[Demande assistance / virus] SVP

Résolu/Fermé
Yann - 24 févr. 2007 à 20:50
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 6 mars 2007 à 21:19
demande assistance / infection virus d'après rapports SVP---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 15:25:08 24/02/2007

+ Résultat de l'analyse:



C:\WINDOWS\BDE -> Adware.BrilliantDigital : Nettoyé.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Nettoyé.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Nettoyé.
HKU\S-1-5-21-1229272821-413027322-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Nettoyé.
C:\Program Files\PAL SPYREM -> Adware.PALSpywareRemover : Nettoyé.
C:\Program Files\PAL SPYREM\Quarantine -> Adware.PALSpywareRemover : Nettoyé.
C:\Program Files\PAL SPYREM\Reports -> Adware.PALSpywareRemover : Nettoyé.
C:\Program Files\PAL SPYREM\ee.url -> Adware.PALSpywareRemover : Nettoyé.
C:\Program Files\PAL SPYREM\klp.url -> Adware.PALSpywareRemover : Nettoyé.
C:\Program Files\PAL SPYREM\pct.url -> Adware.PALSpywareRemover : Nettoyé.
C:\Program Files\PAL SPYREM\popupe.url -> Adware.PALSpywareRemover : Nettoyé.
C:\Program Files\PAL SPYREM\spyrem.exe -> Adware.PALSpywareRemover : Nettoyé.
C:\WINDOWS\system32\jkkjkih.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039813.exe -> Downloader.Tiny.fk : Nettoyé.
C:\Program Files\Sunbelt Software\CounterSpy Client\Quarantine\CA8C01E8-8896-4BEA-BF0D-52209D\C0A5A9CC-1FFD-43CE-9990-08639C -> Trojan.Agent.qt : Nettoyé.
C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039814.dll -> Trojan.Agent.qt : Nettoyé.
C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039815.dll -> Trojan.Agent.qt : Nettoyé.
C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039832.exe -> Trojan.Dialer.rt : Nettoyé.


Fin du rapport

BitDefender Online Scanner



Scan report generated at: Sat, Feb 24, 2007 - 19:36:46





Scan path: A:\;C:\;D:\;E:\;F:\;







Statistics

Time
03:02:27

Files
435055

Folders
9101

Boot Sectors
2

Archives
8833

Packed Files
39185




Results

Identified Viruses
2

Infected Files
6

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
4




Engines Info

Virus Definitions
393347

Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll
Infected with: Trojan.Obfus.Gen

C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll
Disinfection failed

C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll
Deleted

C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039846.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039846.dll
Disinfection failed

C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039846.dll
Deleted

C:\WINDOWS\system32\awvtr.dll
Infected with: MemScan:Trojan.Vundo.AF

C:\WINDOWS\system32\awvtr.dll
Disinfection failed

C:\WINDOWS\system32\awvtr.dll
Delete failed

C:\WINDOWS\system32\maslapn.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\maslapn.dll
Disinfection failed

C:\WINDOWS\system32\maslapn.dll
Deleted

C:\WINDOWS\system32\setupapi.dll
Clean

C:\WINDOWS\system32\setupdll.dll
Clean

C:\WINDOWS\system32\setver.exe
Clean

C:\WINDOWS\system32\sfc.dll
Clean

C:\WINDOWS\system32\sfc.exe
Clean

C:\WINDOWS\system32\sfcfiles.dll
Clean

C:\WINDOWS\system32\sfc_os(3).dll
Clean

C:\WINDOWS\system32\sfc_os.dll
Clean

C:\WINDOWS\system32\sfmapi.dll
Clean

C:\WINDOWS\system32\sgpvqml.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\sgpvqml.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\sgpvqml.dll
Disinfection failed

C:\WINDOWS\system32\sgpvqml.dll
Disinfection failed

C:\WINDOWS\system32\sgpvqml.dll
Delete failed

C:\WINDOWS\system32\sgpvqml.dll
Delete failed

C:\WINDOWS\system32\shadow.exe
Clean

C:\WINDOWS\system32\share.exe
Clean

C:\WINDOWS\system32\shdoclc.dll
Clean

C:\WINDOWS\system32\shdocvw.dll
Clean

C:\WINDOWS\system32\shell.dll
Clean

C:\WINDOWS\system32\shell32(3).dll
Clean

C:\WINDOWS\system32\shell32.dll
Clean

C:\WINDOWS\system32\shellstyle.dll
Clean

C:\WINDOWS\system32\shfolder(2).dll
Clean

C:\WINDOWS\system32\shfolder.dll
Clean

C:\WINDOWS\system32\shgina.dll
Clean

C:\WINDOWS\system32\shiftjis.uce
Clean

C:\WINDOWS\system32\shimeng.dll
Clean

C:\WINDOWS\system32\shimgvw(2).dll
Clean

C:\WINDOWS\system32\shimgvw.dll
Clean

C:\WINDOWS\system32\shlwapi(3).dll
Clean

C:\WINDOWS\system32\shlwapi.dll
Clean

C:\WINDOWS\system32\shmedia.dll
Clean

C:\WINDOWS\system32\shmgrate.exe
Clean

C:\WINDOWS\system32\shrpubw.exe
Clean

C:\WINDOWS\system32\shscrap.dll
Clean

C:\WINDOWS\system32\shsvcs(3).dll
Clean

C:\WINDOWS\system32\shsvcs.dll
Clean

C:\WINDOWS\system32\shutdown.exe
Clean

C:\WINDOWS\system32\sigtab.dll
Clean

C:\WINDOWS\system32\sigverif.exe
Clean

C:\WINDOWS\system32\simpdata.tlb
Clean

C:\WINDOWS\system32\sisbkup.dll
Clean

C:\WINDOWS\system32\skdll.dll
Clean

C:\WINDOWS\system32\skeys.exe
Clean

C:\WINDOWS\system32\slayerxp.dll
Clean

C:\WINDOWS\system32\slbcsp.dll
Clean

C:\WINDOWS\system32\slbiop.dll
Clean

C:\WINDOWS\system32\slbrccsp.dll
Clean

C:\WINDOWS\system32\slcpappl.chm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#SYSTEM
Clean

C:\WINDOWS\system32\slcpappl.chm=>/SLCPAPPL.hhc
Clean

C:\WINDOWS\system32\slcpappl.chm=>/SLCPAPPL.hhk
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4701).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm=>(JAVASCRIPT 4)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm=>(JAVASCRIPT 5)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4703).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4702).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4707).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4706).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4410).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4402).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4403).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4404).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4405).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4406).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4708).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4710).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4704).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4705).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4407).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4004).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4010).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4002).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4005).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4003).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4006).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4007).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4408).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4401).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4008).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4001).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4101).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4502).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4510).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4503).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4504).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4505).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4506).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4110).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4102).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4103).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4104).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4105).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4106).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4107).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4108).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4610).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4307).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4308).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4301).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4507).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4508).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4501).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4310).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4602).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4302).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4303).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4304).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4305).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4306).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4605).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4810).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4802).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4803).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4804).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4805).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4806).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4807).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4808).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4604).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4606).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4607).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4608).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm=>(JAVASCRIPT 4)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm=>(JAVASCRIPT 5)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4601).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4603).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4201).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm=>(JAVASCRIPT 4)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm=>(JAVASCRIPT 5)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4801).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4206).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4208).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4207).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4901).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4902).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4210).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4202).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4203).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4204).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4205).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4907).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4711).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4811).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4411).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4011).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4111).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4511).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4311).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4611).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4903).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4904).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4906).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4908).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4910).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4905).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4911).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4211).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/external.js
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#BSSC
Clean

C:\WINDOWS\system32\slcpappl.chm=>/SLCPAPPL.brs
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image001.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image002.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image003.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image004.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image005.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image006.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image007.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#WINDOWS
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#IVB
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$WWKeywordLinks/Property
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$WWAssociativeLinks/Property
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$OBJINST
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$FIftiMain
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#IDXHDR
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#TOPICS
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#URLTBL
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#URLSTR
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#STRINGS
Clean

C:\WINDOWS\system32\slcpappl.cpl
Clean

C:\WINDOWS\system32\slextspk.dll
Clean

C:\WINDOWS\system32\slserv.exe
Clean

C:\WINDOWS\system32\sl_anet.acm
Clean

C:\WINDOWS\system32\smbinst.exe
Clean

C:\WINDOWS\system32\smlogcfg.dll
Clean

C:\WINDOWS\system32\smlogsvc.exe
Clean

C:\WINDOWS\system32\SMMSCRPT.DLL
Clean

C:\WINDOWS\system32\SMMSETUP.DLL
Clean

C:\WINDOWS\system32\smss.exe
Clean

C:\WINDOWS\system32\sndrec32.exe
Clean

C:\WINDOWS\system32\sndvol32.exe
Clean

C:\WINDOWS\system32\snmpapi(2).dll
Clean

C:\WINDOWS\system32\snmpapi.dll
Clean

C:\WINDOWS\system32\snmpsnap.dll
Clean

C:\WINDOWS\system32\softpub.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\5.8.0.2469\wuapi.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\5.8.0.2694\wuapi.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\5.8.0.2469\wups.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\5.8.0.2694\wups.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\5.8.0.2694\wups2.dll
Clean

C:\WINDOWS\system32\sol.exe
Clean

C:\WINDOWS\system32\sort.exe
Clean

C:\WINDOWS\system32\sortkey.nls
Clean

C:\WINDOWS\system32\sorttbls.nls
Clean

C:\WINDOWS\system32\sound.drv
Clean

C:\WINDOWS\system32\spider.exe
Clean

C:\WINDOWS\system32\spiisupd.exe
Clean

C:\WINDOWS\system32\spmsg.dll
Clean

C:\WINDOWS\system32\spnike.dll
Clean

C:\WINDOWS\system32\spnpinst.exe
Clean

C:\WINDOWS\system32\spool\drivers\color\AdobeRGB1998.icc
Clean

C:\WINDOWS\system32\spool\drivers\color\adod6522.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\appd6518.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\BetaRGB.icc
Clean

C:\WINDOWS\system32\spool\drivers\color\Diamond Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\ECI-RGB.V1.0.icc
Clean

C:\WINDOWS\system32\spool\drivers\color\European Print Medium GCR 320 UCR.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\Hitachi Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Prem Plus Photo(tricolor+black).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Prem Plus Photo(tricolor+photo).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Premium Paper(tricolor+black).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Premium Paper(tricolor+photo).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C4100-Prem Plus Photo(tricolor+gray).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C4100-Premium Paper(tricolor+gray).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP500ND.ICM
Clean

C:\WINDOWS\system32\spool\drivers\color\HP500NG.ICM
Clean

C:\WINDOWS\system32\spool\drivers\color\is330.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\Kodak SWOP Proofer CMYK-Coated.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\kodak_dc.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\NEC Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\sRGB Color Space Profile.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\Trinitron Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\2\olfaxdrv.fad
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\2\olfdnt40.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\2\olfunt40.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac4103.BUD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac4103.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac4103.xml
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac410a.ini
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpafax.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpafax.ini
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpafax.xml
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpahc410.exp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpaiofax.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpbcfgre.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpcdmc32.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPDJ500C.BUD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPDJ500C.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPDJRES.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfie054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfig054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfrs054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPk7hmlo.cfg
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPrbi85i.cfg
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPV600AL.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ200.HLP
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ50.INI
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ50.INI=>(unicode)
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ670.BUD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ670.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ67X.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ6XX.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVIMG50.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVNAM50.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUD50.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUI50.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3a054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3m054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3r054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzev054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzar054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzcs054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzhc054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzht054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzda054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzde054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzen054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzes054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzfr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzel054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzhe054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzit054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzja054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzko054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzhu054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpznl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzno054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzpl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzpt054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzru054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzsk054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzfi054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzsv054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzth054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpztr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzca054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpr054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzsc054.dtd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzsm054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzss054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzst054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzui054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzuifax.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\STDNAMES.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.HLP
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpac4103.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpac4103.xml
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpac410a.ini
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpahc410.exp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpbcfgre.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpcdmc32.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpfie054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpfig054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpfrs054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpz3a054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpz3m054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpz3r054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzev054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzar054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzcs054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzhc054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzht054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzda054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzde054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzen054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzes054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzfr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzel054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzhe054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzit054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzja054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzko054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzhu054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpznl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzno054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzpl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzpt054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzru054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzsk054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzfi054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzsv054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzth054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpztr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzca054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzpr054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzsc054.dtd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzsm054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzss054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzst054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzui054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\STDNAMES.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIDRV.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIDRV.HLP
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIDRVUI.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIRES.DLL
Clean

C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp054.dll
Clean

C:\WINDOWS\system32\spool\prtprocs\w32x86\OLFPNT40.DLL
Clean

C:\WINDOWS\system32\spool\prtprocs\w32x86\wfxprint2000.dll
Clean

C:\WINDOWS\system32\spoolss(2).dll
Clean

C:\WINDOWS\system32\spoolss.dll
Clean

C:\WINDOWS\system32\spoolsv.exe
Clean

C:\WINDOWS\system32\sprestrt.exe
Clean

C:\WINDOWS\system32\sprio600.dll
Clean

C:\WINDOWS\system32\sprio800.dll
Clean

C:\WINDOWS\system32\SPTBDOCK.OCX
Clean

C:\WINDOWS\system32\spupdsvc.exe
Clean

C:\WINDOWS\system32\spxcoins.dll
Clean

C:\WINDOWS\system32\sqlsodbc.chm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#SYSTEM
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_1.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_1.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_2.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_2.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_3.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_3.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_4.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_4.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_2000_copyright_and_disclaimer.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_2000_copyright_and_disclaimer.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_login_dialog_box.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_login_dialog_box.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coUA.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coUA_Ex.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coUA_Print.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/shared.js
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/caution.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coC.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coCb.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coE.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coEb.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/elle.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/important.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/keybrd.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/keybrd_.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/keybrd_c.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto_.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto_c.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/note.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/relglyph.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/relglyph_.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/relglyph_c.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/spacer.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/tip.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/warning.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/sqlsodbc.hhc
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#WINDOWS
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#IVB
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$WWKeywordLinks/Property
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$WWAssociativeLinks/Property
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$OBJINST
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$FIftiMain
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#IDXHDR
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#TOCIDX
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#TOPICS
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#URLTBL
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#URLSTR
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#STRINGS
Clean

