Sujet Précédent Sujet Suivant

DEMARRAGE TRES LENT

dezactives Messages postés 10 Statut Membre -  
 willgt -
BONSOIR A TOUS

je tenais à profiter de vos lumières car les miennes semblent ne plus éclairer grand choses , en effet je suis devant un dilemne depuis 6 bon mois : " mon pc demarre 3 à 4 minutes après avoir appuyer sur le bouton power , quelqu'un a t'il une idée ou a déjà rencontré ce problème....à part cela le pc vieux de 4 ans tourne trés bien....dans l'attente d'une de vos réponse , merci à tous
A voir également:

16 réponses

Réponse 1 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
salut

Télécharge HijackThis en FR sur cette page:

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

clic sur "J'accepte".

Utilisation :

* L'installer dans un dossier prévu à cet effet.
o Par exemple, C:\HijackThis
o Choisis l'option "faire un scan et sauvegarder le log"; un rapport va être généré…
o Copier/coller le rapport sur le forum virus/sécurité.

Tutoriel d'utilisation, section "Générer un rapport" ici
(Merci à balltrap34 pour cette réalisation)

bizz
0
Réponse 2 / 16
dezactives Messages postés 10 Statut Membre
 
merci à toi Raleuboleu , j'ai collé le log sur le forum concerné , merci en attente de ta réponse , merci
0
Réponse 3 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
re moi

euh mets le ici le log paske sinan je vais peut ete pas te retrouver loool

bizz
0
dezactives Messages postés 10 Statut Membre
 
Logfile of HijackThis v1.99.1
Scan saved at 00:20:52, on 09/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\AutoGK\AutoGK.exe
F:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O2 - BHO: (no name) - {4DD3C70C-611A-4745-9937-C291884F82CE} - C:\WINDOWS\Config\awveniet.dll (file missing)
O2 - BHO: (no name) - {68069B37-06A0-465B-9C2C-DD2D6ACF99B5} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {842F1E58-4F81-49B8-88B6-334B7CB2367b} - C:\WINDOWS\system32\glbxtsmy.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Dispatcher] C:\WINDOWS\dispatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: http://locator1.cdn.imageservr.com
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} (VacPro.int_ver22b) - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awveniet - C:\WINDOWS\Config\awveniet.dll (file missing)
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\system32\catsrvut.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjrs32 - winjrs32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
0
raleuboleu Messages postés 5028 Statut Membre 79
 
salut

bon as tu fais le scan en ligne avec bitdefender ?

sinon, fais le stp

de plus sur hijack coches deja ces lignes :

- O2 - BHO: (no name) - {4DD3C70C-611A-4745-9937-C291884F82CE} - C:\WINDOWS\Config\awveniet.dll (file missing)

- 2 - BHO: (no name) - {68069B37-06A0-465B-9C2C-DD2D6ACF99B5} - (no file)

- O2 - BHO: (no name) - {842F1E58-4F81-49B8-88B6-334B7CB2367b} - C:\WINDOWS\system32\glbxtsmy.dll

- O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll

- O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll

- O4 - HKLM\..\Run: [Dispatcher] C:\WINDOWS\dispatcher.exe

- O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com

- O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com

- O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123

- 16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} (VacPro.int_ver22b) - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB

-O20 - Winlogon Notify: winjrs32 - winjrs32.dll (file missing)



coche celle ci a moins que tu connaisses :

- O15 - Trusted Zone: http://locator.cdn.imageservr.com

- O15 - Trusted Zone: http://locator1.cdn.imageservr.com

clic ensuite sur fix chechek

poste dans ton prochain poste le rapport du scan ainsi qu'un nouveau log hijack stp

moi je regarde 1 truc car tu as ceci ::::Troj/Dloadr-As

peux tu me dire quel pare feu as tu stp

bizz
0
dezactives > raleuboleu Messages postés 5028 Statut Membre
 
Salut Raleuboleu , je viens à l 'instant de passer Bitdefender voici ce que cela donne :


//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 09/05/2007 21:04:27
//
//-----------------------------------------------------------------


Statistics

Scan path : C:\WINDOWS\system32\
Folders : 215
Files : 7348
Archives : 21
Packed files : 328
Identified viruses : 2
Infected files : 9
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 9
Renamed files : 0
I/O errors : 12
Scan time : 00:03:40
Scan speed (files/sec) : 33

Virus definitions : 505294
Scan plugins : 14
Archive plugins : 38
Unpack plugins : 6
Mail plugins : 6
System plugins : 1

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report

Summary:

C:\WINDOWS\system32\ylmxfdwj.exe Infected Trojan.Adload.MAS
C:\WINDOWS\system32\ylmxfdwj.exe Disinfection failed
C:\WINDOWS\system32\ylmxfdwj.exe Move failed: Quarantine full
C:\WINDOWS\system32\pppyxfqd.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\pppyxfqd.dll Disinfection failed
C:\WINDOWS\system32\pppyxfqd.dll Moved
C:\WINDOWS\system32\gfpjxyii.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\gfpjxyii.dll Disinfection failed
C:\WINDOWS\system32\gfpjxyii.dll Moved
C:\WINDOWS\system32\qkritbdv.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\qkritbdv.dll Disinfection failed
C:\WINDOWS\system32\qkritbdv.dll Moved
C:\WINDOWS\system32\glbxtsmy.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\glbxtsmy.dll Disinfection failed
C:\WINDOWS\system32\glbxtsmy.dll Moved
C:\WINDOWS\system32\ldxcijpp.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\ldxcijpp.dll Disinfection failed
C:\WINDOWS\system32\ldxcijpp.dll Moved
C:\WINDOWS\system32\mluttrxw.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\mluttrxw.dll Disinfection failed
C:\WINDOWS\system32\mluttrxw.dll Moved
C:\WINDOWS\system32\vemwqvlr.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\vemwqvlr.dll Disinfection failed
C:\WINDOWS\system32\vemwqvlr.dll Moved
C:\WINDOWS\system32\xfllhylw.dll Infected Trojan.BHO.AR
C:\WINDOWS\system32\xfllhylw.dll Disinfection failed
C:\WINDOWS\system32\xfllhylw.dll Moved

