid compressed data
    --> epndve3o.ini
    NOTE! Invalid compressed data
    --> epndve3p.ini
    NOTE! Invalid compressed data
    --> epndve3q.ini
    NOTE! Invalid compressed data
    --> epndve3t.ini
    NOTE! Invalid compressed data
    --> epndve3v.ini
    NOTE! Invalid compressed data
    --> epndve4a.ini
    NOTE! Invalid compressed data
    --> epndve4b.ini
    NOTE! Invalid compressed data
    --> epndve4c.ini
    NOTE! Invalid compressed data
    --> epndve4d.ini
    NOTE! Invalid compressed data
    --> epndve4g.ini
    NOTE! Invalid compressed data
    --> epndve4h.ini
    NOTE! Invalid compressed data
    --> epndve4i.ini
    NOTE! Invalid compressed data
    --> epndve4j.ini
    NOTE! Invalid compressed data
    --> epndve4k.ini
    NOTE! Invalid compressed data
    --> epndve4l.ini
    NOTE! Invalid compressed data
    --> epndve4n.ini
    NOTE! Invalid compressed data
    --> epndve4p.ini
    NOTE! Invalid compressed data
    --> epndve4s.ini
    NOTE! Invalid compressed data
    --> epndve5a.ini
    NOTE! Invalid compressed data
    --> epndve5d.ini
    NOTE! Invalid compressed data
    --> epngui10.dll
    NOTE! Invalid compressed data
    --> epngui11.hlp
    NOTE! Invalid compressed data
    --> epngui30.dll
    NOTE! Invalid compressed data
    --> epngui40.dll
    NOTE! Invalid compressed data
    --> epnhte2j.dll
    NOTE! Invalid compressed data
    --> epnhte2k.dll
    NOTE! Invalid compressed data
    --> epnhte2m.dll
    NOTE! Invalid compressed data
    --> epnhte3n.dll
    NOTE! Invalid compressed data
    --> epnhte3o.dll
    NOTE! Invalid compressed data
    --> epnhte3p.dll
    NOTE! Invalid compressed data
    --> epnhte3q.dll
    NOTE! Invalid compressed data
    --> epnhte3t.dll
    NOTE! Invalid compressed data
    --> epnhte3v.dll
    NOTE! Invalid compressed data
    --> epnhte4a.dll
    NOTE! Invalid compressed data
    --> epnhte4b.dll
    NOTE! Invalid compressed data
    --> epnhte4c.dll
    NOTE! Invalid compressed data
    --> epnhte4d.dll
    NOTE! Invalid compressed data
    --> epnhte4g.dll
    NOTE! Invalid compressed data
    --> epnhte4h.dll
    NOTE! Invalid compressed data
    --> epnhte4i.dll
    NOTE! Invalid compressed data
    --> epnhte4j.dll
    NOTE! Invalid compressed data
    --> epnhte4k.dll
    NOTE! Invalid compressed data
    --> epnhte4l.dll
    NOTE! Invalid compressed data
    --> epnhte4n.dll
    NOTE! Invalid compressed data
    --> epnhte4p.dll
    NOTE! Invalid compressed data
    --> epnhte4s.dll
    NOTE! Invalid compressed data
    --> epnhte5a.dll
    NOTE! Invalid compressed data
    --> epnhte5d.dll
    NOTE! Invalid compressed data
    --> epnhtx01.dll
    NOTE! Invalid compressed data
    --> epnhtx02.dll
    NOTE! Invalid compressed data
    --> epnhtx04.dll
    NOTE! Invalid compressed data
    --> epnhtx05.dll
    NOTE! Invalid compressed data
    --> epnhtx07.dll
    NOTE! Invalid compressed data
    --> epnhtx09.dll
    NOTE! Invalid compressed data
    --> epnhtx0a.dll
    NOTE! Invalid compressed data
    --> epnhtx11.dll
    NOTE! Invalid compressed data