C:\WINDOWS\system32\sqlsrv32.dll
Clean

C:\WINDOWS\system32\sqlsrv32.rll
Clean

C:\WINDOWS\system32\sqlunirl.dll
Clean

C:\WINDOWS\system32\sqlwid.dll
Clean

C:\WINDOWS\system32\sqlwoa.dll
Clean

C:\WINDOWS\system32\srclient.dll
Clean

C:\WINDOWS\system32\srrstr.dll
Clean

C:\WINDOWS\system32\srsvc(3).dll
Clean

C:\WINDOWS\system32\srsvc.dll
Clean

C:\WINDOWS\system32\srvsvc.dll
Clean

C:\WINDOWS\system32\ss3dfo.scr
Clean

C:\WINDOWS\system32\ssbezier.scr
Clean

C:\WINDOWS\system32\ssdpapi(3).dll
Clean

C:\WINDOWS\system32\ssdpapi.dll
Clean

C:\WINDOWS\system32\ssdpsrv(3).dll
Clean

C:\WINDOWS\system32\ssdpsrv.dll
Clean

C:\WINDOWS\system32\ssflwbox.scr
Clean

C:\WINDOWS\system32\ssldivx.dll
Clean

C:\WINDOWS\system32\ssmarque.scr
Clean

C:\WINDOWS\system32\ssmypics.scr
Clean

C:\WINDOWS\system32\ssmyst.scr
Clean

C:\WINDOWS\system32\sspipes.scr
Clean

C:\WINDOWS\system32\ssqro.dll
Infected with: MemScan:Trojan.Vundo.AF

C:\WINDOWS\system32\ssqro.dll
Infected with: MemScan:Trojan.Vundo.AF

C:\WINDOWS\system32\ssqro.dll
Disinfection failed

C:\WINDOWS\system32\ssqro.dll
Disinfection failed

C:\WINDOWS\system32\ssqro.dll
Deleted

C:\WINDOWS\system32\ssqro.dll
Deleted

C:\WINDOWS\system32\ssstars.scr
Clean

C:\WINDOWS\system32\sstext3d.scr
Clean

C:\WINDOWS\system32\start.cdi
Clean

C:\WINDOWS\system32\stclient.dll
Clean

C:\WINDOWS\system32\STDOLE.TLB
Clean

C:\WINDOWS\system32\stdole2.tlb
Clean

C:\WINDOWS\system32\stdole32.tlb
Clean

C:\WINDOWS\system32\sti(2).dll
Clean

C:\WINDOWS\system32\sti.dll
Clean

C:\WINDOWS\system32\stimon.exe
Clean

C:\WINDOWS\system32\sti_ci.dll
Clean

C:\WINDOWS\system32\STKIT432.DLL
Clean

C:\WINDOWS\system32\stobject(2).dll
Clean

C:\WINDOWS\system32\stobject.dll
Clean

C:\WINDOWS\system32\storage.dll
Clean

C:\WINDOWS\system32\storprop.dll
Clean

C:\WINDOWS\system32\streamci.dll
Clean

C:\WINDOWS\system32\strmdll(2).dll
Clean

C:\WINDOWS\system32\strmdll.dll
Clean

C:\WINDOWS\system32\strmfilt.dll
Clean

C:\WINDOWS\system32\subrange.uce
Clean

C:\WINDOWS\system32\subst.exe
Clean

C:\WINDOWS\system32\svchost.exe
Clean

C:\WINDOWS\system32\svcpack.dll
Clean

C:\WINDOWS\system32\swpdflt2.dll
Clean

C:\WINDOWS\system32\swprv.dll
Clean

C:\WINDOWS\system32\sxs(3).dll
Clean

C:\WINDOWS\system32\sxs.dll
Clean

C:\WINDOWS\system32\SymStore.dll
Clean

C:\WINDOWS\system32\syncapp.exe
Clean

C:\WINDOWS\system32\synceng.dll
Clean

C:\WINDOWS\system32\syncui.dll
Clean

C:\WINDOWS\system32\sysdm.cpl
Clean

C:\WINDOWS\system32\sysedit.exe
Clean

C:\WINDOWS\system32\sysinv.dll
Clean

C:\WINDOWS\system32\syskey.exe
Clean

C:\WINDOWS\system32\sysmon.ocx
Clean

C:\WINDOWS\system32\sysocmgr.exe
Clean

C:\WINDOWS\system32\sysprint.sep
Clean

C:\WINDOWS\system32\sysprtj.sep
Clean

C:\WINDOWS\system32\syssetup.dll
Clean

C:\WINDOWS\system32\system.drv
Clean

C:\WINDOWS\system32\systeminfo.exe
Clean

C:\WINDOWS\system32\systray.exe
Clean

C:\WINDOWS\system32\t2embed.dll
Clean

C:\WINDOWS\system32\tabctl32.ocx
Clean

C:\WINDOWS\system32\tapi.dll
Clean

C:\WINDOWS\system32\tapi3.dll
Clean

C:\WINDOWS\system32\tapi32(3).dll
Clean

C:\WINDOWS\system32\tapi32.dll
Clean

C:\WINDOWS\system32\tapiperf.dll
Clean

C:\WINDOWS\system32\tapisrv(3).dll
Clean

C:\WINDOWS\system32\tapisrv.dll
Clean

C:\WINDOWS\system32\tapiui.dll
Clean

C:\WINDOWS\system32\taskkill.exe
Clean

C:\WINDOWS\system32\tasklist.exe
Clean

C:\WINDOWS\system32\taskman.exe
Clean

C:\WINDOWS\system32\taskmgr.exe
Clean

C:\WINDOWS\system32\tcmsetup.exe
Clean

C:\WINDOWS\system32\tcpmib.dll
Clean

C:\WINDOWS\system32\tcpmon.dll
Clean

C:\WINDOWS\system32\tcpmon.ini
Clean

C:\WINDOWS\system32\tcpmonui.dll
Clean

C:\WINDOWS\system32\tcpsvcs.exe
Clean

C:\WINDOWS\system32\tdc.ocx
Clean

C:\WINDOWS\system32\telephon.cpl
Clean

C:\WINDOWS\system32\telnet.exe
Clean

C:\WINDOWS\system32\termcap
Clean

C:\WINDOWS\system32\termmgr.dll
Clean

C:\WINDOWS\system32\termsrv(3).dll
Clean

C:\WINDOWS\system32\termsrv.dll
Clean

C:\WINDOWS\system32\tftp.exe
Clean

C:\WINDOWS\system32\TFTP4484
Clean

C:\WINDOWS\system32\themeui(2).dll
Clean

C:\WINDOWS\system32\themeui.dll
Clean

C:\WINDOWS\system32\timedate.cpl
Clean

C:\WINDOWS\system32\timer.drv
Clean

C:\WINDOWS\system32\TLBINF32.DLL
Clean

C:\WINDOWS\system32\tlntadmn.exe
Clean

C:\WINDOWS\system32\tlntsess.exe
Clean

C:\WINDOWS\system32\tlntsvr.exe
Clean

C:\WINDOWS\system32\tlntsvrp.dll
Clean

C:\WINDOWS\system32\tm20dec.ax
Clean

C:\WINDOWS\system32\toolhelp.dll
Clean

C:\WINDOWS\system32\tourstart.exe
Clean

C:\WINDOWS\system32\tracerpt.exe
Clean

C:\WINDOWS\system32\tracert.exe
Clean

C:\WINDOWS\system32\tracert6.exe
Clean

C:\WINDOWS\system32\traffic.dll
Clean

C:\WINDOWS\system32\tree.com
Clean

C:\WINDOWS\system32\trkwks(3).dll
Clean

C:\WINDOWS\system32\trkwks.dll
Clean

C:\WINDOWS\system32\tsappcmp.dll
Clean

C:\WINDOWS\system32\tsbyuv.dll
Clean

C:\WINDOWS\system32\tscfgwmi.dll
Clean

C:\WINDOWS\system32\tscon.exe
Clean

C:\WINDOWS\system32\tscupgrd.exe
Clean

C:\WINDOWS\system32\tsd32.dll
Clean

C:\WINDOWS\system32\tsddd.dll
Clean

C:\WINDOWS\system32\tsdiscon.exe
Clean

C:\WINDOWS\system32\tskill.exe
Clean

C:\WINDOWS\system32\tslabels.h
Clean

C:\WINDOWS\system32\tslabels.ini
Clean

C:\WINDOWS\system32\tsshutdn.exe
Clean

C:\WINDOWS\system32\tssoft32.acm
Clean

C:\WINDOWS\system32\TWAIN_32.DLL
Clean

C:\WINDOWS\system32\twext.dll
Clean

C:\WINDOWS\system32\txflog.dll
Clean

C:\WINDOWS\system32\typelib.dll
Clean

C:\WINDOWS\system32\typeperf.exe
Clean

C:\WINDOWS\system32\udhisapi.dll
Clean

C:\WINDOWS\system32\ufat.dll
Clean

C:\WINDOWS\system32\ulib.dll
Clean

C:\WINDOWS\system32\umandlg.dll
Clean

C:\WINDOWS\system32\umdmxfrm.dll
Clean

C:\WINDOWS\system32\umpnpmgr(3).dll
Clean

C:\WINDOWS\system32\umpnpmgr.dll
Clean

C:\WINDOWS\system32\unaddrv.exe
Clean

C:\WINDOWS\system32\unam4ie.exe
Clean

C:\WINDOWS\system32\unicdime.ime
Clean

C:\WINDOWS\system32\unicode.nls
Clean

C:\WINDOWS\system32\uniime.dll
Clean

C:\WINDOWS\system32\unimdm.tsp
Clean

C:\WINDOWS\system32\unimdmat.dll
Clean

C:\WINDOWS\system32\uniplat.dll
Clean

C:\WINDOWS\system32\unlodctr.exe
Clean

C:\WINDOWS\system32\unrar.dll
Clean

C:\WINDOWS\system32\untfs.dll
Clean

C:\WINDOWS\system32\unzip32.dll
Clean

C:\WINDOWS\system32\upnp(3).dll
Clean

C:\WINDOWS\system32\upnp.dll
Clean

C:\WINDOWS\system32\upnpcont.exe
Clean

C:\WINDOWS\system32\upnphost.dll
Clean

C:\WINDOWS\system32\upnpui.dll
Clean

C:\WINDOWS\system32\ups.exe
Clean

C:\WINDOWS\system32\ureg.dll
Clean

C:\WINDOWS\system32\url(3).dll
Clean

C:\WINDOWS\system32\url.dll
Clean

C:\WINDOWS\system32\urlmon(3).dll
Clean

C:\WINDOWS\system32\urlmon.dll
Clean

C:\WINDOWS\system32\urqnkjh.dll
Clean

C:\WINDOWS\system32\URTTemp\fusion.dll
Clean

C:\WINDOWS\system32\URTTemp\mscoree.dll
Clean

C:\WINDOWS\system32\URTTemp\mscoree.dll.local
Clean

C:\WINDOWS\system32\URTTemp\mscorsn.dll
Clean

C:\WINDOWS\system32\URTTemp\mscorwks.dll
Clean

C:\WINDOWS\system32\URTTemp\msvcr71.dll
Clean

C:\WINDOWS\system32\URTTemp\regtlib.exe
Clean

C:\WINDOWS\system32\usbmon.dll
Clean

C:\WINDOWS\system32\usbui.dll
Clean

C:\WINDOWS\system32\usb_cpl.dll
Clean

C:\WINDOWS\system32\user.exe
Clean

C:\WINDOWS\system32\user32.dll
Clean

C:\WINDOWS\system32\userenv.dll
Clean

C:\WINDOWS\system32\userinit.exe
Clean

C:\WINDOWS\system32\usmt\guitrn.dll
Clean

C:\WINDOWS\system32\usmt\guitrn_a.dll
Clean

C:\WINDOWS\system32\usmt\iconlib.dll
Clean

C:\WINDOWS\system32\usmt\log.dll
Clean

C:\WINDOWS\system32\usmt\migapp.inf
Clean

C:\WINDOWS\system32\usmt\migapp.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migism.dll
Clean

C:\WINDOWS\system32\usmt\migism.inf
Clean

C:\WINDOWS\system32\usmt\migism.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migism_a.dll
Clean

C:\WINDOWS\system32\usmt\migload.exe
Clean

C:\WINDOWS\system32\usmt\migsys.inf
Clean

C:\WINDOWS\system32\usmt\migsys.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\miguser.inf
Clean

C:\WINDOWS\system32\usmt\miguser.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migwiz.exe
Clean

C:\WINDOWS\system32\usmt\migwiz.exe.manifest
Clean

C:\WINDOWS\system32\usmt\migwiz.exe.manifest=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migwiz.inf
Clean

C:\WINDOWS\system32\usmt\migwiz.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migwiz_a.exe
Clean

C:\WINDOWS\system32\usmt\script.dll
Clean

C:\WINDOWS\system32\usmt\script_a.dll
Clean

C:\WINDOWS\system32\usmt\sysfiles.inf
Clean

C:\WINDOWS\system32\usmt\sysfiles.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\sysmod.dll
Clean