Scanned files

C:\=>Master Boot Record OK
C:\=>Primary partition 1 (Active) OK
C:\=>Logical partition 1 OK
C:\WINDOWS\system32\config\system.LOG OK
C:\WINDOWS\system32\config\software.LOG OK
C:\WINDOWS\system32\config\default.LOG OK
C:\WINDOWS\system32\config\userdiff.LOG OK
C:\WINDOWS\system32\config\TempKey.LOG OK
C:\WINDOWS\system32\config\SAM.LOG OK
C:\WINDOWS\system32\config\SECURITY.LOG OK
C:\WINDOWS\system32\config\AppEvent.Evt OK
C:\WINDOWS\system32\config\SecEvent.Evt OK
C:\WINDOWS\system32\config\SysEvent.Evt OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012006123020061231\index.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat=>REMOVED_NULLS OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UPEFST6V\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\MLCRMFKT\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GF6LMX4H\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WB6NAFU3\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Modèles\winword.doc OK
C:\WINDOWS\system32\config\systemprofile\Modèles\winword2.doc OK
C:\WINDOWS\system32\config\systemprofile\Modèles\wordpfct.wpd OK
C:\WINDOWS\system32\config\systemprofile\Modèles\wordpfct.wpg OK
C:\WINDOWS\system32\config\systemprofile\Modèles\excel4.xls OK
C:\WINDOWS\system32\config\systemprofile\Modèles\lotus.wk4 OK
C:\WINDOWS\system32\config\systemprofile\Modèles\powerpnt.ppt OK
C:\WINDOWS\system32\config\systemprofile\Modèles\quattro.wb2 OK
C:\WINDOWS\system32\config\systemprofile\Modèles\sndrec.wav OK
C:\WINDOWS\system32\config\systemprofile\Modèles\presenta.shw OK
C:\WINDOWS\system32\config\systemprofile\Modèles\amipro.sam OK
C:\WINDOWS\system32\config\systemprofile\Modèles\excel.xls OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk=>C:\WINDOWS\system32\magnify.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk=>C:\WINDOWS\system32\osk.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk=>C:\WINDOWS\system32\utilman.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk=>C:\Program Files\Windows Media Player\wmplayer.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk=>C:\WINDOWS\system32\notepad.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk=>C:\WINDOWS\system32\mobsync.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Visite guidée de Windows XP.lnk=>C:\WINDOWS\system32\tourstart.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk=>C:\WINDOWS\system32\cmd.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk=>C:\WINDOWS\explorer.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Lecteur Windows Media.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Assistance à distance.lnk OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Assistance à distance.lnk=>C:\WINDOWS\system32\rcimlby.exe OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\SendTo\Dossier compressé.ZFSendToTarget OK
C:\WINDOWS\system32\config\systemprofile\SendTo\Destinataire.MAPIMail OK
C:\WINDOWS\system32\config\systemprofile\SendTo\Bureau (créer un raccourci).DeskLink OK
C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG OK
C:\WINDOWS\system32\config\systemprofile\ntuser.dat OK
C:\WINDOWS\system32\config\Antiviru.evt OK
C:\WINDOWS\system32\config\Antivirus.Evt OK
C:\WINDOWS\system32\config\system.tmp.LOG OK
C:\WINDOWS\system32\config\software.tmp.LOG OK
C:\WINDOWS\system32\config\default.tmp.LOG OK
C:\WINDOWS\system32\config\userdifr OK
C:\WINDOWS\system32\config\userdifr.LOG OK
C:\WINDOWS\system32\config\SECURITY_TU_18828.LOG OK
C:\WINDOWS\system32\config\SECURITY_BAK_18828 OK
C:\WINDOWS\system32\config\SOFTWARE_TU_46914.LOG OK
C:\WINDOWS\system32\config\SOFTWARE_BAK_46914 OK
C:\WINDOWS\system32\config\SYSTEM_TU_81327.LOG OK
C:\WINDOWS\system32\config\SYSTEM_BAK_81327 OK
C:\WINDOWS\system32\config\DEFAULT_TU_34996.LOG OK
C:\WINDOWS\system32\config\DEFAULT_BAK_34996 OK
C:\WINDOWS\system32\config\SAM_TU_22248.LOG OK
C:\WINDOWS\system32\config\SAM_BAK_22248 OK
C:\WINDOWS\system32\config\SECURITY OK
C:\WINDOWS\system32\config\software.sav OK
C:\WINDOWS\system32\config\system.sav OK
C:\WINDOWS\system32\config\default.sav OK
C:\WINDOWS\system32\config\SAM OK
C:\WINDOWS\system32\config\userdiff OK
C:\WINDOWS\system32\config\security.sav OK
C:\WINDOWS\system32\config\SYSTEM OK
C:\WINDOWS\system32\config\SOFTWARE OK
C:\WINDOWS\system32\config\DEFAULT OK
C:\WINDOWS\system32\drivers\etc\hosts OK
C:\WINDOWS\system32\drivers\etc\lmhosts.sam OK
C:\WINDOWS\system32\drivers\etc\networks OK
C:\WINDOWS\system32\drivers\etc\protocol OK
C:\WINDOWS\system32\drivers\etc\services OK
C:\WINDOWS\system32\drivers\etc\hosts.msn OK
C:\WINDOWS\system32\drivers\ndistapi.sys OK
C:\WINDOWS\system32\drivers\ptilink.sys OK
C:\WINDOWS\system32\drivers\raspti.sys OK
C:\WINDOWS\system32\drivers\ndproxy.sys OK
C:\WINDOWS\system32\drivers\cdaudio.sys OK
C:\WINDOWS\system32\drivers\fs_rec.sys OK
C:\WINDOWS\system32\drivers\null.sys OK
C:\WINDOWS\system32\drivers\beep.sys OK
C:\WINDOWS\system32\drivers\rdpcdd.sys OK
C:\WINDOWS\system32\drivers\rasacd.sys OK