    --> epnhtx12.dll
    NOTE! Invalid compressed data
    --> epnhtx13.dll
    NOTE! Invalid compressed data
    --> epnhtx14.dll
    NOTE! Invalid compressed data
    --> epnhtx15.dll
    NOTE! Invalid compressed data
    --> epnhtx16.dll
    NOTE! Invalid compressed data
    --> epnhtx2h.dll
    NOTE! Invalid compressed data
    --> epnutx22.dll
    NOTE! Invalid compressed data
    --> epro4.sys
    NOTE! Invalid compressed data
    --> epstw2k.sys
    NOTE! Invalid compressed data
    --> eqn.sys
    NOTE! Invalid compressed data
    --> eqndiag.exe
    NOTE! Invalid compressed data
    --> eqnlogr.exe
    NOTE! Invalid compressed data
    --> eqnloop.exe
    NOTE! Invalid compressed data
    --> es1370mp.sys
    NOTE! Invalid compressed data
    --> es1371mp.sys
    NOTE! Invalid compressed data
    --> es1969.sys
    NOTE! Invalid compressed data
    --> es198x.sys
    NOTE! Invalid compressed data
    --> es56cvmp.sys
    NOTE! Invalid compressed data
    --> es56hpi.sys
    NOTE! Invalid compressed data
    --> es56tpi.sys
    NOTE! Invalid compressed data
    --> escp2res.dll
    NOTE! Invalid compressed data
    --> ess.sys
    NOTE! Invalid compressed data
    --> essm2e.sys
    NOTE! Invalid compressed data
    --> esucm.dll
    NOTE! Invalid compressed data
    --> esuimg.dll
    NOTE! Invalid compressed data
    --> esuni.dll
    NOTE! Invalid compressed data
    --> esunib.dll
    NOTE! Invalid compressed data
    --> evpnt50i.chm
    NOTE! Invalid compressed data
    --> evpnt50p.chm
    NOTE! Invalid compressed data
    --> ex10.sys
    NOTE! Invalid compressed data
    --> exabyte2.sys
    NOTE! Invalid compressed data
    --> exp24res.dll
    NOTE! Invalid compressed data
    --> f3ab18xi.sys
    NOTE! Invalid compressed data
    --> f3ab18xj.sys
    NOTE! Invalid compressed data
    --> fa312nd5.sys
    NOTE! Invalid compressed data
    --> fa410nd5.sys
    NOTE! Invalid compressed data
    --> fdc.sys
    NOTE! Invalid compressed data
    --> fem556n5.sys
    NOTE! Invalid compressed data
    --> fepdense.bin
    NOTE! Invalid compressed data
    --> fepherc.bin
    NOTE! Invalid compressed data
    --> fepprime.bin
    NOTE! Invalid compressed data
    --> fetnd5.sys
    NOTE! Invalid compressed data
    --> flpydisk.sys
    NOTE! Invalid compressed data
    --> fnfilter.dll
    NOTE! Invalid compressed data
    --> forehe.sys
    NOTE! Invalid compressed data
    --> fpcibase.sys
    NOTE! Invalid compressed data
    --> fpcmbase.sys
    NOTE! Invalid compressed data
    --> fpnpbase.sys
    NOTE! Invalid compressed data
    --> fsvga.sys
    NOTE! Invalid compressed data
    --> ftdisk.sys
    NOTE! Invalid compressed data
    --> fu24res.dll
    NOTE! Invalid compressed data
    --> fu9res.dll
    NOTE! Invalid compressed data
    --> fupclres.dll
    NOTE! Invalid compressed data
    --> fus2base.sys
    NOTE! Invalid compressed data
    --> fusbbase.sys
    NOTE! Invalid compressed data
    --> fuusd.dll
    NOTE! Invalid compressed data
    --> fx5eres.dll
    NOTE! Invalid compressed data