C:\WINDOWS\system32\usmt\sysmod_a.dll
Clean

C:\WINDOWS\system32\usmt\usmtdef.inf
Clean

C:\WINDOWS\system32\usmt\usmtdef.inf=>(unicode)
Clean

C:\WINDOWS\system32\usp10(3).dll
Clean

C:\WINDOWS\system32\usp10.dll
Clean

C:\WINDOWS\system32\usrcntra.dll
Clean

C:\WINDOWS\system32\usrcoina.dll
Clean

C:\WINDOWS\system32\usrdpa.dll
Clean

C:\WINDOWS\system32\usrdtea.dll
Clean

C:\WINDOWS\system32\usrfaxa.dll
Clean

C:\WINDOWS\system32\usrlbva.dll
Clean

C:\WINDOWS\system32\usrlogon.cmd
Clean

C:\WINDOWS\system32\usrmlnka.exe
Clean

C:\WINDOWS\system32\usrprbda.exe
Clean

C:\WINDOWS\system32\usrrtosa.dll
Clean

C:\WINDOWS\system32\usrsdpia.dll
Clean

C:\WINDOWS\system32\usrshuta.exe
Clean

C:\WINDOWS\system32\usrsvpia.dll
Clean

C:\WINDOWS\system32\usrv42a.dll
Clean

C:\WINDOWS\system32\usrv80a.dll
Clean

C:\WINDOWS\system32\usrvoica.dll
Clean

C:\WINDOWS\system32\usrvpa.dll
Clean

C:\WINDOWS\system32\utildll.dll
Clean

C:\WINDOWS\system32\utilman.exe
Clean

C:\WINDOWS\system32\uwdf.exe
Clean

C:\WINDOWS\system32\uxtheme(3).dll
Clean

C:\WINDOWS\system32\uxtheme.dll
Clean

C:\WINDOWS\system32\v7vga.rom
Clean

C:\WINDOWS\system32\v7vga.rom=>REMOVED_NULLS
Clean

C:\WINDOWS\system32\VB5DB.DLL
Clean

C:\WINDOWS\system32\VB6FR.DLL
Clean

C:\WINDOWS\system32\VB6STKIT.DLL
Clean

C:\WINDOWS\system32\VBAEN32.OLB
Clean

C:\WINDOWS\system32\VBAEND32.OLB
Clean

C:\WINDOWS\system32\VBAFR32.OLB
Clean

C:\WINDOWS\system32\vbajet32.dll
Clean

C:\WINDOWS\system32\VBAME.DLL
Clean

C:\WINDOWS\system32\vbar332.dll
Clean

C:\WINDOWS\system32\vbicodec.ax
Clean

C:\WINDOWS\system32\vbisurf.ax
Clean

C:\WINDOWS\system32\vbscript(2).dll
Clean

C:\WINDOWS\system32\vbscript.dll
Clean

C:\WINDOWS\system32\vbsfr.dll
Clean

C:\WINDOWS\system32\vcdex.dll
Clean

C:\WINDOWS\system32\VCT3216.ACM
Clean

C:\WINDOWS\system32\VCT3216.DLL
Clean

C:\WINDOWS\system32\vdmdbg.dll
Clean

C:\WINDOWS\system32\vdmredir.dll
Clean

C:\WINDOWS\system32\VEN2232.OLB
Clean

C:\WINDOWS\system32\ver.dll
Clean

C:\WINDOWS\system32\verclsid.exe
Clean

C:\WINDOWS\system32\verifier.dll
Clean

C:\WINDOWS\system32\verifier.exe
Clean

C:\WINDOWS\system32\version.dll
Clean

C:\WINDOWS\system32\vfpodbc.dll
Clean

C:\WINDOWS\system32\vga.dll
Clean

C:\WINDOWS\system32\vga.drv
Clean

C:\WINDOWS\system32\vga256.dll
Clean

C:\WINDOWS\system32\vga64k.dll
Clean

C:\WINDOWS\system32\vidx16.dll
Clean

C:\WINDOWS\system32\Viewers\DEBMP.DLL
Clean

C:\WINDOWS\system32\Viewers\DEHEX.DLL
Clean

C:\WINDOWS\system32\Viewers\DEMET.DLL
Clean

C:\WINDOWS\system32\Viewers\DESS.DLL
Clean

C:\WINDOWS\system32\Viewers\DEWP.DLL
Clean

C:\WINDOWS\system32\Viewers\MSVIEWUT.DLL
Clean

C:\WINDOWS\system32\Viewers\QUIKVIEW.EXE
Clean

C:\WINDOWS\system32\Viewers\SCCVIEW.DLL
Clean

C:\WINDOWS\system32\Viewers\VSASC8.DLL
Clean

C:\WINDOWS\system32\Viewers\VSBMP.DLL
Clean

C:\WINDOWS\system32\Viewers\VSDRW.DLL
Clean

C:\WINDOWS\system32\Viewers\VSEXE.DLL
Clean

C:\WINDOWS\system32\Viewers\VSEXE2.DLL
Clean

C:\WINDOWS\system32\Viewers\VSMP.DLL
Clean

C:\WINDOWS\system32\Viewers\VSMSW.DLL
Clean

C:\WINDOWS\system32\Viewers\VSPP.DLL
Clean

C:\WINDOWS\system32\Viewers\VSQP6.DLL
Clean

C:\WINDOWS\system32\Viewers\VSRTF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSTIFF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSW6.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWKS.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWMF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWORD.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWORK.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWP5.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWP6.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWPF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSXL5.DLL
Clean

C:\WINDOWS\system32\vjoy.dll
Clean

C:\WINDOWS\system32\vmhelper.dll
Clean

C:\WINDOWS\system32\VOXMSDEC.AX
Clean

C:\WINDOWS\system32\VOXMVDEC.AX
Clean

C:\WINDOWS\system32\vp6dec_settings.cpl
Clean

C:\WINDOWS\system32\VSFLEX3.OCX
Clean

C:\WINDOWS\system32\vssadmin.exe
Clean

C:\WINDOWS\system32\vssapi(3).dll
Clean

C:\WINDOWS\system32\vssapi.dll
Clean

C:\WINDOWS\system32\vssvc.exe
Clean

C:\WINDOWS\system32\vss_ps.dll
Clean

C:\WINDOWS\system32\vwipxspx.dll
Clean

C:\WINDOWS\system32\vwipxspx.exe
Clean

C:\WINDOWS\system32\vxblock.dll
Clean

C:\WINDOWS\system32\w32n50.dll
Clean

C:\WINDOWS\system32\w32time(3).dll
Clean

C:\WINDOWS\system32\w32time.dll
Clean

C:\WINDOWS\system32\w32tm.exe
Clean

C:\WINDOWS\system32\w32topl.dll
Clean

C:\WINDOWS\system32\w3ssl.dll
Clean

C:\WINDOWS\system32\w95inf16.dll
Clean

C:\WINDOWS\system32\w95inf32.dll
Clean

C:\WINDOWS\system32\watchdog.sys
Clean

C:\WINDOWS\system32\wavemsp.dll
Clean

C:\WINDOWS\system32\wbcache.deu
Clean

C:\WINDOWS\system32\wbcache.enu
Clean

C:\WINDOWS\system32\wbcache.esn
Clean

C:\WINDOWS\system32\wbcache.fra
Clean

C:\WINDOWS\system32\wbcache.ita
Clean

C:\WINDOWS\system32\wbcache.nld
Clean

C:\WINDOWS\system32\wbcache.sve
Clean

C:\WINDOWS\system32\wbdbase.deu
Clean

C:\WINDOWS\system32\wbdbase.enu
Clean

C:\WINDOWS\system32\wbdbase.esn
Clean

C:\WINDOWS\system32\wbdbase.fra
Clean

C:\WINDOWS\system32\wbdbase.ita
Clean

C:\WINDOWS\system32\wbdbase.nld
Clean

C:\WINDOWS\system32\wbdbase.sve
Clean

C:\WINDOWS\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof=>(unicode)
A voir également:

31 réponses

green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
24 févr. 2007 à 22:19
Salut

Télécharge ceci sur ton bureau :

Lien : hijackthis

Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm

Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.

++
0
Merci de m'avoir répondu
Je vais tacher de suivre à la lettre vos conseils

Voici le rapport souhaité :

Logfile of HijackThis v1.99.1
Scan saved at 22:25:47, on 24/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office\1036\wfxmsrvr.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\PROGRA~1\MICROS~4\Office\1036\OLFMOD32.EXE
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServAlert.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\MURIE\Bureau\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
24 févr. 2007 à 22:32
ok, fais un clic droit sue l'icone du logiciel hijackthis < renommer < et nomme le CCM.exe

ensuite reposte un hijack stp

++
0
Voilà la suite :

Logfile of HijackThis v1.99.1
Scan saved at 22:41:03, on 24/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office\1036\wfxmsrvr.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\PROGRA~1\MICROS~4\Office\1036\OLFMOD32.EXE
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServAlert.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MURIE\Bureau\CCM.exe\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
24 févr. 2007 à 22:47
re

tu as renommé le fichier, il aurait fallu renommer l'executable, mais ce n'est pas très grave : il y a du vundo dans l'air ...

Téléchargez VundoFix.exe (par Atribune) sur ton Bureau :

http://www.atribune.org/ccount/click.php?id=4

*Double-clique VundoFix.exe afin de le lancer.
* Cochez Run VundoFix as a task.
* l'outil va se fermer et s'ouvrir à nouveau : cliquez Ok
* Cliquez sur le bouton Scan for Vundo.
* Lorsque le scan est complété, cliquez sur le bouton Remove Vundo.
* Une invite vous demandera supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* le PC va s'éteindre ("shutdown") : clique OK
* Démarrez votre PC à nouveau
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

++
0
De retour et motivé, voici la suite :

rapport Vundo :

C:\WINDOWS\system32\awvtr.dll
C:\WINDOWS\system32\rtvwa.ini

rapport Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 23:16:23, on 24/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MURIE\Bureau\CCM.exe\HijackThis.exe
C:\WINDOWS\system32\cidaemon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {361CF4EE-24CA-4A45-9476-085D1F9A06CF} - C:\WINDOWS\system32\urqnkjh.dll
O2 - BHO: (no name) - {59CA6513-5A5A-3FB4-D081-0BE271AEC009} - C:\WINDOWS\system32\sgpvqml.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AE784354-305C-4584-9DB9-35837752A28E} - C:\WINDOWS\system32\awvtr.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: urqnkjh - C:\WINDOWS\SYSTEM32\urqnkjh.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

merci !
0
J'ai oublié de vous signaler un message d'erreur vu lors du redémarrage de la machine :

"erreur de chargement de :
C:\Documents and settings\MURIE\Localm Settings\Application Data\maslapn.dll
Le module spécifié est introuvable"
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
24 févr. 2007 à 23:24
ok

relance vundofix et clic sur remouve vundo; poste le rapport ainsi qu'un nouveau hijack stp

++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
24 févr. 2007 à 23:25
pas grave !

continue !

++
0
Suite :


VundoFix V6.3.9

Checking Java version...

Java version is 1.5.0.9

Scan started at 22:53:09 24/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\awvtr.dll
C:\WINDOWS\system32\rtvwa.ini

VundoFix V6.3.9

Checking Java version...

Java version is 1.5.0.9

Scan started at 23:00:01 24/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\awvtr.dll
C:\WINDOWS\system32\rtvwa.ini

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awvtr.dll
C:\WINDOWS\system32\awvtr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rtvwa.ini
C:\WINDOWS\system32\rtvwa.ini Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.9

Checking Java version...

Java version is 1.5.0.9

Scan started at 23:26:44 24/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\hjkmp.ini
C:\WINDOWS\system32\pmkjh.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\hjkmp.ini
C:\WINDOWS\system32\hjkmp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\pmkjh.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\pmkjh.dll Has been deleted!

Performing Repairs to the registry.
Done!


Hijackthis :


Logfile of HijackThis v1.99.1
Scan saved at 23:43:56, on 24/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MURIE\Bureau\CCM.exe\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {361CF4EE-24CA-4A45-9476-085D1F9A06CF} - C:\WINDOWS\system32\urqnkjh.dll
O2 - BHO: (no name) - {59CA6513-5A5A-3FB4-D081-0BE271AEC009} - C:\WINDOWS\system32\sgpvqml.dll
O2 - BHO: (no name) - {732FFB66-67CF-4AF3-B466-774935A94C3F} - C:\WINDOWS\system32\pmkjh.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AE784354-305C-4584-9DB9-35837752A28E} - C:\WINDOWS\system32\awvtr.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: urqnkjh - C:\WINDOWS\SYSTEM32\urqnkjh.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

Est-ce normal que plus on avance, plus l'ordi rame ?!
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
24 févr. 2007 à 23:50
re

ouep ! un peu normal que ça rame !

télécharge l2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe
Double-cliquer sur l2mfix.exe pour lancer l'extraction
Dans le dossier l2mfix, double clic sur l2mfix.bat, appuyer sur n'importe quelle touche puis choisir l'option #1 (et pas autre chose) et valider avec la touche entre.
Le bloc note va s'ouvrir avec le rsultat du scan.copie/colles le rapport ici


ensuite :

Télécharge SDFix sur ton bureau

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis

la suite : demain ;-)

@+
0
La suite tant bien que mal, car je suis loin d'etre un pro en informatique ...