C:\WINDOWS\system32\drivers\fips.sys OK
C:\WINDOWS\system32\drivers\dxgthk.sys OK
C:\WINDOWS\system32\drivers\swmidi.sys OK
C:\WINDOWS\system32\drivers\parvdm.sys OK
C:\WINDOWS\system32\drivers\atmepvc.sys OK
C:\WINDOWS\system32\drivers\atmuni.sys OK
C:\WINDOWS\system32\drivers\cinemst2.sys OK
C:\WINDOWS\system32\drivers\cpqdap01.sys OK
C:\WINDOWS\system32\drivers\dxapi.sys OK
C:\WINDOWS\system32\drivers\gm.dls OK
C:\WINDOWS\system32\drivers\gmreadme.txt OK
C:\WINDOWS\system32\drivers\ipfltdrv.sys OK
C:\WINDOWS\system32\drivers\mcd.sys OK
C:\WINDOWS\system32\drivers\nikedrv.sys OK
C:\WINDOWS\system32\drivers\nwlnkflt.sys OK
C:\WINDOWS\system32\drivers\nwlnkfwd.sys OK
C:\WINDOWS\system32\drivers\nwlnknb.sys OK
C:\WINDOWS\system32\drivers\nwlnkspx.sys OK
C:\WINDOWS\system32\drivers\rawwan.sys OK
C:\WINDOWS\system32\drivers\rio8drv.sys OK
C:\WINDOWS\system32\drivers\riodrv.sys OK
C:\WINDOWS\system32\drivers\rootmdm.sys OK
C:\WINDOWS\system32\drivers\smclib.sys OK
C:\WINDOWS\system32\drivers\tosdvd.sys OK
C:\WINDOWS\system32\drivers\tsbvcap.sys OK
C:\WINDOWS\system32\drivers\pciide.sys OK
C:\WINDOWS\system32\drivers\RMCast.sys OK
C:\WINDOWS\system32\drivers\usbcamd.sys OK
C:\WINDOWS\system32\drivers\usbcamd2.sys OK
C:\WINDOWS\system32\drivers\vdmindvd.sys OK
C:\WINDOWS\system32\drivers\ws2ifsl.sys OK
C:\WINDOWS\system32\drivers\mnmdd.sys OK
C:\WINDOWS\system32\drivers\fsvga.sys OK
C:\WINDOWS\system32\drivers\atapi.sys OK
C:\WINDOWS\system32\drivers\ohci1394.sys OK
C:\WINDOWS\system32\drivers\1394bus.sys OK
C:\WINDOWS\system32\drivers\acpi.sys OK
C:\WINDOWS\system32\drivers\usbd.sys OK
C:\WINDOWS\system32\drivers\wmilib.sys OK
C:\WINDOWS\system32\drivers\dmload.sys OK
C:\WINDOWS\system32\drivers\ftdisk.sys OK
C:\WINDOWS\system32\drivers\partmgr.sys OK
C:\WINDOWS\system32\drivers\pci.sys OK
C:\WINDOWS\system32\drivers\mountmgr.sys OK
C:\WINDOWS\system32\drivers\mrxdav.sys OK
C:\WINDOWS\system32\drivers\tdi.sys OK
C:\WINDOWS\system32\drivers\hidparse.sys OK
C:\WINDOWS\system32\drivers\ndis.sys OK
C:\WINDOWS\system32\drivers\mrxsmb.sys OK
C:\WINDOWS\system32\drivers\rdbss.sys OK
C:\WINDOWS\system32\drivers\msfs.sys OK
C:\WINDOWS\system32\drivers\mup.sys OK
C:\WINDOWS\system32\drivers\cbidf2k.sys OK
C:\WINDOWS\system32\drivers\pciidex.sys OK
C:\WINDOWS\system32\drivers\volsnap.sys OK
C:\WINDOWS\system32\drivers\p3.sys OK
C:\WINDOWS\system32\drivers\videoprt.sys OK
C:\WINDOWS\system32\drivers\portcls.sys OK
C:\WINDOWS\system32\drivers\drmk.sys OK
C:\WINDOWS\system32\drivers\ks.sys OK
C:\WINDOWS\system32\drivers\modem.sys OK
C:\WINDOWS\system32\drivers\usbstor.sys OK
C:\WINDOWS\system32\drivers\fdc.sys OK
C:\WINDOWS\system32\drivers\cdrom.sys OK
C:\WINDOWS\system32\drivers\rasl2tp.sys OK
C:\WINDOWS\system32\drivers\ndiswan.sys OK
C:\WINDOWS\system32\drivers\raspppoe.sys OK
C:\WINDOWS\system32\drivers\raspptp.sys OK
C:\WINDOWS\system32\drivers\psched.sys OK
C:\WINDOWS\system32\drivers\msgpc.sys OK
C:\WINDOWS\system32\drivers\swenum.sys OK
C:\WINDOWS\system32\drivers\flpydisk.sys OK
C:\WINDOWS\system32\drivers\sfloppy.sys OK
C:\WINDOWS\system32\drivers\vga.sys OK
C:\WINDOWS\system32\drivers\ipsec.sys OK
C:\WINDOWS\system32\drivers\tcpip.sys OK
C:\WINDOWS\system32\drivers\netbt.sys OK
C:\WINDOWS\system32\drivers\wanarp.sys OK
C:\WINDOWS\system32\drivers\imapi.sys OK
C:\WINDOWS\system32\drivers\usbhub.sys OK
C:\WINDOWS\system32\drivers\dxg.sys OK
C:\WINDOWS\system32\drivers\afd.sys OK
C:\WINDOWS\system32\drivers\wdmaud.sys OK
C:\WINDOWS\system32\drivers\sysaudio.sys OK
C:\WINDOWS\system32\drivers\aec.sys OK
C:\WINDOWS\system32\drivers\kmixer.sys OK
C:\WINDOWS\system32\drivers\hidclass.sys OK
C:\WINDOWS\system32\drivers\amdk7.sys OK
C:\WINDOWS\system32\drivers\arp1394.sys OK
C:\WINDOWS\system32\drivers\asyncmac.sys OK
C:\WINDOWS\system32\drivers\atmarpc.sys OK
C:\WINDOWS\system32\drivers\atmlane.sys OK
C:\WINDOWS\system32\drivers\bridge.sys OK
C:\WINDOWS\system32\drivers\cdfs.sys OK
C:\WINDOWS\system32\drivers\crusoe.sys OK
C:\WINDOWS\system32\drivers\dmboot.sys OK
C:\WINDOWS\system32\drivers\http.sys OK
C:\WINDOWS\system32\drivers\intelppm.sys OK
C:\WINDOWS\system32\drivers\ip6fw.sys OK
C:\WINDOWS\system32\drivers\ipinip.sys OK
C:\WINDOWS\system32\drivers\usbport.sys OK
C:\WINDOWS\system32\drivers\mf.sys OK
C:\WINDOWS\system32\drivers\mpe.sys OK
C:\WINDOWS\system32\drivers\mqac.sys OK
C:\WINDOWS\system32\drivers\usbohci.sys OK
C:\WINDOWS\system32\drivers\mspclock.sys OK
C:\WINDOWS\system32\drivers\mssmbios.sys OK
C:\WINDOWS\system32\drivers\nwlnkipx.sys OK
C:\WINDOWS\system32\drivers\nwrdr.sys OK
C:\WINDOWS\system32\drivers\pcmcia.sys OK
C:\WINDOWS\system32\drivers\rndismp.sys OK
C:\WINDOWS\system32\drivers\scsiport.sys OK
C:\WINDOWS\system32\drivers\sdbus.sys OK
C:\WINDOWS\system32\drivers\secdrv.sys OK
C:\WINDOWS\system32\drivers\sffdisk.sys OK
C:\WINDOWS\system32\drivers\sffp_sd.sys OK
C:\WINDOWS\system32\drivers\slip.sys OK
C:\WINDOWS\system32\drivers\sonydcam.sys OK
C:\WINDOWS\system32\drivers\stream.sys OK