    --> fxcon.bin
    NOTE! Invalid compressed data
    --> fxusbase.sys
    NOTE! Invalid compressed data
    --> g200d.dll
    NOTE! Invalid compressed data
    --> g200m.sys
    NOTE! Invalid compressed data
    --> g400d.dll
    NOTE! Invalid compressed data
    --> g400m.sys
    NOTE! Invalid compressed data
    --> gameenum.sys
    NOTE! Invalid compressed data
    --> gpr400.sys
    NOTE! Invalid compressed data
    --> grclass.sys
    NOTE! Invalid compressed data
    --> grserial.sys
    NOTE! Invalid compressed data
    --> hal.dll
    NOTE! Invalid compressed data
    --> halaacpi.dll
    NOTE! Invalid compressed data
    --> halacpi.dll
    NOTE! Invalid compressed data
    --> halapic.dll
    NOTE! Invalid compressed data
    --> halmacpi.dll
    NOTE! Invalid compressed data
    --> halmps.dll
    NOTE! Invalid compressed data
    --> halsp.dll
    NOTE! Invalid compressed data
    --> hcf_msft.sys
    NOTE! Invalid compressed data
    --> hid.dll
    NOTE! Invalid compressed data
    --> hidbatt.sys
    NOTE! Invalid compressed data
    --> hidclass.sys
    NOTE! Invalid compressed data
    --> hidgame.sys
    NOTE! Invalid compressed data
    --> hidparse.sys
    NOTE! Invalid compressed data
    --> hidserv.dll
    NOTE! Invalid compressed data
    --> hidusb.sys
    NOTE! Invalid compressed data
    --> hp20022.pcd
    NOTE! Invalid compressed data
    --> hp20036.pcd
    NOTE! Invalid compressed data
    --> hp22024.pcd
    NOTE! Invalid compressed data
    --> hp22036.pcd
    NOTE! Invalid compressed data
    --> hp23024.pcd
    NOTE! Invalid compressed data
    --> hp23036.pcd
    NOTE! Invalid compressed data
    --> hp25024.pcd
    NOTE! Invalid compressed data
    --> hp25036.pcd
    NOTE! Invalid compressed data
    --> hp33024.pcd
    NOTE! Invalid compressed data
    --> hp33036.pcd
    NOTE! Invalid compressed data
    --> hp35024.pcd
    NOTE! Invalid compressed data
    --> hp35036.pcd
    NOTE! Invalid compressed data
    --> hp60022.pcd
    NOTE! Invalid compressed data
    --> hp60036.pcd
    NOTE! Invalid compressed data
    --> hp650c22.pcd
    NOTE! Invalid compressed data
    --> hp650c36.pcd
    NOTE! Invalid compressed data
    --> hp75024.pcd
    NOTE! Invalid compressed data
    --> hp75036.pcd
    NOTE! Invalid compressed data
    --> hp750m24.pcd
    NOTE! Invalid compressed data
    --> hp750m36.pcd
    NOTE! Invalid compressed data
    --> hp7550pl.pcd
    NOTE! Invalid compressed data
    --> hp755cm.pcd
    NOTE! Invalid compressed data
    --> hp755cmm.pcd
    NOTE! Invalid compressed data
    --> hpc4500u.dll
    NOTE! Invalid compressed data
    --> hpcabout.dll
    NOTE! Invalid compressed data
    --> hpcclj1.dll
    NOTE! Invalid compressed data
    --> hpcclj1.ini
    NOTE! Invalid compressed data
    --> hpcclj2.ini
    NOTE! Invalid compressed data
    --> hpcclj3.ini
    NOTE! Invalid compressed data
    --> hpccljui.dll
    NOTE! Invalid compressed data
    --> hpcfont.dll
    NOTE! Invalid compressed data
    --> hpcjrr.dll
    NOTE! Invalid compressed data
    --> hpcjrrps.dll