L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqnkjh]
"Asynchronous"=dword:00000001
"DllName"="urqnkjh.dll"
"Impersonate"=dword:00000000
"Logon"="Logon"
"Logoff"="Logoff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturo]
"Asynchronous"=dword:00000001
"DllName"="C:\\WINDOWS\\system32\\vturo.dll"
"Impersonate"=dword:00000000
"Startup"="SysLogon"
"Logoff"="SysLogoff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Play as Playlist Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Unbind"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{BDA77241-42F6-11d0-85E2-00AA001FE28C}"="LDVP Shell Extensions"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{472083B0-C522-11CF-8763-00608CC02F24}"="avast"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{35786D3C-B075-49b9-88DD-029876E11C01}"="Portable Devices"
"{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}"="Portable Devices Menu"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"

**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
divx.dll Thu 1 Feb 2007 5:56:06 A.... 639 066 624,09 K
divxwm~1.dll Tue 12 Dec 2006 17:24:44 A.... 12 288 12,00 K
divx_x~1.dll Thu 1 Feb 2007 5:56:06 A.... 823 296 804,00 K
divx_x~2.dll Thu 1 Feb 2007 5:56:08 A.... 823 296 804,00 K
divx_x~3.dll Thu 1 Feb 2007 5:56:06 A.... 802 816 784,00 K
dpl100.dll Tue 30 Jan 2007 5:56:58 A.... 73 728 72,00 K
dpu10.dll Tue 30 Jan 2007 5:56:54 A.... 294 912 288,00 K
dpu11.dll Tue 30 Jan 2007 5:56:54 A.... 294 912 288,00 K
dpugui10.dll Tue 30 Jan 2007 5:56:56 A.... 53 248 52,00 K
dpugui11.dll Tue 30 Jan 2007 5:56:54 A.... 593 920 580,00 K
dpus11.dll Tue 30 Jan 2007 5:56:54 A.... 344 064 336,00 K
dpv11.dll Tue 30 Jan 2007 5:56:54 A.... 57 344 56,00 K
dtu100.dll Tue 30 Jan 2007 5:56:58 A.... 196 608 192,00 K
elbycdio.dll Wed 13 Dec 2006 21:24:44 A.... 89 296 87,20 K
geebx.dll Sat 24 Feb 2007 23:49:26 ..SH. 281 652 275,05 K
geeda.dll Sat 24 Feb 2007 23:49:10 ..... 281 652 275,05 K
libdivx.dll Tue 30 Jan 2007 6:03:28 A.... 1 044 480 1020,00 K
px.dll Tue 30 Jan 2007 6:03:36 ..... 527 096 514,74 K
pxafs.dll Tue 30 Jan 2007 6:03:36 ..... 129 784 126,74 K
pxdrv.dll Tue 30 Jan 2007 6:03:36 ..... 502 520 490,74 K
pxmas.dll Tue 30 Jan 2007 6:03:36 ..... 183 032 178,74 K
pxsfs.dll Tue 30 Jan 2007 6:03:36 ..... 1 329 912 1,27 M
pxwave.dll Tue 30 Jan 2007 6:03:36 ..... 379 640 370,74 K
qt-dx331.dll Tue 30 Jan 2007 6:03:42 A.... 3 596 288 3,43 M
sgpvqml.dll Fri 23 Feb 2007 22:53:32 A.... 57 856 56,50 K
ssldivx.dll Tue 30 Jan 2007 6:03:28 A.... 200 704 196,00 K
urqnkjh.dll Fri 23 Feb 2007 22:53:34 ..SH. 26 637 26,01 K
vturo.dll Sat 24 Feb 2007 23:49:20 ..SH. 281 652 275,05 K
vxblock.dll Tue 30 Jan 2007 6:03:36 ..... 39 672 38,74 K

29 items found: 29 files (3 H/S), 0 directories.
Total of file sizes: 13 961 371 bytes 13,31 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
mcrh.tmp Sat 24 Feb 2007 0:37:30 A.... 143 0,14 K

1 item found: 1 file, 0 directories.
Total of file sizes: 143 bytes 0,14 K
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 48DE-ABDD

R‚pertoire de C:\WINDOWS\System32

24/02/2007 23:57 495 orutv.ini
24/02/2007 23:49 353 xbeeg.ini
24/02/2007 23:49 281ÿ652 geebx.dll
24/02/2007 23:49 281ÿ652 vturo.dll
23/02/2007 23:00 353 orqss.ini
23/02/2007 22:53 26ÿ637 urqnkjh.dll
07/02/2007 19:36 <REP> dllcache
02/10/2006 05:19 3ÿ350 KGyGaAvL.sys
01/10/2006 07:56 88 A55F8F4B8C.sys
21/11/2002 22:22 <REP> Microsoft
8 fichier(s) 594ÿ580 octets
2 R‚p(s) 23ÿ067ÿ054ÿ080 octets libres




SDFix: Version 1.68

Run by MURIE - 25/02/2007 @ 0:09:58.07

Microsoft Windows XP [version 5.1.2600]

Running From: C:\Documents and Settings\MURIE\Bureau\SDFix\SDFix

Safe Mode:
Checking Services:

Name:

Path:


Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\system32\TFTP4484 - Deleted



ADS Check:

C:\WINDOWS\system32
No streams found.


Final Check:

Remaining Services:
------------------


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\prosys32.exe"="C:\\prosys32.exe:*:Enabled:prosys32"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\EA SPORTS\\Madden NFL 2005\\updater.exe"="C:\\Program Files\\EA SPORTS\\Madden NFL 2005\\updater.exe:*:Enabled:Updater"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Disabled:eMule"
"C:\\Program Files\\Microsoft Office\\Office\\1036\\WFXMSRVR.EXE"="C:\\Program Files\\Microsoft Office\\Office\\1036\\WFXMSRVR.EXE:*:Disabled:WFXMSRVR"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9 crack.exe"="C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9 crack.exe:*:Enabled:Microsoft Flight Simulator"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe"="C:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"="C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\MURIE\Bureau\SDFix\SDFix\backups\backups.zip


Checking For Files with Hidden Attributes :

C:\WINDOWS\system32\geebx.dll
C:\WINDOWS\system32\urqnkjh.dll
C:\WINDOWS\system32\vturo.dll
C:\Documents and Settings\MURIE\Mes documents\Fichiers Flight Simulator\Avions\Concorde\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Extras\Kochcorde-Fs2002.exe
C:\Documents and Settings\MURIE\Mes documents\Fichiers Flight Simulator\Avions\Concorde\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Extras\Kochcorde-Fs9.exe
C:\Documents and Settings\MURIE\Mes documents\Fichiers Flight Simulator\Avions\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Extras\Kochcorde-Fs2002.exe
C:\Documents and Settings\MURIE\Mes documents\Fichiers Flight Simulator\Avions\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Extras\Kochcorde-Fs9.exe
C:\Program Files\Microsoft Games\Flight Simulator 9\Aircraft\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Extras\Kochcorde-Fs2002.exe
C:\Program Files\Microsoft Games\Flight Simulator 9\Aircraft\Concorde For Microsoft Flight Simulator series FS2002 & FS2004\Extras\Kochcorde-Fs9.exe
C:\WINDOWS\system32\bjln.exe
C:\WINDOWS\system32\bndhrq.exe
C:\WINDOWS\system32\A55F8F4B8C.sys
C:\WINDOWS\system32\KGyGaAvL.sys
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Documents and Settings\MURIE\Application Data\Microsoft\Word\~WRL0004.tmp
C:\Documents and Settings\MURIE\Application Data\Microsoft\Word\~WRL0427.tmp
C:\Documents and Settings\MURIE\Application Data\Microsoft\Word\~WRL0785.tmp
C:\Documents and Settings\MURIE\Application Data\Microsoft\Word\~WRL1767.tmp
C:\Program Files\Google\BIT50.tmp
C:\Program Files\InterActual\InterActual Player\iti1.tmp
C:\WINDOWS\system32\config\default.tmp.LOG
C:\WINDOWS\system32\config\software.tmp.LOG
C:\WINDOWS\system32\config\system.tmp.LOG

Add/Remove Programs List:

Commande ECHO d‚sactiv‚e.
EA SPORTS online 2005
Adobe Acrobat 4.0, 5.0
Plus! MP3 Audio Converter LE
avast! Antivirus
AVG Anti-Spyware 7.5
CCleaner (remove only)
CloneCD
Microsoft Combat Flight Simulator 3.0
Copy Utility
eJay Special Edition 2 - Deinstallation
DASSAULT FALCON 50
Data Access Objects (DAO) 3.5
DivX Content Uploader
DVD Shrink 3.2
eMule
Microsoft Fighter Ace II
Microsoft Flight Simulator 2004 Un siŠcle d'aviation
Furnish Pro
HijackThis 1.99.1
Hijackthis Version Fran‡aise
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Solution Center 7.0
HP Customer Participation Program 7.0
OCR Software by I.R.I.S 7.0
InCD (ahead software)
Canon Utilities EOS Capture 1.3
Canon Utilities PhotoStitch 3.1
Canon RemoteCapture Task for ZoomBrowser EX
Canon EOS Kiss_N REBEL_XT 350D Pilote WIA
Canon Camera Support Core Library
Canon Utilities Digital Photo Professional 1.6.1
Canon Camera Window DS for ZoomBrowser EX
QuickTime
Canon Internet Library for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Camera Window DVC for ZoomBrowser EX
Canon Camera Window for ZoomBrowser EX
InterActual Player
InterBase 6 Open Edition - 6.0.2.0
IrfanView (remove only)
IvAe v0.8.6 + Data Update November 2006
IvAp v1.3.4 (b1842)
Correctif Windows XP - KB873339
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB888302
Correctif Windows XP - KB890859
Correctif Windows XP - KB891781
Koch Media Ltd Fly through the decades - Concorde FS2004 Version 2.1.0
Language Pack for Ad-aware 6
Librairies 2.7.5
Look 'n' Stop 1.04 Beta 01
Mozilla Firefox (1.5)
Mozilla Thunderbird (1.5)
Media Library Management Wizard
Microsoft Compression Client Pack 1.0 for Windows XP
Compl‚ment MSN pour Windows Messenger
MTL v2.0.1
Multimedia Keyboard Driver
Navigation 2.7
NeroMediaPlayer
NVIDIA Display Driver
PCI Audio Applications
PCI Audio Driver
Personal Antispy
Pixie 1.4.1
PowerDVD
Registry Mechanic 6.0
Shockwave
Adobe Flash Player 9 ActiveX
SideWinder Force Feedback 2
Skype 3.0
Aero - QCM
TeamSpeak 2 RC2
Skype add-on for IE
SmartUSB56 Voice Modem
Winamp (remove only)
Lecteur Windows Mediaÿ11
WinISO 5.3
Archiveur WinRAR
Windows Media Bonus Pack for Windows XP
Microsoft User-Mode Driver Framework Feature Pack 1.0
Yahoo! Anti-Spy
Yahoo! Toolbar avec bloqueur de fenˆtres pop-up
Yahoo! Toolbar
Yahoo! Install Manager
Microsoft Office 2000 Professional
Logiciel iTouch de Logitech
SlideShow
cp_OnlineProjectsConfig
EOS Capture 1.3
AutoUpdate
A310-300 The Master's Edition
PhotoStitch
Google Toolbar for Internet Explorer
HPPhotoSmartExpress
RemoteCapture Task 1.1
Sonic_PrimoSDK
FSNavigator
J2SE Runtime Environment 5.0 Update 9
J2SE Runtime Environment 5.0 Update 10
SkinsHP1
Canon Camera WIA Driver
PanoStandAlone
Skype Plugin Manager
Google Earth
DAEMON Tools
CP_Package_Basic1
BufferChm
SAGEM F@st 800-840
HPProductAssistant
FullDPAppQFolder
Camera Support Core Library
Logitech MouseWare 9.42 .1
WebReg
RandMap
eSupportQFolder
FotoStation Easy
PowerDVD
AiOSoftwareNPI
Toolbox
CustomerResearchQFolder
Readme
Madden NFL 06
Canon Utilities Digital Photo Professional 1.6.1
DivX Codec
Camera Window DS
DocumentViewerQFolder
ProductContextNPI
Status
Canon PhotoRecord
DocProcQFolder
DocProc
DivX Player
Unload
Logitech Desktop Messenger
QuickTime
Internet Library
CounterSpy
ScannerCopy
Microsoft .NET Framework 1.1 French Language Pack
RAW Image Task 2.0
InstantShareDevices
Camera Window DVC
DeviceManagementQFolder
Adobe Reader 7.0.7 - Fran‡ais
DivX Converter
cp_PosterPrintConfig
CueTour
CP_Panorama1Config
DivX Web Player
HP Software Update
HP Photosmart, Officejet and Deskjet 7.0.A
PhotoGallery
Canon ZoomBrowser EX
SolutionCenter
AiO_Scan_CDA
Microsoft .NET Framework 1.1
MTX MotoTrax
Paint Shop Pro 7
TrayApp
MarketResearch
Camera Window MC
ScanToWeb
CP_CalendarTemplates1
InstantShareDevicesMFC
Scan
WinPhone
Fax_CDA
Logitech Gaming Software
Destinations
NewCopy_CDA
DocumentViewer
ACE Mega CoDecS Pack

Finished


Logfile of HijackThis v1.99.1
Scan saved at 00:37:06, on 25/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\CounterSpy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Documents and Settings\MURIE\Bureau\CCM.exe\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe



merci et à demain pour la suite
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
25 févr. 2007 à 14:13
Salut

suite :

Quitter le net, le navigateur, et toutes autres fenêtres d'applications ;
- Double-cliquer sur l2mfix.bat ;
- Choisir OPTION 2 (Run fix) et valider par la touche [Entrée] ;
- A l'invite, appuyer sur une touche du clavier pour redémarrer le PC ;
=> Au redémarrage, le nettoyage de L2mFix se poursuit, puis génère le résultat du nettoyage en ouvrant le Bloc-notes ; se reconnecter pour le poster au forum.


ensuite reposte un nouveau hijackthis stp

++
0
Je ne suis pas sur d'executer le bon fichier donc je préfère dans le doute te proposer les différents choix dont je dispose en explorant l2mfix, afin que tu puisses me guider précisemment :

backregs
dlls
regfixes
direct
fixautont.html
keypress
l2mfix
locate
not
Ntrights
pv
pv
readme
report
restart
second
strings
zip

Merci
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
25 févr. 2007 à 18:11
re

choisis l2mfix.bat , le même qui t'as permis de faire le 1er rapport

++
0
L2mfix 051206
Creating Account.
La commande s'est termin‚e correctement.

Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\system32

Killing Processes!
Killing 'smss.exe'
\SystemRoot\System32\smss.exe (468)
Killing 'winlogon.exe'
winlogon.exe (540)
Killing 'explorer.exe'
C:\WINDOWS\Explorer.EXE (3532)
Killing 'rundll32.exe'
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!