C:\WINDOWS\system32\drivers\tape.sys OK
C:\WINDOWS\system32\drivers\tunmp.sys OK
C:\WINDOWS\system32\drivers\usbehci.sys OK
C:\WINDOWS\system32\drivers\usb8023.sys OK
C:\WINDOWS\system32\drivers\usbccgp.sys OK
C:\WINDOWS\system32\drivers\usbser.sys OK
C:\WINDOWS\system32\drivers\usbintel.sys OK
C:\WINDOWS\system32\drivers\agpcpq.sys OK
C:\WINDOWS\system32\drivers\viaagp.sys OK
C:\WINDOWS\system32\drivers\serial.sys OK
C:\WINDOWS\system32\drivers\disk.sys OK
C:\WINDOWS\system32\drivers\classpnp.sys OK
C:\WINDOWS\system32\drivers\dmio.sys OK
C:\WINDOWS\system32\drivers\ksecdd.sys OK
C:\WINDOWS\system32\drivers\netbios.sys OK
C:\WINDOWS\system32\drivers\npfs.sys OK
C:\WINDOWS\system32\drivers\i8042prt.sys OK
C:\WINDOWS\system32\drivers\mouclass.sys OK
C:\WINDOWS\system32\drivers\kbdclass.sys OK
C:\WINDOWS\system32\drivers\serenum.sys OK
C:\WINDOWS\system32\drivers\parport.sys OK
C:\WINDOWS\system32\drivers\fastfat.sys OK
C:\WINDOWS\system32\drivers\drmkaud.sys OK
C:\WINDOWS\system32\drivers\irenum.sys OK
C:\WINDOWS\system32\drivers\srv.sys OK
C:\WINDOWS\system32\drivers\ndisuio.sys OK
C:\WINDOWS\system32\drivers\enum1394.sys OK
C:\WINDOWS\system32\drivers\diskdump.sys OK
C:\WINDOWS\system32\drivers\processr.sys OK
C:\WINDOWS\system32\drivers\amdk6.sys OK
C:\WINDOWS\system32\drivers\BdaSup.sys OK
C:\WINDOWS\system32\drivers\redbook.sys OK
C:\WINDOWS\system32\drivers\ipnat.sys OK
C:\WINDOWS\system32\drivers\mskssrv.sys OK
C:\WINDOWS\system32\drivers\audstub.sys OK
C:\WINDOWS\system32\drivers\mspqm.sys OK
C:\WINDOWS\system32\drivers\nic1394.sys OK
C:\WINDOWS\system32\drivers\termdd.sys OK
C:\WINDOWS\system32\drivers\nmnt.sys OK
C:\WINDOWS\system32\drivers\ntfs.sys OK
C:\WINDOWS\system32\drivers\rdpdr.sys OK
C:\WINDOWS\system32\drivers\NdisIP.sys OK
C:\WINDOWS\system32\drivers\tcpip6.sys OK
C:\WINDOWS\system32\drivers\tdpipe.sys OK
C:\WINDOWS\system32\drivers\udfs.sys OK
C:\WINDOWS\system32\drivers\tdtcp.sys OK
C:\WINDOWS\system32\drivers\agp440.sys OK
C:\WINDOWS\system32\drivers\sr.sys OK
C:\WINDOWS\system32\drivers\StreamIP.sys OK
C:\WINDOWS\system32\drivers\fltMgr.sys OK
C:\WINDOWS\system32\drivers\rdpwd.sys OK
C:\WINDOWS\system32\drivers\alim1541.sys OK
C:\WINDOWS\system32\drivers\amdagp.sys OK
C:\WINDOWS\system32\drivers\ElbyCDIO.sys OK
C:\WINDOWS\system32\drivers\gagp30kx.sys OK
C:\WINDOWS\system32\drivers\sisagp.sys OK
C:\WINDOWS\system32\drivers\uagp35.sys OK
C:\WINDOWS\system32\drivers\acpiec.sys OK
C:\WINDOWS\system32\drivers\ElbyDelay.sys OK
C:\WINDOWS\system32\drivers\aavmker4.sys OK
C:\WINDOWS\system32\drivers\aswmon.sys OK
C:\WINDOWS\system32\drivers\aswmon2.sys OK
C:\WINDOWS\system32\drivers\aswTdi.sys OK
C:\WINDOWS\system32\drivers\oprghdlr.sys OK
C:\WINDOWS\system32\drivers\nv4_mini.sys OK
C:\WINDOWS\system32\drivers\Mrv8000c.sys OK
C:\WINDOWS\system32\drivers\usbsermpt.sys OK
C:\WINDOWS\system32\drivers\pcouffin.sys OK
C:\WINDOWS\system32\drivers\update.sys OK
C:\WINDOWS\system32\drivers\usbscan.sys OK
C:\WINDOWS\system32\drivers\isapnp.sys OK
C:\WINDOWS\system32\drivers\AvgAsCln.sys OK
C:\WINDOWS\system32\drivers\oobctm.sys OK
C:\WINDOWS\system32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf OK
C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll OK
C:\WINDOWS\system32\drivers\WudfPf.sys OK
C:\WINDOWS\system32\drivers\WudfRd.sys OK
C:\WINDOWS\system32\drivers\wpdusb.sys OK
C:\WINDOWS\system32\drivers\USBAUDIO.sys OK
C:\WINDOWS\system32\drivers\PxHelp20.sys OK
C:\WINDOWS\system32\drivers\NETMDUSB.sys OK
C:\WINDOWS\system32\drivers\NETMD031.sys OK
C:\WINDOWS\system32\drivers\NWWMUSB.sys OK
C:\WINDOWS\system32\drivers\NETMD033.sys OK
C:\WINDOWS\system32\drivers\VMCUSB.sys OK
C:\WINDOWS\system32\drivers\DMusic.sys OK
C:\WINDOWS\system32\drivers\splitter.sys OK
C:\WINDOWS\system32\drivers\emBDA.sys OK
C:\WINDOWS\system32\drivers\emOEM.sys OK
C:\WINDOWS\system32\drivers\CCDECODE.sys OK
C:\WINDOWS\system32\drivers\NABTSFEC.sys OK
C:\WINDOWS\system32\drivers\WSTCODEC.SYS OK
C:\WINDOWS\system32\drivers\MSTEE.sys OK
C:\WINDOWS\system32\drivers\emAudio.sys OK
C:\WINDOWS\system32\drivers\aswRdr.sys OK
C:\WINDOWS\system32\drivers\nv_agp.SYS OK
C:\WINDOWS\system32\drivers\NVENET.sys OK
C:\WINDOWS\system32\drivers\jedih2rx.bin OK
C:\WINDOWS\system32\drivers\ramsed.bin OK
C:\WINDOWS\system32\drivers\jedireg.pat OK
C:\WINDOWS\system32\drivers\nvax.sys OK
C:\WINDOWS\system32\drivers\nvarm.sys OK
C:\WINDOWS\system32\drivers\nvmcp.sys OK
C:\WINDOWS\system32\drivers\nvapu.sys OK
C:\WINDOWS\system32\drivers\usbprint.sys OK
C:\WINDOWS\system32\drivers\HPZius12.sys OK
C:\WINDOWS\system32\drivers\hpzid412.sys OK
C:\WINDOWS\system32\drivers\HPZipr12.sys OK
C:\WINDOWS\system32\drivers\pctvnet.sys OK
C:\WINDOWS\system32\drivers\tap0801.sys OK
C:\WINDOWS\system32\drivers\Camdrl.sys OK
C:\WINDOWS\system32\drivers\LVSVF2.sys OK
C:\WINDOWS\system32\drivers\LVUSBSta.sys OK
C:\WINDOWS\system32\drivers\RegKill.sys OK
C:\WINDOWS\system32\drivers\AnyDVD.sys OK
C:\WINDOWS\system32\ras\cis.scp OK