    NOTE! Invalid compressed data
    --> hpcjrui.dll
    NOTE! Invalid compressed data
    --> hpclj.ini
    NOTE! Invalid compressed data
    --> hpclj2.ini
    NOTE! Invalid compressed data
    --> hpcljx.hlp
    NOTE! Invalid compressed data
    --> hpcstr.dll
    NOTE! Invalid compressed data
    --> hpdesign.pcd
    NOTE! Invalid compressed data
    --> hpdigwia.dll
    NOTE! Invalid compressed data
    --> hpdjres.dll
    NOTE! Invalid compressed data
    --> hpdmrxmx.pcd
    NOTE! Invalid compressed data
    --> hpdmsx.pcd
    NOTE! Invalid compressed data
    --> hpdpp22.pcd
    NOTE! Invalid compressed data
    --> hpdpp36.pcd
    NOTE! Invalid compressed data
    --> hpf880al.dll
    NOTE! Invalid compressed data
    --> hpf900al.dll
    NOTE! Invalid compressed data
    --> hpf940al.dll
    NOTE! Invalid compressed data
    --> hpfdj200.hlp
    NOTE! Invalid compressed data
    --> hpfdj50.ini
    NOTE! Invalid compressed data
    --> hpfimg50.dll
    NOTE! Invalid compressed data
    --> hpfud50.dll
    NOTE! Invalid compressed data
    --> hpfui50.dll
    NOTE! Invalid compressed data
    --> hpgl2pen.pcd
    NOTE! Invalid compressed data
    --> hpgt21.dll
    NOTE! Invalid compressed data
    --> hpgt21tk.dll
    NOTE! Invalid compressed data
    --> hpgt33.dll
    NOTE! Invalid compressed data
    --> hpgt33tk.dll
    NOTE! Invalid compressed data
    --> hpgt34.dll
    NOTE! Invalid compressed data
    --> hpgt34tk.dll
    NOTE! Invalid compressed data
    --> hpgt42.dll
    NOTE! Invalid compressed data
    --> hpgt42tk.dll
    NOTE! Invalid compressed data
    --> hpgt53.dll
    NOTE! Invalid compressed data
    --> hpgt53tk.dll
    NOTE! Invalid compressed data
    --> hpgtmcro.dll
    NOTE! Invalid compressed data
    --> hpljps1.ini
    NOTE! Invalid compressed data
    --> hpmoj50.ini
    NOTE! Invalid compressed data
    --> hpmopyui.ini
    NOTE! Invalid compressed data
    --> hpn.sys
    NOTE! Invalid compressed data
    --> hpoemui.dll
    NOTE! Invalid compressed data
    --> hpojwia.dll
    NOTE! Invalid compressed data
    --> hppjres.dll
    NOTE! Invalid compressed data
    --> hpqjres.dll
    NOTE! Invalid compressed data
    --> hpsjmcro.dll
    NOTE! Invalid compressed data
    --> hpt3xx.sys
    NOTE! Invalid compressed data
    --> hpt4qic.sys
    NOTE! Invalid compressed data
    --> hptjres.dll
    NOTE! Invalid compressed data
    --> hpv200al.dll
    NOTE! Invalid compressed data
    --> hpv600al.dll
    NOTE! Invalid compressed data
    --> hpv700al.dll
    NOTE! Invalid compressed data
    --> hpv800al.dll
    NOTE! Invalid compressed data
    --> hpv820al.dll
    NOTE! Invalid compressed data
    --> hpv850al.dll
    NOTE! Invalid compressed data
    --> hpv880al.dll
    NOTE! Invalid compressed data
    --> hpvdb720.dll
    NOTE! Invalid compressed data
    --> hpvdb820.dll
    NOTE! Invalid compressed data
    --> hpvdj200.hlp
    NOTE! Invalid compressed data
    --> hpvdj50.ini
    NOTE! Invalid compressed data
    --> hpvimg50.dll
    NOTE! Invali
    0
  • 1
  • 2
  • 3