Restoring Windows Update Certificates.:

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqnkjh]
"Asynchronous"=dword:00000001
"DllName"="urqnkjh.dll"
"Impersonate"=dword:00000000
"Logon"="Logon"
"Logoff"="Logoff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturo]
"Asynchronous"=dword:00000001
"DllName"="C:\\WINDOWS\\system32\\vturo.dll"
"Impersonate"=dword:00000000
"Startup"="SysLogon"
"Logoff"="SysLogoff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001


The following are the files found:
****************************************************************************

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************

****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
zip warning: name not matched: dlls\*.*

zip error: Nothing to do! (backup.zip)
adding: backregs/notibac.reg (164 bytes security) (deflated 88%)
adding: backregs/shell.reg (164 bytes security) (deflated 73%)




Logfile of HijackThis v1.99.1
Scan saved at 18:31:15, on 25/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\CounterSpy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {361CF4EE-24CA-4A45-9476-085D1F9A06CF} - C:\WINDOWS\system32\urqnkjh.dll (file missing)
O2 - BHO: (no name) - {59CA6513-5A5A-3FB4-D081-0BE271AEC009} - C:\WINDOWS\system32\sgpvqml.dll
O2 - BHO: (no name) - {732FFB66-67CF-4AF3-B466-774935A94C3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AE784354-305C-4584-9DB9-35837752A28E} - (no file)
O2 - BHO: (no name) - {BC982BD9-F174-42CE-9813-7E3802064153} - C:\WINDOWS\system32\vturo.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: urqnkjh - urqnkjh.dll (file missing)
O20 - Winlogon Notify: vturo - C:\WINDOWS\system32\vturo.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe


merci
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
25 févr. 2007 à 18:48
re

ok,

Télécharge VirtumundoBegone sur le bureau:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Double clique ensuite sur VirtumundoBeGone.exe et suis les instructions.
Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le bureau dans ta prochaine réponse avec un nouveau rapport HijackThis.
Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale", c'est normal et attendu


ensuite remets un nouveau hijack stp

@+
0
Pas vu l'écran bleu + erreur fatale, voici la suite :


[02/25/2007, 18:50:57] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\MURIE\Bureau\VirtumundoBeGone.exe" )
[02/25/2007, 18:51:04] - Detected System Information:
[02/25/2007, 18:51:04] - Windows Version: 5.1.2600, Service Pack 2
[02/25/2007, 18:51:04] - Current Username: MURIE (Admin)
[02/25/2007, 18:51:04] - Windows is in NORMAL mode.
[02/25/2007, 18:51:04] - Searching for Browser Helper Objects:
[02/25/2007, 18:51:04] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/25/2007, 18:51:04] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/25/2007, 18:51:04] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/25/2007, 18:51:04] - BHO 4: {361CF4EE-24CA-4A45-9476-085D1F9A06CF} ()
[02/25/2007, 18:51:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:04] - Checking for HKLM\...\Winlogon\Notify\urqnkjh
[02/25/2007, 18:51:04] - Found: HKLM\...\Winlogon\Notify\urqnkjh - This is probably Virtumundo.
[02/25/2007, 18:51:04] - Assigning {361CF4EE-24CA-4A45-9476-085D1F9A06CF} MSEvents Object
[02/25/2007, 18:51:04] - BHO list has been changed! Starting over...
[02/25/2007, 18:51:04] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/25/2007, 18:51:04] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/25/2007, 18:51:04] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/25/2007, 18:51:04] - BHO 4: {361CF4EE-24CA-4A45-9476-085D1F9A06CF} (MSEvents Object)
[02/25/2007, 18:51:04] - ALERT: Found MSEvents Object!
[02/25/2007, 18:51:04] - BHO 5: {59CA6513-5A5A-3FB4-D081-0BE271AEC009} ()
[02/25/2007, 18:51:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:04] - Checking for HKLM\...\Winlogon\Notify\sgpvqml
[02/25/2007, 18:51:04] - Key not found: HKLM\...\Winlogon\Notify\sgpvqml, continuing.
[02/25/2007, 18:51:04] - BHO 6: {732FFB66-67CF-4AF3-B466-774935A94C3F} ()
[02/25/2007, 18:51:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:04] - No filename found. Continuing.
[02/25/2007, 18:51:04] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/25/2007, 18:51:04] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/25/2007, 18:51:04] - BHO 9: {AE784354-305C-4584-9DB9-35837752A28E} ()
[02/25/2007, 18:51:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:05] - No filename found. Continuing.
[02/25/2007, 18:51:05] - BHO 10: {BC982BD9-F174-42CE-9813-7E3802064153} ()
[02/25/2007, 18:51:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:05] - Checking for HKLM\...\Winlogon\Notify\vturo
[02/25/2007, 18:51:05] - Found: HKLM\...\Winlogon\Notify\vturo - This is probably Virtumundo.
[02/25/2007, 18:51:05] - Assigning {BC982BD9-F174-42CE-9813-7E3802064153} MSEvents Object
[02/25/2007, 18:51:05] - BHO list has been changed! Starting over...
[02/25/2007, 18:51:05] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/25/2007, 18:51:05] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/25/2007, 18:51:05] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/25/2007, 18:51:05] - BHO 4: {361CF4EE-24CA-4A45-9476-085D1F9A06CF} (MSEvents Object)
[02/25/2007, 18:51:05] - ALERT: Found MSEvents Object!
[02/25/2007, 18:51:05] - BHO 5: {59CA6513-5A5A-3FB4-D081-0BE271AEC009} ()
[02/25/2007, 18:51:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:05] - Checking for HKLM\...\Winlogon\Notify\sgpvqml
[02/25/2007, 18:51:05] - Key not found: HKLM\...\Winlogon\Notify\sgpvqml, continuing.
[02/25/2007, 18:51:05] - BHO 6: {732FFB66-67CF-4AF3-B466-774935A94C3F} ()
[02/25/2007, 18:51:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:05] - No filename found. Continuing.
[02/25/2007, 18:51:05] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/25/2007, 18:51:05] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/25/2007, 18:51:05] - BHO 9: {AE784354-305C-4584-9DB9-35837752A28E} ()
[02/25/2007, 18:51:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:05] - No filename found. Continuing.
[02/25/2007, 18:51:05] - BHO 10: {BC982BD9-F174-42CE-9813-7E3802064153} (MSEvents Object)
[02/25/2007, 18:51:05] - ALERT: Found MSEvents Object!
[02/25/2007, 18:51:05] - Finished Searching Browser Helper Objects
[02/25/2007, 18:51:05] - *** Detected MSEvents Object
[02/25/2007, 18:51:05] - Trying to remove MSEvents Object...
[02/25/2007, 18:51:06] - Terminating Process: IEXPLORE.EXE
[02/25/2007, 18:51:07] - Terminating Process: RUNDLL32.EXE
[02/25/2007, 18:51:07] - Disabling Automatic Shell Restart
[02/25/2007, 18:51:07] - Terminating Process: EXPLORER.EXE
[02/25/2007, 18:51:07] - Suspending the NT Session Manager System Service
[02/25/2007, 18:51:07] - Terminating Windows NT Logon/Logoff Manager
[02/25/2007, 18:51:08] - Re-enabling Automatic Shell Restart
[02/25/2007, 18:51:08] - File to disable: C:\WINDOWS\system32\urqnkjh.dll
[02/25/2007, 18:51:08] - Removing HKLM\...\Browser Helper Objects\{361CF4EE-24CA-4A45-9476-085D1F9A06CF}
[02/25/2007, 18:51:08] - Removing HKCR\CLSID\{361CF4EE-24CA-4A45-9476-085D1F9A06CF}
[02/25/2007, 18:51:08] - Adding Kill Bit for ActiveX for GUID: {361CF4EE-24CA-4A45-9476-085D1F9A06CF}
[02/25/2007, 18:51:08] - Deleting ATLEvents/MSEvents Registry entries
[02/25/2007, 18:51:08] - Removing HKLM\...\Winlogon\Notify\urqnkjh
[02/25/2007, 18:51:08] - Searching for Browser Helper Objects:
[02/25/2007, 18:51:08] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/25/2007, 18:51:08] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/25/2007, 18:51:08] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/25/2007, 18:51:08] - BHO 4: {59CA6513-5A5A-3FB4-D081-0BE271AEC009} ()
[02/25/2007, 18:51:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:08] - Checking for HKLM\...\Winlogon\Notify\sgpvqml
[02/25/2007, 18:51:08] - Key not found: HKLM\...\Winlogon\Notify\sgpvqml, continuing.
[02/25/2007, 18:51:08] - BHO 5: {732FFB66-67CF-4AF3-B466-774935A94C3F} ()
[02/25/2007, 18:51:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:08] - No filename found. Continuing.
[02/25/2007, 18:51:08] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/25/2007, 18:51:08] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/25/2007, 18:51:08] - BHO 8: {AE784354-305C-4584-9DB9-35837752A28E} ()
[02/25/2007, 18:51:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:08] - No filename found. Continuing.
[02/25/2007, 18:51:08] - BHO 9: {BC982BD9-F174-42CE-9813-7E3802064153} (MSEvents Object)
[02/25/2007, 18:51:08] - ALERT: Found MSEvents Object!
[02/25/2007, 18:51:08] - Finished Searching Browser Helper Objects
[02/25/2007, 18:51:08] - *** Detected MSEvents Object
[02/25/2007, 18:51:08] - Trying to remove MSEvents Object...
[02/25/2007, 18:51:09] - Terminating Process: IEXPLORE.EXE
[02/25/2007, 18:51:09] - Terminating Process: RUNDLL32.EXE
[02/25/2007, 18:51:09] - Disabling Automatic Shell Restart
[02/25/2007, 18:51:09] - Terminating Process: EXPLORER.EXE
[02/25/2007, 18:51:09] - Suspending the NT Session Manager System Service
[02/25/2007, 18:51:09] - Terminating Windows NT Logon/Logoff Manager
[02/25/2007, 18:51:10] - Re-enabling Automatic Shell Restart
[02/25/2007, 18:51:10] - File to disable: C:\WINDOWS\system32\vturo.dll
[02/25/2007, 18:51:10] - Renaming C:\WINDOWS\system32\vturo.dll -> C:\WINDOWS\system32\vturo.dll.vir
[02/25/2007, 18:51:10] - File successfully renamed!
[02/25/2007, 18:51:10] - Removing HKLM\...\Browser Helper Objects\{BC982BD9-F174-42CE-9813-7E3802064153}
[02/25/2007, 18:51:10] - Removing HKCR\CLSID\{BC982BD9-F174-42CE-9813-7E3802064153}
[02/25/2007, 18:51:10] - Adding Kill Bit for ActiveX for GUID: {BC982BD9-F174-42CE-9813-7E3802064153}
[02/25/2007, 18:51:10] - Deleting ATLEvents/MSEvents Registry entries
[02/25/2007, 18:51:10] - Removing HKLM\...\Winlogon\Notify\vturo
[02/25/2007, 18:51:10] - Searching for Browser Helper Objects:
[02/25/2007, 18:51:10] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/25/2007, 18:51:10] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[02/25/2007, 18:51:10] - BHO 3: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (Skype add-on (mastermind))
[02/25/2007, 18:51:10] - BHO 4: {59CA6513-5A5A-3FB4-D081-0BE271AEC009} ()
[02/25/2007, 18:51:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:10] - Checking for HKLM\...\Winlogon\Notify\sgpvqml
[02/25/2007, 18:51:10] - Key not found: HKLM\...\Winlogon\Notify\sgpvqml, continuing.
[02/25/2007, 18:51:10] - BHO 5: {732FFB66-67CF-4AF3-B466-774935A94C3F} ()
[02/25/2007, 18:51:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:10] - No filename found. Continuing.
[02/25/2007, 18:51:10] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/25/2007, 18:51:10] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/25/2007, 18:51:10] - BHO 8: {AE784354-305C-4584-9DB9-35837752A28E} ()
[02/25/2007, 18:51:10] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/25/2007, 18:51:10] - No filename found. Continuing.
[02/25/2007, 18:51:10] - Finished Searching Browser Helper Objects
[02/25/2007, 18:51:10] - Finishing up...
[02/25/2007, 18:51:10] - A restart is needed.
[02/25/2007, 18:51:25] - Attempting to Restart via STOP error (Blue Screen!)



Logfile of HijackThis v1.99.1
Scan saved at 18:56:08, on 25/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {59CA6513-5A5A-3FB4-D081-0BE271AEC009} - C:\WINDOWS\system32\sgpvqml.dll
O2 - BHO: (no name) - {732FFB66-67CF-4AF3-B466-774935A94C3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AE784354-305C-4584-9DB9-35837752A28E} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe


merci
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
25 févr. 2007 à 19:33
re

ok, refais les manips de ce lien stp :

virus methode preliminaire de desinfection version fr

++
0
Voilà pour la suite, et merci encore pour ton aide :

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 20:54:43 25/02/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP125\A0040507.dll -> Adware.Virtumonde : Aucune action entreprise.


Fin du rapport




BitDefender Online Scanner



Scan report generated at: Sat, Feb 24, 2007 - 19:36:46





Scan path: A:\;C:\;D:\;E:\;F:\;







Statistics

Time
03:02:27

Files
435055

Folders
9101

Boot Sectors
2

Archives
8833

Packed Files
39185




Results

Identified Viruses
2

Infected Files
6

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
4




Engines Info

Virus Definitions
393347

Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll
Infected with: Trojan.Obfus.Gen

C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll
Disinfection failed

C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll
Deleted

C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039846.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039846.dll
Disinfection failed

C:\System Volume Information\_restore{00BE5197-B72C-459C-A716-FDEBB40EFA97}\RP124\A0039846.dll
Deleted

C:\WINDOWS\system32\awvtr.dll
Infected with: MemScan:Trojan.Vundo.AF

C:\WINDOWS\system32\awvtr.dll
Disinfection failed

C:\WINDOWS\system32\awvtr.dll
Delete failed

C:\WINDOWS\system32\maslapn.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\maslapn.dll
Disinfection failed

C:\WINDOWS\system32\maslapn.dll
Deleted

C:\WINDOWS\system32\setupapi.dll
Clean

C:\WINDOWS\system32\setupdll.dll
Clean

C:\WINDOWS\system32\setver.exe
Clean

C:\WINDOWS\system32\sfc.dll
Clean

C:\WINDOWS\system32\sfc.exe
Clean

C:\WINDOWS\system32\sfcfiles.dll
Clean

C:\WINDOWS\system32\sfc_os(3).dll
Clean

C:\WINDOWS\system32\sfc_os.dll
Clean

C:\WINDOWS\system32\sfmapi.dll
Clean

C:\WINDOWS\system32\sgpvqml.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\sgpvqml.dll
Infected with: Trojan.Obfus.Gen