C:\WINDOWS\system32\ras\pad.inf OK
C:\WINDOWS\system32\ras\pppmenu.scp OK
C:\WINDOWS\system32\ras\slip.scp OK
C:\WINDOWS\system32\ras\slipmenu.scp OK
C:\WINDOWS\system32\ras\switch.inf OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpz2ku09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpm309.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpop1309.dat OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfmom09.hlp OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzimc09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstw09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzslk09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzr3209.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzrm309.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzcon09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzcfg09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzeng09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzflt09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzime09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzrer09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzjui09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpre09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzres09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstc09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbi09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbu09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbx09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzlnt09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzsnt09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzcoi09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzvip09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\PLOTTER.DLL OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\PLOTUI.DLL OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\HPGL2PEN.PCD OK
C:\WINDOWS\system32\spool\drivers\w32x86\3\PLOTUI.HLP OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzimc09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzstw09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpfmom09.hlp OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzslk09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzr3209.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzrm309.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzcon09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzcfg09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzeng09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzflt09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzime09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzrer09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzjui09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzpre09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzres09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzstc09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpztbi09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpztbu09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpztbx09.exe OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzpm309.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpz2ku09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzlnt09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzsnt09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzcoi09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpzvip09.dll OK
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1300_series7216\hpop1309.dat OK
C:\WINDOWS\system32\spool\drivers\color\CIERGB.icc OK
C:\WINDOWS\system32\spool\drivers\color\NTSC1953.icc OK
C:\WINDOWS\system32\spool\drivers\color\pcd4050e.icm OK
C:\WINDOWS\system32\spool\drivers\color\pcd4050k.icm OK
C:\WINDOWS\system32\spool\drivers\color\pcdcnycc.icm OK
C:\WINDOWS\system32\spool\drivers\color\pcdekycc.icm OK
C:\WINDOWS\system32\spool\drivers\color\pcdkoycc.icm OK
C:\WINDOWS\system32\spool\drivers\color\SMPTE-C.icc OK
C:\WINDOWS\system32\spool\drivers\color\stdpyccl.icm OK
C:\WINDOWS\system32\spool\drivers\color\PAL_SECAM.icc OK
C:\WINDOWS\system32\spool\drivers\color\Photoshop4DefaultCMYK.icc OK
C:\WINDOWS\system32\spool\drivers\color\Photoshop5DefaultCMYK.icc OK
C:\WINDOWS\system32\spool\drivers\color\ProPhoto.icm OK
C:\WINDOWS\system32\spool\drivers\color\WideGamutRGB.icc OK
C:\WINDOWS\system32\spool\drivers\color\AdobeRGB1998.icc OK
C:\WINDOWS\system32\spool\drivers\color\AppleRGB.icc OK
C:\WINDOWS\system32\spool\drivers\color\ColorMatchRGB.icc OK
C:\WINDOWS\system32\spool\drivers\color\EuroscaleCoated.icc OK
C:\WINDOWS\system32\spool\drivers\color\EuroscaleUncoated.icc OK
C:\WINDOWS\system32\spool\drivers\color\JapanStandard.icc OK
C:\WINDOWS\system32\spool\drivers\color\USSheetfedCoated.icc OK
C:\WINDOWS\system32\spool\drivers\color\USSheetfedUncoated.icc OK
C:\WINDOWS\system32\spool\drivers\color\USWebCoatedSWOP.icc OK
C:\WINDOWS\system32\spool\drivers\color\USWebUncoated.icc OK