C:\WINDOWS\system32\sgpvqml.dll
Disinfection failed

C:\WINDOWS\system32\sgpvqml.dll
Disinfection failed

C:\WINDOWS\system32\sgpvqml.dll
Delete failed

C:\WINDOWS\system32\sgpvqml.dll
Delete failed

C:\WINDOWS\system32\shadow.exe
Clean

C:\WINDOWS\system32\share.exe
Clean

C:\WINDOWS\system32\shdoclc.dll
Clean

C:\WINDOWS\system32\shdocvw.dll
Clean

C:\WINDOWS\system32\shell.dll
Clean

C:\WINDOWS\system32\shell32(3).dll
Clean

C:\WINDOWS\system32\shell32.dll
Clean

C:\WINDOWS\system32\shellstyle.dll
Clean

C:\WINDOWS\system32\shfolder(2).dll
Clean

C:\WINDOWS\system32\shfolder.dll
Clean

C:\WINDOWS\system32\shgina.dll
Clean

C:\WINDOWS\system32\shiftjis.uce
Clean

C:\WINDOWS\system32\shimeng.dll
Clean

C:\WINDOWS\system32\shimgvw(2).dll
Clean

C:\WINDOWS\system32\shimgvw.dll
Clean

C:\WINDOWS\system32\shlwapi(3).dll
Clean

C:\WINDOWS\system32\shlwapi.dll
Clean

C:\WINDOWS\system32\shmedia.dll
Clean

C:\WINDOWS\system32\shmgrate.exe
Clean

C:\WINDOWS\system32\shrpubw.exe
Clean

C:\WINDOWS\system32\shscrap.dll
Clean

C:\WINDOWS\system32\shsvcs(3).dll
Clean

C:\WINDOWS\system32\shsvcs.dll
Clean

C:\WINDOWS\system32\shutdown.exe
Clean

C:\WINDOWS\system32\sigtab.dll
Clean

C:\WINDOWS\system32\sigverif.exe
Clean

C:\WINDOWS\system32\simpdata.tlb
Clean

C:\WINDOWS\system32\sisbkup.dll
Clean

C:\WINDOWS\system32\skdll.dll
Clean

C:\WINDOWS\system32\skeys.exe
Clean

C:\WINDOWS\system32\slayerxp.dll
Clean

C:\WINDOWS\system32\slbcsp.dll
Clean

C:\WINDOWS\system32\slbiop.dll
Clean

C:\WINDOWS\system32\slbrccsp.dll
Clean

C:\WINDOWS\system32\slcpappl.chm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#SYSTEM
Clean

C:\WINDOWS\system32\slcpappl.chm=>/SLCPAPPL.hhc
Clean

C:\WINDOWS\system32\slcpappl.chm=>/SLCPAPPL.hhk
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4701).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm=>(JAVASCRIPT 4)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4709).htm=>(JAVASCRIPT 5)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4703).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4702).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4707).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4706).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4410).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4402).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4403).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4404).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4405).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4406).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4708).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4710).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4704).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4705).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4407).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4004).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4010).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4002).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4005).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4003).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4006).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4007).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4408).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4409).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4401).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4008).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4009).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4001).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4109).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4101).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4502).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4510).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4503).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4504).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4505).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4506).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4110).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4102).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4103).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4104).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4105).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4106).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4107).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4108).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4610).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4307).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4308).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4309).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4301).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4507).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4508).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4509).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4501).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4310).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4602).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4302).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4303).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4304).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4305).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4306).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4605).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4810).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4802).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4803).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4804).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4805).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4806).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4807).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4808).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4604).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4606).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4607).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4608).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm=>(JAVASCRIPT 4)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4609).htm=>(JAVASCRIPT 5)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4601).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4603).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4209).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4201).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm=>(JAVASCRIPT 4)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4809).htm=>(JAVASCRIPT 5)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4801).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4206).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4208).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4207).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4901).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4902).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4210).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4202).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4203).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4204).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4205).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4907).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Simplified Chinese (4711).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Traditional Chinese (4811).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Dutch (4411).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/English (4011).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/French (4111).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/German (4511).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Italian (4311).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Japanese (4611).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4903).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4904).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4906).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4908).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4909).htm=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4910).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4905).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Korean (4911).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Spanish (4211).htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.htm
Clean

C:\WINDOWS\system32\slcpappl.chm=>/external.js
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#BSSC
Clean

C:\WINDOWS\system32\slcpappl.chm=>/SLCPAPPL.brs
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image001.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image002.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image003.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image004.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image005.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image006.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/Result Code Table.files/image007.gif
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#WINDOWS
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#IVB
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$WWKeywordLinks/Property
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$WWAssociativeLinks/Property
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$OBJINST
Clean

C:\WINDOWS\system32\slcpappl.chm=>/$FIftiMain
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#IDXHDR
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#TOPICS
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#URLTBL
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#URLSTR
Clean

C:\WINDOWS\system32\slcpappl.chm=>/#STRINGS
Clean

C:\WINDOWS\system32\slcpappl.cpl
Clean

C:\WINDOWS\system32\slextspk.dll
Clean

C:\WINDOWS\system32\slserv.exe
Clean

C:\WINDOWS\system32\sl_anet.acm
Clean

C:\WINDOWS\system32\smbinst.exe
Clean

C:\WINDOWS\system32\smlogcfg.dll
Clean

C:\WINDOWS\system32\smlogsvc.exe
Clean

C:\WINDOWS\system32\SMMSCRPT.DLL
Clean

C:\WINDOWS\system32\SMMSETUP.DLL
Clean

C:\WINDOWS\system32\smss.exe
Clean

C:\WINDOWS\system32\sndrec32.exe
Clean

C:\WINDOWS\system32\sndvol32.exe
Clean

C:\WINDOWS\system32\snmpapi(2).dll
Clean

C:\WINDOWS\system32\snmpapi.dll
Clean

C:\WINDOWS\system32\snmpsnap.dll
Clean

C:\WINDOWS\system32\softpub.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\5.8.0.2469\wuapi.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\5.8.0.2694\wuapi.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\5.8.0.2469\wups.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\5.8.0.2694\wups.dll
Clean

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\5.8.0.2694\wups2.dll
Clean

C:\WINDOWS\system32\sol.exe
Clean

C:\WINDOWS\system32\sort.exe
Clean

C:\WINDOWS\system32\sortkey.nls
Clean

C:\WINDOWS\system32\sorttbls.nls
Clean

C:\WINDOWS\system32\sound.drv
Clean

C:\WINDOWS\system32\spider.exe
Clean

C:\WINDOWS\system32\spiisupd.exe
Clean

C:\WINDOWS\system32\spmsg.dll
Clean

C:\WINDOWS\system32\spnike.dll
Clean

C:\WINDOWS\system32\spnpinst.exe
Clean

C:\WINDOWS\system32\spool\drivers\color\AdobeRGB1998.icc
Clean

C:\WINDOWS\system32\spool\drivers\color\adod6522.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\appd6518.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\BetaRGB.icc
Clean

C:\WINDOWS\system32\spool\drivers\color\Diamond Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\ECI-RGB.V1.0.icc
Clean

C:\WINDOWS\system32\spool\drivers\color\European Print Medium GCR 320 UCR.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\Hitachi Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Prem Plus Photo(tricolor+black).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Prem Plus Photo(tricolor+photo).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Premium Paper(tricolor+black).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C3100_C4100-Premium Paper(tricolor+photo).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C4100-Prem Plus Photo(tricolor+gray).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP PS C4100-Premium Paper(tricolor+gray).icc
Clean

C:\WINDOWS\system32\spool\drivers\color\HP500ND.ICM
Clean

C:\WINDOWS\system32\spool\drivers\color\HP500NG.ICM
Clean

C:\WINDOWS\system32\spool\drivers\color\is330.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\Kodak SWOP Proofer CMYK-Coated.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\kodak_dc.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\NEC Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\sRGB Color Space Profile.icm
Clean

C:\WINDOWS\system32\spool\drivers\color\Trinitron Compatible 9300K G2.2.icm
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\2\olfaxdrv.fad
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\2\olfdnt40.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\2\olfunt40.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac4103.BUD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac4103.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac4103.xml
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpac410a.ini
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpafax.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpafax.ini
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpafax.xml
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpahc410.exp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpaiofax.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpbcfgre.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpcdmc32.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPDJ500C.BUD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPDJ500C.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPDJRES.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfie054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfig054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfrs054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPk7hmlo.cfg
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPrbi85i.cfg
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPV600AL.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ200.HLP
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ50.INI
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ50.INI=>(unicode)
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ670.BUD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ670.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ67X.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVDJ6XX.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVIMG50.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVNAM50.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUD50.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUI50.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3a054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3m054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz3r054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzev054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzar054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzcs054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzhc054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzht054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzda054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzde054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzen054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzes054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzfr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzel054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzhe054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzit054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzja054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzko054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzhu054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpznl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzno054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzpl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzpt054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzru054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzsk054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzfi054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzsv054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzth054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpztr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzhl054.cab=>hpzca054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpr054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzsc054.dtd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzsm054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzss054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzst054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzui054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzuifax.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\STDNAMES.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.HLP
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpac4103.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpac4103.xml
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpac410a.ini
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpahc410.exp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpbcfgre.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpcdmc32.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpfie054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpfig054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpfrs054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpz3a054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpz3m054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpz3r054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzev054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzar054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzcs054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzhc054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzht054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzda054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzde054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzen054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzes054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzfr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzel054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzhe054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzit054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzja054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzko054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzhu054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpznl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzno054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzpl054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzpt054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzru054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzsk054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzfi054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzsv054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzth054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpztr054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzhl054.cab=>hpzca054.hlp
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzpr054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzsc054.dtd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzsm054.gpd
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzss054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzst054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\hpzui054.dll
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\STDNAMES.GPD
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIDRV.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIDRV.HLP
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIDRVUI.DLL
Clean

C:\WINDOWS\system32\spool\drivers\w32x86\hpphotosmart_c4100_s3698\UNIRES.DLL
Clean

C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp054.dll
Clean

C:\WINDOWS\system32\spool\prtprocs\w32x86\OLFPNT40.DLL
Clean

C:\WINDOWS\system32\spool\prtprocs\w32x86\wfxprint2000.dll
Clean

C:\WINDOWS\system32\spoolss(2).dll
Clean

C:\WINDOWS\system32\spoolss.dll
Clean

C:\WINDOWS\system32\spoolsv.exe
Clean

C:\WINDOWS\system32\sprestrt.exe
Clean

C:\WINDOWS\system32\sprio600.dll
Clean

C:\WINDOWS\system32\sprio800.dll
Clean

C:\WINDOWS\system32\SPTBDOCK.OCX
Clean

C:\WINDOWS\system32\spupdsvc.exe
Clean

C:\WINDOWS\system32\spxcoins.dll
Clean

C:\WINDOWS\system32\sqlsodbc.chm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#SYSTEM
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_1.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_1.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_2.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_2.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_3.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_3.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_4.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_data_source_wizard_screen_4.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_2000_copyright_and_disclaimer.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_2000_copyright_and_disclaimer.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_login_dialog_box.htm
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/_sql_server_login_dialog_box.htm=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coUA.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coUA_Ex.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coUA_Print.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.css
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js=>(JAVASCRIPT 1)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js=>(JAVASCRIPT 2)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.js=>(JAVASCRIPT 3)
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/shared.js
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/caution.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coC.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coCb.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coE.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/coEb.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/elle.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/important.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/keybrd.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/keybrd_.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/keybrd_c.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto_.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/mailto_c.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/note.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/relglyph.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/relglyph_.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/relglyph_c.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/spacer.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/tip.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/Basics/warning.gif
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/sqlsodbc.hhc
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#WINDOWS
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#IVB
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$WWKeywordLinks/Property
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$WWAssociativeLinks/Property
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$OBJINST
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/$FIftiMain
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#IDXHDR
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#TOCIDX
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#TOPICS
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#URLTBL
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#URLSTR
Clean

C:\WINDOWS\system32\sqlsodbc.chm=>/#STRINGS
Clean

C:\WINDOWS\system32\sqlsrv32.dll
Clean

C:\WINDOWS\system32\sqlsrv32.rll
Clean

C:\WINDOWS\system32\sqlunirl.dll
Clean

C:\WINDOWS\system32\sqlwid.dll
Clean

C:\WINDOWS\system32\sqlwoa.dll
Clean

C:\WINDOWS\system32\srclient.dll
Clean

C:\WINDOWS\system32\srrstr.dll
Clean

C:\WINDOWS\system32\srsvc(3).dll
Clean

C:\WINDOWS\system32\srsvc.dll
Clean

C:\WINDOWS\system32\srvsvc.dll
Clean

C:\WINDOWS\system32\ss3dfo.scr
Clean

C:\WINDOWS\system32\ssbezier.scr
Clean

C:\WINDOWS\system32\ssdpapi(3).dll
Clean

C:\WINDOWS\system32\ssdpapi.dll
Clean

C:\WINDOWS\system32\ssdpsrv(3).dll
Clean

C:\WINDOWS\system32\ssdpsrv.dll
Clean

C:\WINDOWS\system32\ssflwbox.scr
Clean

C:\WINDOWS\system32\ssldivx.dll
Clean

C:\WINDOWS\system32\ssmarque.scr
Clean

C:\WINDOWS\system32\ssmypics.scr
Clean

C:\WINDOWS\system32\ssmyst.scr
Clean

C:\WINDOWS\system32\sspipes.scr
Clean

C:\WINDOWS\system32\ssqro.dll
Infected with: MemScan:Trojan.Vundo.AF

C:\WINDOWS\system32\ssqro.dll
Infected with: MemScan:Trojan.Vundo.AF

C:\WINDOWS\system32\ssqro.dll
Disinfection failed

C:\WINDOWS\system32\ssqro.dll
Disinfection failed

C:\WINDOWS\system32\ssqro.dll
Deleted

C:\WINDOWS\system32\ssqro.dll
Deleted

C:\WINDOWS\system32\ssstars.scr
Clean

C:\WINDOWS\system32\sstext3d.scr
Clean

C:\WINDOWS\system32\start.cdi
Clean

C:\WINDOWS\system32\stclient.dll
Clean

C:\WINDOWS\system32\STDOLE.TLB
Clean

C:\WINDOWS\system32\stdole2.tlb
Clean

C:\WINDOWS\system32\stdole32.tlb
Clean

C:\WINDOWS\system32\sti(2).dll
Clean

C:\WINDOWS\system32\sti.dll
Clean

C:\WINDOWS\system32\stimon.exe
Clean

C:\WINDOWS\system32\sti_ci.dll
Clean

C:\WINDOWS\system32\STKIT432.DLL
Clean

C:\WINDOWS\system32\stobject(2).dll
Clean

C:\WINDOWS\system32\stobject.dll
Clean

C:\WINDOWS\system32\storage.dll
Clean

C:\WINDOWS\system32\storprop.dll
Clean

C:\WINDOWS\system32\streamci.dll
Clean

C:\WINDOWS\system32\strmdll(2).dll
Clean

C:\WINDOWS\system32\strmdll.dll
Clean

C:\WINDOWS\system32\strmfilt.dll
Clean

C:\WINDOWS\system32\subrange.uce
Clean

C:\WINDOWS\system32\subst.exe
Clean

C:\WINDOWS\system32\svchost.exe
Clean

C:\WINDOWS\system32\svcpack.dll
Clean

C:\WINDOWS\system32\swpdflt2.dll
Clean

C:\WINDOWS\system32\swprv.dll
Clean

C:\WINDOWS\system32\sxs(3).dll
Clean

C:\WINDOWS\system32\sxs.dll
Clean

C:\WINDOWS\system32\SymStore.dll
Clean

C:\WINDOWS\system32\syncapp.exe
Clean

C:\WINDOWS\system32\synceng.dll
Clean

C:\WINDOWS\system32\syncui.dll
Clean

C:\WINDOWS\system32\sysdm.cpl
Clean

C:\WINDOWS\system32\sysedit.exe
Clean

C:\WINDOWS\system32\sysinv.dll
Clean

C:\WINDOWS\system32\syskey.exe
Clean

C:\WINDOWS\system32\sysmon.ocx
Clean

C:\WINDOWS\system32\sysocmgr.exe
Clean

C:\WINDOWS\system32\sysprint.sep
Clean

C:\WINDOWS\system32\sysprtj.sep
Clean

C:\WINDOWS\system32\syssetup.dll
Clean

C:\WINDOWS\system32\system.drv
Clean

C:\WINDOWS\system32\systeminfo.exe
Clean

C:\WINDOWS\system32\systray.exe
Clean

C:\WINDOWS\system32\t2embed.dll
Clean

C:\WINDOWS\system32\tabctl32.ocx
Clean

C:\WINDOWS\system32\tapi.dll
Clean

C:\WINDOWS\system32\tapi3.dll
Clean

C:\WINDOWS\system32\tapi32(3).dll
Clean

C:\WINDOWS\system32\tapi32.dll
Clean

C:\WINDOWS\system32\tapiperf.dll
Clean

C:\WINDOWS\system32\tapisrv(3).dll
Clean

C:\WINDOWS\system32\tapisrv.dll
Clean

C:\WINDOWS\system32\tapiui.dll
Clean

C:\WINDOWS\system32\taskkill.exe
Clean

C:\WINDOWS\system32\tasklist.exe
Clean

C:\WINDOWS\system32\taskman.exe
Clean

C:\WINDOWS\system32\taskmgr.exe
Clean

C:\WINDOWS\system32\tcmsetup.exe
Clean

C:\WINDOWS\system32\tcpmib.dll
Clean

C:\WINDOWS\system32\tcpmon.dll
Clean

C:\WINDOWS\system32\tcpmon.ini
Clean

C:\WINDOWS\system32\tcpmonui.dll
Clean

C:\WINDOWS\system32\tcpsvcs.exe
Clean

C:\WINDOWS\system32\tdc.ocx
Clean

C:\WINDOWS\system32\telephon.cpl
Clean

C:\WINDOWS\system32\telnet.exe
Clean

C:\WINDOWS\system32\termcap
Clean

C:\WINDOWS\system32\termmgr.dll
Clean

C:\WINDOWS\system32\termsrv(3).dll
Clean

C:\WINDOWS\system32\termsrv.dll
Clean

C:\WINDOWS\system32\tftp.exe
Clean

C:\WINDOWS\system32\TFTP4484
Clean

C:\WINDOWS\system32\themeui(2).dll
Clean

C:\WINDOWS\system32\themeui.dll
Clean

C:\WINDOWS\system32\timedate.cpl
Clean

C:\WINDOWS\system32\timer.drv
Clean

C:\WINDOWS\system32\TLBINF32.DLL
Clean

C:\WINDOWS\system32\tlntadmn.exe
Clean

C:\WINDOWS\system32\tlntsess.exe
Clean

C:\WINDOWS\system32\tlntsvr.exe
Clean

C:\WINDOWS\system32\tlntsvrp.dll
Clean

C:\WINDOWS\system32\tm20dec.ax
Clean

C:\WINDOWS\system32\toolhelp.dll
Clean

C:\WINDOWS\system32\tourstart.exe
Clean

C:\WINDOWS\system32\tracerpt.exe
Clean

C:\WINDOWS\system32\tracert.exe
Clean

C:\WINDOWS\system32\tracert6.exe
Clean

C:\WINDOWS\system32\traffic.dll
Clean

C:\WINDOWS\system32\tree.com
Clean

C:\WINDOWS\system32\trkwks(3).dll
Clean

C:\WINDOWS\system32\trkwks.dll
Clean

C:\WINDOWS\system32\tsappcmp.dll
Clean

C:\WINDOWS\system32\tsbyuv.dll
Clean

C:\WINDOWS\system32\tscfgwmi.dll
Clean

C:\WINDOWS\system32\tscon.exe
Clean

C:\WINDOWS\system32\tscupgrd.exe
Clean

C:\WINDOWS\system32\tsd32.dll
Clean

C:\WINDOWS\system32\tsddd.dll
Clean

C:\WINDOWS\system32\tsdiscon.exe
Clean

C:\WINDOWS\system32\tskill.exe
Clean

C:\WINDOWS\system32\tslabels.h
Clean

C:\WINDOWS\system32\tslabels.ini
Clean

C:\WINDOWS\system32\tsshutdn.exe
Clean

C:\WINDOWS\system32\tssoft32.acm
Clean

C:\WINDOWS\system32\TWAIN_32.DLL
Clean

C:\WINDOWS\system32\twext.dll
Clean

C:\WINDOWS\system32\txflog.dll
Clean

C:\WINDOWS\system32\typelib.dll
Clean

C:\WINDOWS\system32\typeperf.exe
Clean

C:\WINDOWS\system32\udhisapi.dll
Clean

C:\WINDOWS\system32\ufat.dll
Clean

C:\WINDOWS\system32\ulib.dll
Clean

C:\WINDOWS\system32\umandlg.dll
Clean

C:\WINDOWS\system32\umdmxfrm.dll
Clean

C:\WINDOWS\system32\umpnpmgr(3).dll
Clean

C:\WINDOWS\system32\umpnpmgr.dll
Clean

C:\WINDOWS\system32\unaddrv.exe
Clean

C:\WINDOWS\system32\unam4ie.exe
Clean

C:\WINDOWS\system32\unicdime.ime
Clean

C:\WINDOWS\system32\unicode.nls
Clean

C:\WINDOWS\system32\uniime.dll
Clean

C:\WINDOWS\system32\unimdm.tsp
Clean

C:\WINDOWS\system32\unimdmat.dll
Clean

C:\WINDOWS\system32\uniplat.dll
Clean

C:\WINDOWS\system32\unlodctr.exe
Clean

C:\WINDOWS\system32\unrar.dll
Clean

C:\WINDOWS\system32\untfs.dll
Clean

C:\WINDOWS\system32\unzip32.dll
Clean

C:\WINDOWS\system32\upnp(3).dll
Clean

C:\WINDOWS\system32\upnp.dll
Clean

C:\WINDOWS\system32\upnpcont.exe
Clean

C:\WINDOWS\system32\upnphost.dll
Clean

C:\WINDOWS\system32\upnpui.dll
Clean

C:\WINDOWS\system32\ups.exe
Clean

C:\WINDOWS\system32\ureg.dll
Clean

C:\WINDOWS\system32\url(3).dll
Clean

C:\WINDOWS\system32\url.dll
Clean

C:\WINDOWS\system32\urlmon(3).dll
Clean

C:\WINDOWS\system32\urlmon.dll
Clean

C:\WINDOWS\system32\urqnkjh.dll
Clean

C:\WINDOWS\system32\URTTemp\fusion.dll
Clean

C:\WINDOWS\system32\URTTemp\mscoree.dll
Clean

C:\WINDOWS\system32\URTTemp\mscoree.dll.local
Clean

C:\WINDOWS\system32\URTTemp\mscorsn.dll
Clean

C:\WINDOWS\system32\URTTemp\mscorwks.dll
Clean

C:\WINDOWS\system32\URTTemp\msvcr71.dll
Clean

C:\WINDOWS\system32\URTTemp\regtlib.exe
Clean

C:\WINDOWS\system32\usbmon.dll
Clean

C:\WINDOWS\system32\usbui.dll
Clean

C:\WINDOWS\system32\usb_cpl.dll
Clean

C:\WINDOWS\system32\user.exe
Clean

C:\WINDOWS\system32\user32.dll
Clean

C:\WINDOWS\system32\userenv.dll
Clean

C:\WINDOWS\system32\userinit.exe
Clean

C:\WINDOWS\system32\usmt\guitrn.dll
Clean

C:\WINDOWS\system32\usmt\guitrn_a.dll
Clean

C:\WINDOWS\system32\usmt\iconlib.dll
Clean

C:\WINDOWS\system32\usmt\log.dll
Clean

C:\WINDOWS\system32\usmt\migapp.inf
Clean

C:\WINDOWS\system32\usmt\migapp.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migism.dll
Clean

C:\WINDOWS\system32\usmt\migism.inf
Clean

C:\WINDOWS\system32\usmt\migism.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migism_a.dll
Clean

C:\WINDOWS\system32\usmt\migload.exe
Clean

C:\WINDOWS\system32\usmt\migsys.inf
Clean

C:\WINDOWS\system32\usmt\migsys.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\miguser.inf
Clean

C:\WINDOWS\system32\usmt\miguser.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migwiz.exe
Clean

C:\WINDOWS\system32\usmt\migwiz.exe.manifest
Clean

C:\WINDOWS\system32\usmt\migwiz.exe.manifest=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migwiz.inf
Clean

C:\WINDOWS\system32\usmt\migwiz.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\migwiz_a.exe
Clean

C:\WINDOWS\system32\usmt\script.dll
Clean

C:\WINDOWS\system32\usmt\script_a.dll
Clean

C:\WINDOWS\system32\usmt\sysfiles.inf
Clean

C:\WINDOWS\system32\usmt\sysfiles.inf=>(unicode)
Clean

C:\WINDOWS\system32\usmt\sysmod.dll
Clean

C:\WINDOWS\system32\usmt\sysmod_a.dll
Clean

C:\WINDOWS\system32\usmt\usmtdef.inf
Clean

C:\WINDOWS\system32\usmt\usmtdef.inf=>(unicode)
Clean

C:\WINDOWS\system32\usp10(3).dll
Clean

C:\WINDOWS\system32\usp10.dll
Clean

C:\WINDOWS\system32\usrcntra.dll
Clean

C:\WINDOWS\system32\usrcoina.dll
Clean

C:\WINDOWS\system32\usrdpa.dll
Clean

C:\WINDOWS\system32\usrdtea.dll
Clean

C:\WINDOWS\system32\usrfaxa.dll
Clean

C:\WINDOWS\system32\usrlbva.dll
Clean

C:\WINDOWS\system32\usrlogon.cmd
Clean

C:\WINDOWS\system32\usrmlnka.exe
Clean

C:\WINDOWS\system32\usrprbda.exe
Clean

C:\WINDOWS\system32\usrrtosa.dll
Clean

C:\WINDOWS\system32\usrsdpia.dll
Clean

C:\WINDOWS\system32\usrshuta.exe
Clean

C:\WINDOWS\system32\usrsvpia.dll
Clean

C:\WINDOWS\system32\usrv42a.dll
Clean

C:\WINDOWS\system32\usrv80a.dll
Clean

C:\WINDOWS\system32\usrvoica.dll
Clean

C:\WINDOWS\system32\usrvpa.dll
Clean

C:\WINDOWS\system32\utildll.dll
Clean

C:\WINDOWS\system32\utilman.exe
Clean

C:\WINDOWS\system32\uwdf.exe
Clean

C:\WINDOWS\system32\uxtheme(3).dll
Clean

C:\WINDOWS\system32\uxtheme.dll
Clean

C:\WINDOWS\system32\v7vga.rom
Clean

C:\WINDOWS\system32\v7vga.rom=>REMOVED_NULLS
Clean

C:\WINDOWS\system32\VB5DB.DLL
Clean

C:\WINDOWS\system32\VB6FR.DLL
Clean

C:\WINDOWS\system32\VB6STKIT.DLL
Clean

C:\WINDOWS\system32\VBAEN32.OLB
Clean

C:\WINDOWS\system32\VBAEND32.OLB
Clean

C:\WINDOWS\system32\VBAFR32.OLB
Clean

C:\WINDOWS\system32\vbajet32.dll
Clean

C:\WINDOWS\system32\VBAME.DLL
Clean

C:\WINDOWS\system32\vbar332.dll
Clean

C:\WINDOWS\system32\vbicodec.ax
Clean

C:\WINDOWS\system32\vbisurf.ax
Clean

C:\WINDOWS\system32\vbscript(2).dll
Clean

C:\WINDOWS\system32\vbscript.dll
Clean

C:\WINDOWS\system32\vbsfr.dll
Clean

C:\WINDOWS\system32\vcdex.dll
Clean

C:\WINDOWS\system32\VCT3216.ACM
Clean

C:\WINDOWS\system32\VCT3216.DLL
Clean

C:\WINDOWS\system32\vdmdbg.dll
Clean

C:\WINDOWS\system32\vdmredir.dll
Clean

C:\WINDOWS\system32\VEN2232.OLB
Clean

C:\WINDOWS\system32\ver.dll
Clean

C:\WINDOWS\system32\verclsid.exe
Clean

C:\WINDOWS\system32\verifier.dll
Clean

C:\WINDOWS\system32\verifier.exe
Clean

C:\WINDOWS\system32\version.dll
Clean

C:\WINDOWS\system32\vfpodbc.dll
Clean

C:\WINDOWS\system32\vga.dll
Clean

C:\WINDOWS\system32\vga.drv
Clean

C:\WINDOWS\system32\vga256.dll
Clean

C:\WINDOWS\system32\vga64k.dll
Clean

C:\WINDOWS\system32\vidx16.dll
Clean

C:\WINDOWS\system32\Viewers\DEBMP.DLL
Clean

C:\WINDOWS\system32\Viewers\DEHEX.DLL
Clean

C:\WINDOWS\system32\Viewers\DEMET.DLL
Clean

C:\WINDOWS\system32\Viewers\DESS.DLL
Clean

C:\WINDOWS\system32\Viewers\DEWP.DLL
Clean

C:\WINDOWS\system32\Viewers\MSVIEWUT.DLL
Clean

C:\WINDOWS\system32\Viewers\QUIKVIEW.EXE
Clean

C:\WINDOWS\system32\Viewers\SCCVIEW.DLL
Clean

C:\WINDOWS\system32\Viewers\VSASC8.DLL
Clean

C:\WINDOWS\system32\Viewers\VSBMP.DLL
Clean

C:\WINDOWS\system32\Viewers\VSDRW.DLL
Clean

C:\WINDOWS\system32\Viewers\VSEXE.DLL
Clean

C:\WINDOWS\system32\Viewers\VSEXE2.DLL
Clean

C:\WINDOWS\system32\Viewers\VSMP.DLL
Clean

C:\WINDOWS\system32\Viewers\VSMSW.DLL
Clean

C:\WINDOWS\system32\Viewers\VSPP.DLL
Clean

C:\WINDOWS\system32\Viewers\VSQP6.DLL
Clean

C:\WINDOWS\system32\Viewers\VSRTF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSTIFF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSW6.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWKS.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWMF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWORD.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWORK.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWP5.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWP6.DLL
Clean