C:\WINDOWS\system32\spool\drivers\color\kodak_dc.icm OK
C:\WINDOWS\system32\spool\drivers\color\sRGB Color Space Profile.icm OK
C:\WINDOWS\system32\spool\drivers\color\is330.icm OK
C:\WINDOWS\system32\Setup\comsetup.dll OK
C:\WINDOWS\system32\Setup\imsinsnt.dll OK
C:\WINDOWS\system32\Setup\msdtcstp.dll OK
C:\WINDOWS\system32\Setup\zoneoc.dll OK
C:\WINDOWS\system32\Setup\fsconins.dll OK
C:\WINDOWS\system32\Setup\fp40ext.dll OK
C:\WINDOWS\system32\Setup\fxsocm.dll OK
C:\WINDOWS\system32\Setup\iis.dll OK
C:\WINDOWS\system32\Setup\msmqocm.dll OK
C:\WINDOWS\system32\Setup\netfxocm.dll OK
C:\WINDOWS\system32\Setup\netoc.dll OK
C:\WINDOWS\system32\Setup\ntoc.dll OK
C:\WINDOWS\system32\Setup\ocgen.dll OK
C:\WINDOWS\system32\Setup\setupqry.dll OK
C:\WINDOWS\system32\Setup\tsoc.dll OK
C:\WINDOWS\system32\Setup\tabletoc.dll OK
C:\WINDOWS\system32\Setup\medctroc.dll OK
C:\WINDOWS\system32\Setup\ocmsn.dll OK
C:\WINDOWS\system32\Setup\msgrocm.dll OK
C:\WINDOWS\system32\wbem\mof\good\msioff10.mof OK
C:\WINDOWS\system32\wbem\xml\cim20.dtd OK
C:\WINDOWS\system32\wbem\xml\wmi20.dtd OK
C:\WINDOWS\system32\wbem\xml\wmi2xml.dll OK
C:\WINDOWS\system32\wbem\Logs\wbemess.log OK
C:\WINDOWS\system32\wbem\Logs\wmiprov.log OK
C:\WINDOWS\system32\wbem\Logs\wmiadap.log OK
C:\WINDOWS\system32\wbem\cimwin32.dll OK
C:\WINDOWS\system32\wbem\csv.xsl OK
C:\WINDOWS\system32\wbem\esscli.dll OK
C:\WINDOWS\system32\wbem\fastprox.dll OK
C:\WINDOWS\system32\wbem\framedyn.dll OK
C:\WINDOWS\system32\wbem\hform.xsl OK
C:\WINDOWS\system32\wbem\htable.xsl OK
C:\WINDOWS\system32\wbem\krnlprov.dll OK
C:\WINDOWS\system32\wbem\mof.xsl OK
C:\WINDOWS\system32\wbem\mofcomp.exe OK
C:\WINDOWS\system32\wbem\mofd.dll OK
C:\WINDOWS\system32\wbem\ncprov.dll OK
C:\WINDOWS\system32\wbem\ntevt.dll OK
C:\WINDOWS\system32\wbem\policman.dll OK
C:\WINDOWS\system32\wbem\provthrd.dll OK
C:\WINDOWS\system32\wbem\rawxml.xsl OK
C:\WINDOWS\system32\wbem\repdrvfs.dll OK
C:\WINDOWS\system32\wbem\scrcons.exe OK
C:\WINDOWS\system32\wbem\stdprov.dll OK
C:\WINDOWS\system32\wbem\texttable.xsl OK
C:\WINDOWS\system32\wbem\textvaluelist.xsl OK
C:\WINDOWS\system32\wbem\viewprov.dll OK
C:\WINDOWS\system32\wbem\wbemcntl.dll OK
C:\WINDOWS\system32\wbem\wbemcomn.dll OK
C:\WINDOWS\system32\wbem\wbemcons.dll OK
C:\WINDOWS\system32\wbem\wbemcore.dll OK
C:\WINDOWS\system32\wbem\wbemdisp.dll OK
C:\WINDOWS\system32\wbem\wbemess.dll OK
C:\WINDOWS\system32\wbem\wbemprox.dll OK
C:\WINDOWS\system32\wbem\wbemsvc.dll OK
C:\WINDOWS\system32\wbem\wbemtest.exe OK
C:\WINDOWS\system32\wbem\wbemupgd.dll OK
C:\WINDOWS\system32\wbem\wmiadap.exe OK
C:\WINDOWS\system32\wbem\wmiapres.dll OK
C:\WINDOWS\system32\wbem\wmiaprpl.dll OK
C:\WINDOWS\system32\wbem\wmiapsrv.exe OK
C:\WINDOWS\system32\wbem\wmic.exe OK
C:\WINDOWS\system32\wbem\wmicookr.dll OK
C:\WINDOWS\system32\wbem\wmidcprv.dll OK
C:\WINDOWS\system32\wbem\wmipcima.dll OK
C:\WINDOWS\system32\wbem\wmipdskq.dll OK
C:\WINDOWS\system32\wbem\wmipiprt.dll OK
C:\WINDOWS\system32\wbem\wmipjobj.dll OK
C:\WINDOWS\system32\wbem\wmiprov.dll OK
C:\WINDOWS\system32\wbem\wmiprvsd.dll OK
C:\WINDOWS\system32\wbem\wmiprvse.exe OK
C:\WINDOWS\system32\wbem\wmipsess.dll OK
C:\WINDOWS\system32\wbem\wmisvc.dll OK
C:\WINDOWS\system32\wbem\wmiutils.dll OK
C:\WINDOWS\system32\wbem\xml.xsl OK
C:\WINDOWS\system32\wbem\xsl-mappings.xml OK
C:\WINDOWS\system32\wbem\xsl-mappings.xml=>(unicode) OK
C:\WINDOWS\system32\wbem\cimwin32.mfl OK
C:\WINDOWS\system32\wbem\cimwin32.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\cimwin32.mof OK
C:\WINDOWS\system32\wbem\cimwin32.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\cli.mof OK
C:\WINDOWS\system32\wbem\cli.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\cliegaliases.mfl OK
C:\WINDOWS\system32\wbem\cliegaliases.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\cliegaliases.mof OK
C:\WINDOWS\system32\wbem\cliegaliases.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\licwmi.mfl OK
C:\WINDOWS\system32\wbem\licwmi.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\licwmi.mof OK
C:\WINDOWS\system32\wbem\licwmi.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmi.mof OK
C:\WINDOWS\system32\wbem\wmi.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\tscfgwmi.mof OK
C:\WINDOWS\system32\wbem\tscfgwmi.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\tscfgwmi.mfl OK
C:\WINDOWS\system32\wbem\tscfgwmi.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\dsprov.dll OK
C:\WINDOWS\system32\wbem\fwdprov.dll OK
C:\WINDOWS\system32\wbem\htable-sortby.xsl OK
C:\WINDOWS\system32\wbem\msiprov.dll OK
C:\WINDOWS\system32\wbem\smtpcons.dll OK
C:\WINDOWS\system32\wbem\texttablewsys.xsl OK
C:\WINDOWS\system32\wbem\tmplprov.dll OK
C:\WINDOWS\system32\wbem\trnsprov.dll OK
C:\WINDOWS\system32\wbem\unsecapp.exe OK
C:\WINDOWS\system32\wbem\updprov.dll OK
C:\WINDOWS\system32\wbem\wbemads.dll OK
C:\WINDOWS\system32\wbem\wbemads.tlb OK
C:\WINDOWS\system32\wbem\wbemdisp.tlb OK
C:\WINDOWS\system32\wbem\winmgmt.exe OK
C:\WINDOWS\system32\wbem\winmgmtr.dll OK