C:\WINDOWS\system32\Viewers\VSWPF.DLL
Clean

C:\WINDOWS\system32\Viewers\VSXL5.DLL
Clean

C:\WINDOWS\system32\vjoy.dll
Clean

C:\WINDOWS\system32\vmhelper.dll
Clean

C:\WINDOWS\system32\VOXMSDEC.AX
Clean

C:\WINDOWS\system32\VOXMVDEC.AX
Clean

C:\WINDOWS\system32\vp6dec_settings.cpl
Clean

C:\WINDOWS\system32\VSFLEX3.OCX
Clean

C:\WINDOWS\system32\vssadmin.exe
Clean

C:\WINDOWS\system32\vssapi(3).dll
Clean

C:\WINDOWS\system32\vssapi.dll
Clean

C:\WINDOWS\system32\vssvc.exe
Clean

C:\WINDOWS\system32\vss_ps.dll
Clean

C:\WINDOWS\system32\vwipxspx.dll
Clean

C:\WINDOWS\system32\vwipxspx.exe
Clean

C:\WINDOWS\system32\vxblock.dll
Clean

C:\WINDOWS\system32\w32n50.dll
Clean

C:\WINDOWS\system32\w32time(3).dll
Clean

C:\WINDOWS\system32\w32time.dll
Clean

C:\WINDOWS\system32\w32tm.exe
Clean

C:\WINDOWS\system32\w32topl.dll
Clean

C:\WINDOWS\system32\w3ssl.dll
Clean

C:\WINDOWS\system32\w95inf16.dll
Clean

C:\WINDOWS\system32\w95inf32.dll
Clean

C:\WINDOWS\system32\watchdog.sys
Clean

C:\WINDOWS\system32\wavemsp.dll
Clean

C:\WINDOWS\system32\wbcache.deu
Clean

C:\WINDOWS\system32\wbcache.enu
Clean

C:\WINDOWS\system32\wbcache.esn
Clean

C:\WINDOWS\system32\wbcache.fra
Clean

C:\WINDOWS\system32\wbcache.ita
Clean

C:\WINDOWS\system32\wbcache.nld
Clean

C:\WINDOWS\system32\wbcache.sve
Clean

C:\WINDOWS\system32\wbdbase.deu
Clean

C:\WINDOWS\system32\wbdbase.enu
Clean

C:\WINDOWS\system32\wbdbase.esn
Clean

C:\WINDOWS\system32\wbdbase.fra
Clean

C:\WINDOWS\system32\wbdbase.ita
Clean

C:\WINDOWS\system32\wbdbase.nld
Clean

C:\WINDOWS\system32\wbdbase.sve
Clean

C:\WINDOWS\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2CE64FBD51953C097BB5470043A6DAF9.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2CE64FBD51953C097BB5470043A6DAF9.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2CFB5B149FA396D1AEA5F89B1C5A8D81.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2CFB5B149FA396D1AEA5F89B1C5A8D81.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2DA80135BA8EC175C9B1C1598F659434.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\2DA80135BA8EC175C9B1C1598F659434.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\37134956F76D3C30C9BE0C12571CAF43.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\37134956F76D3C30C9BE0C12571CAF43.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\3EC317800FF508210BB945C81C0EACE7.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\3EC317800FF508210BB945C81C0EACE7.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\42355E8E232EF8CADD187D531DEC55DD.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\42355E8E232EF8CADD187D531DEC55DD.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\42C894EEACAD83A4E41154685841B3E1.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\42C894EEACAD83A4E41154685841B3E1.mof=>(unicode)
Clean

C:\WINDOWS\system32\wbem\AutoRecover\608B41C6A2CD9460C2263E6CD80C335A.mof
Clean

C:\WINDOWS\system32\wbem\AutoRecover\608B41C6A2
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
26 févr. 2007 à 12:04
Salut

ok, mets un new hijack stp et precise l'evolution de la situation stp

++
0
Bonsoir

Le PC est super lent, il rame mais sans les rames !!
ça fait 4 fois que j'essaie de vous envoyer ce message, mais rien ne se passe.

Je désespère d'y arriver, internet ne marche presque plus, c'est l'enfer, je suis prisonnier de ce truc et ça commence sérieusement à me fatiguer

HELP HELP HELP HELP HELP HELP

dernier rapport en date :

Logfile of HijackThis v1.99.1
Scan saved at 22:41:51, on 26/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {59CA6513-5A5A-3FB4-D081-0BE271AEC009} - C:\WINDOWS\system32\sgpvqml.dll
O2 - BHO: (no name) - {732FFB66-67CF-4AF3-B466-774935A94C3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AE784354-305C-4584-9DB9-35837752A28E} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/dribnif/fr/win/QuickTimeInstaller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Merci
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
26 févr. 2007 à 23:27
Salut

# Désactiver la Restauration du système

* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs

( tu pourras la réactivé à la fin de la manip )


Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/



O2 - BHO: (no name) - {59CA6513-5A5A-3FB4-D081-0BE271AEC009} - C:\WINDOWS\system32\sgpvqml.dll
O2 - BHO: (no name) - {732FFB66-67CF-4AF3-B466-774935A94C3F} - (no file)

O2 - BHO: (no name) - {AE784354-305C-4584-9DB9-35837752A28E} - (no file)

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKLM\..\Run: [maslapn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\MURIE\Local Settings\Application Data\maslapn.dll",ignvfd

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - https://checkspy.com/


ensuite, télécharge et execute ceci :

* CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm


* Ccleaner : Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs .

*Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"

ccleaner

tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php


ensuite : defragmente ton DD :

defragmenter son disque dur

tiens nous au courant,@+
0
Ai scrupuleusement effectué les manips proposées, et si je mets autant de temps à répondre, c'est tout simplement parce qu'internet rame toujours autant (plus de 10 minutes avec un écran immobile, rien ne se passe), et que j'ai du éteindre puis relancer le PC 2 fois et relancer 3 fois le site avant d'arriver jusque là !!


Sinon, j'ai vu un message d'erreur :
vs mon.exe erreur d'application
l'instruction "0x4d53565b emploie l'adresse mémoire "0x4d53565b
la mémoire ne peut etre "read" ....


Que dois-je faire à présent SVP ?
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
27 févr. 2007 à 12:37
Salut

fais ceci stp :

Réparer les fichiers système :

· Allez sur le poste de travail
· Faites un clique droit sur disque C:\ (disque où se trouve votre système d'exploitation)
· Choisissez l’onglet propriété
· Choisissez l’onglet Outils, puis vérifier maintenant

et vois ce que ça te donne

@+
0
J'ai réparé comme préconisé les fichiers systèmes

L'ordi tourne mieux, mais n'a pas encore retrouvé sa vitesse d'antan, toutefois je parviens à en faire ce que je veux.
J'ai déjà effectué 3 jours auparavant le protocole "mon PC rame que faire ?", donc comment puis-je encore amélioré le tir dasn la situation actuelle, la finalité étant de pouvoir par exemple jouer comme auparavant à flight simulator en réseau mondial, ce qui suppose un PC réactif ...

Je te propose mon dernier rapport Hijack, et j'attends ta réponse.
Qu'en est-il de mon ou mes infections virales, sont-elles traitées, partiellement, totalement ???

Logfile of HijackThis v1.99.1
Scan saved at 22:18:03, on 27/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MICROS~2\GAMECO~1\Common\SWTrayV4.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Merci encore de ton aide
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
27 févr. 2007 à 23:09
Salut

ton hijack est bon !

regarde par là :

pc ou ordinateur lent windows tres lent au demarrage

++
0
Tout semble fonctionner correctement à présent et j'en suis ravi.
Merci pour ces excellenbts conseils qui m'ont permis de lever ces problèmes et d'en savoir un peu plus sur l'informatique.

Aurai tu quelques conseils à me donner pour protéger plus efficacement mon PC ?

J'ai un autre PC, portable celui-ci, qui présente une trace de virus également, ainsi que des séquelles de mauvaises manipulations informatiques de ma part.
Je ne souhaite pas le connecter à internet car il contient des données perso, mais je peux me débrouiller via la clé USB à transférer les données sur celui-ci et à te les faire parvenir.
Serais-tu d'accord pour ce nouveau challenge ?

Merci encore pour le supoer travail effectué sur celui-ci et j'espère pouvoir te lire très bientot

Yann


Toutefois
0
1 er rapport Hijack du portable, merci

Logfile of HijackThis v1.99.1
Scan saved at 17:50:45, on 28/02/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\WINDOWS\System32\sst.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [USB Hardware9 Monitoring] USBhardware9.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Win32] sst.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [USB Hardware9 Monitoring] USBhardware9.exe
O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKLM\..\RunServices: [Win32] sst.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [Win32] sst.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)

merci
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
28 févr. 2007 à 18:19
Salut

effectivement, des petites saltés ...

fais un scan avec avg stp et poste le !

pour le protection de l'ordi :

https://sebsauvage.net/safehex.html

securite proteger un ordinateur contre les malwares d internet

@+
0
suis tombé en panne de batterie sur le portable en plein scan AVG (chargeur resté au boulot) donc la suite demain soir en ce qui me concerne.

Bonne soirée

Yann
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
28 févr. 2007 à 23:46
ok, bonne soirée !

@+
0
Salut Green Day

Quelques infos à propos des dysfonctions constatées sur le portable :

1)
Lors du lancement, on me propose de choisir le système d'exploitation entre /
- windowsw xp pro
- installation de windows xp pro

Il me semble que pour me sortir d'un (autre) mauvais pas, j'avais du tenter de réinstaller XP pro, mais sans aller jusqu'au bout ...

2)
Une alerte virus se manifeste par le biais d'avast tous les jours au bout du meme temps écoulé de fonctionnement du PC, au environs de 3 à 4 heures :
C:/Docume-1/yannmu-1/locals-1/temp/c27d8fef.d7a
Nom : win 32 : trojan.gen

3)
voici le scan AVG demandé, ainsi qu'un hijack

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:57:03 01/03/2007

+ Résultat de l'analyse:



[2092] C:\WINDOWS\System32\sst.exe -> Backdoor.Rbot : Aucune action entreprise.


Fin du rapport

Logfile of HijackThis v1.99.1
Scan saved at 19:59:54, on 01/03/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [USB Hardware9 Monitoring] USBhardware9.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [USB Hardware9 Monitoring] USBhardware9.exe
O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)


Merci encore de ton aide

Yann
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
1 mars 2007 à 21:55
Salut

ok, as tu supprimé ce qu'avg t'as trouvé ??

Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe

O4 - HKLM\..\Run: [USB Hardware9 Monitoring] USBhardware9.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\RunServices: [USB Hardware9 Monitoring] USBhardware9.exe
O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE


==> cherche et supprime les fichiers en gras si presents dans le fichier Windows :

MSEXECP32.exe
USBhardware9.exe

ensuite, télécharge et exécute :

* CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm


* Ccleaner : Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "réparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'à ce qu'il te trouve plus d'erreurs .

*Relance Ccleaner ,vas dans l'onglet "nettoyeur" présent sur la gauche, décoche la dernière case (Avancé si elle
est cochée) puis clique sur "lancer le nettoyage"

ccleaner

tuto: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php


enfin : installe un parefeu :

kerio

tuto : pour configurer et comprendre Kerio
https://www.vulgarisation-informatique.com/kerio.php
http://kerio.probb.fr/Systemesd-exploitation-c1/Logiciels-et-tutoriels-gratuits-tries-par-categorie-f6/Tutoriel-pour-Kerio-4-version-gratuite-t201.htm

@+

;-)
La sagesse, c'est d'avoir des rêves suffisamment grands pour ne pas les
perdre de vue lorsqu'on les poursuit. (Oscar Wilde)
0
De retour

Avais supprimé comme supposé l'élément trouvé par AVG

Ai trouvé et effecé MSexeCP32.exe
N'ai pas trouvé USBhardware 9 .exe

dernier hijack

Logfile of HijackThis v1.99.1
Scan saved at 19:59:54, on 01/03/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\MSEXECP32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDtServ.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [USB Hardware9 Monitoring] USBhardware9.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [USB Hardware9 Monitoring] USBhardware9.exe
O4 - HKLM\..\RunServices: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MS Windows Executor Process] MSEXECP32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
1 mars 2007 à 22:43
re

as tu fixé les lignes ???

++
0
Oui , pourqu'oi ?
Excuse le délai mais était en train de désisntaller sur le PC fix le pare feu Zone Alarm au profit de Kerio
0
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 2 162
1 mars 2007 à 23:11
Une impression de déjà vu :)

est-ce un new hijack alors ???


pourquoi déinstaller ZA ???

++
0