C:\WINDOWS\system32\wbem\wmiclimofformat.xsl OK
C:\WINDOWS\system32\wbem\wmiclitableformat.xsl OK
C:\WINDOWS\system32\wbem\wmiclitableformatnosys.xsl OK
C:\WINDOWS\system32\wbem\wmimsg.dll OK
C:\WINDOWS\system32\wbem\wmipicmp.dll OK
C:\WINDOWS\system32\wbem\wmitimep.dll OK
C:\WINDOWS\system32\wbem\dsprov.mfl OK
C:\WINDOWS\system32\wbem\dsprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\dsprov.mof OK
C:\WINDOWS\system32\wbem\dsprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\fconprov.mfl OK
C:\WINDOWS\system32\wbem\fconprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\fconprov.mof OK
C:\WINDOWS\system32\wbem\fconprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\fevprov.mfl OK
C:\WINDOWS\system32\wbem\fevprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\fevprov.mof OK
C:\WINDOWS\system32\wbem\fevprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\krnlprov.mfl OK
C:\WINDOWS\system32\wbem\krnlprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\krnlprov.mof OK
C:\WINDOWS\system32\wbem\krnlprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\msi.mfl OK
C:\WINDOWS\system32\wbem\msi.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\msi.mof OK
C:\WINDOWS\system32\wbem\msi.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\ncprov.mfl OK
C:\WINDOWS\system32\wbem\ncprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\ncprov.mof OK
C:\WINDOWS\system32\wbem\ncprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\ntevt.mfl OK
C:\WINDOWS\system32\wbem\ntevt.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\ntevt.mof OK
C:\WINDOWS\system32\wbem\ntevt.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\policman.mfl OK
C:\WINDOWS\system32\wbem\policman.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\policman.mof OK
C:\WINDOWS\system32\wbem\policman.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\regevent.mfl OK
C:\WINDOWS\system32\wbem\regevent.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\regevent.mof OK
C:\WINDOWS\system32\wbem\regevent.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\scm.mof OK
C:\WINDOWS\system32\wbem\scm.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\scrcons.mfl OK
C:\WINDOWS\system32\wbem\scrcons.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\scrcons.mof OK
C:\WINDOWS\system32\wbem\scrcons.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\secrcw32.mfl OK
C:\WINDOWS\system32\wbem\secrcw32.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\secrcw32.mof OK
C:\WINDOWS\system32\wbem\secrcw32.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\smtpcons.mfl OK
C:\WINDOWS\system32\wbem\smtpcons.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\smtpcons.mof OK
C:\WINDOWS\system32\wbem\smtpcons.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\subscrpt.mof OK
C:\WINDOWS\system32\wbem\subscrpt.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\system.mof OK
C:\WINDOWS\system32\wbem\system.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\tmplprov.mfl OK
C:\WINDOWS\system32\wbem\tmplprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\tmplprov.mof OK
C:\WINDOWS\system32\wbem\tmplprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\trnsprov.mfl OK
C:\WINDOWS\system32\wbem\trnsprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\trnsprov.mof OK
C:\WINDOWS\system32\wbem\trnsprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\updprov.mfl OK
C:\WINDOWS\system32\wbem\updprov.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\updprov.mof OK
C:\WINDOWS\system32\wbem\updprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wbemcons.mfl OK
C:\WINDOWS\system32\wbem\wbemcons.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wbemcons.mof OK
C:\WINDOWS\system32\wbem\wbemcons.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmi.mfl OK
C:\WINDOWS\system32\wbem\wmi.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipcima.mfl OK
C:\WINDOWS\system32\wbem\wmipcima.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipcima.mof OK
C:\WINDOWS\system32\wbem\wmipcima.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipdskq.mfl OK
C:\WINDOWS\system32\wbem\wmipdskq.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipdskq.mof OK
C:\WINDOWS\system32\wbem\wmipdskq.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipicmp.mfl OK
C:\WINDOWS\system32\wbem\wmipicmp.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipicmp.mof OK
C:\WINDOWS\system32\wbem\wmipicmp.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipiprt.mfl OK
C:\WINDOWS\system32\wbem\wmipiprt.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipiprt.mof OK
C:\WINDOWS\system32\wbem\wmipiprt.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipjobj.mfl OK
C:\WINDOWS\system32\wbem\wmipjobj.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipjobj.mof OK
C:\WINDOWS\system32\wbem\wmipjobj.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipsess.mfl OK
C:\WINDOWS\system32\wbem\wmipsess.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmipsess.mof OK
C:\WINDOWS\system32\wbem\wmipsess.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmitimep.mfl OK
C:\WINDOWS\system32\wbem\wmitimep.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\wmitimep.mof OK
C:\WINDOWS\system32\wbem\wmitimep.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\Performance\WmiApRpl.h OK
C:\WINDOWS\system32\wbem\Performance\WmiApRpl.ini OK
C:\WINDOWS\system32\wbem\Performance\WmiApRpl.ini=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\3EC317800FF508210BB945C81C0EACE7.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\3EC317800FF508210BB945C81C0EACE7.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\C92641594A6F2DA8A55FE4738AFDA539.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\C92641594A6F2DA8A55FE4738AFDA539.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\A7575F8DE31A912FFE91A7A41B1E382A.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\A7575F8DE31A912FFE91A7A41B1E382A.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\CA0106054EB09C302ED3E0669F99D021.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\CA0106054EB09C302ED3E0669F99D021.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\37134956F76D3C30C9BE0C12571CAF43.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\37134956F76D3C30C9BE0C12571CAF43.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\DFD614E4D613EF4506AC8F525F5F514B.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\DFD614E4D613EF4506AC8F525F5F514B.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\C81ACF420917AA0F87487BC4D958BEB4.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\C81ACF420917AA0F87487BC4D958BEB4.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\958A50DFF8A9DF5FAEA042AC9F60815F.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\958A50DFF8A9DF5FAEA042AC9F60815F.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\DC999686F8B85B326CEDFA199DD07F72.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\DC999686F8B85B326CEDFA199DD07F72.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\6B38F33147D0369D5038BBB61C7A31C8.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\6B38F33147D0369D5038BBB61C7A31C8.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\2CFB5B149FA396D1AEA5F89B1C5A8D81.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\2CFB5B149FA396D1AEA5F89B1C5A8D81.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\60A06765DDFE47EF7240BD9C1EB29EFE.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\60A06765DDFE47EF7240BD9C1EB29EFE.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\7A62FA52E22CE751514BC93BE067BC80.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\7A62FA52E22CE751514BC93BE067BC80.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\CFC35B349D24A8495FD2CEAB15C32D88.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\CFC35B349D24A8495FD2CEAB15C32D88.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\EDBF963FB003D0670AA9C2219BD091FB.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\EDBF963FB003D0670AA9C2219BD091FB.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\852ECCDBABE77624586E4417FE66F857.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\852ECCDBABE77624586E4417FE66F857.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\ABB70D53B97FC8002205F77E02C97304.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\ABB70D53B97FC8002205F77E02C97304.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\AE7023598F41510BF261111652046301.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\AE7023598F41510BF261111652046301.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\A99860BB696AE92ED001E48B014365CE.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\A99860BB696AE92ED001E48B014365CE.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\FAAD7D567E76CAB10704AFD7C0488F23.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\FAAD7D567E76CAB10704AFD7C0488F23.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\2CE64FBD51953C097BB5470043A6DAF9.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\2CE64FBD51953C097BB5470043A6DAF9.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\42355E8E232EF8CADD187D531DEC55DD.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\42355E8E232EF8CADD187D531DEC55DD.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\AEA50E449C23761CA4D9B7F9ED0D9C89.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\AEA50E449C23761CA4D9B7F9ED0D9C89.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\8636DC7F9479DACE6778109CB4FB4B01.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\8636DC7F9479DACE6778109CB4FB4B01.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\DBD781C2C031C708BCB490F228E7BEF9.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\DBD781C2C031C708BCB490F228E7BEF9.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\88744D2A29102FC88ECF505DD2E984FC.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\88744D2A29102FC88ECF505DD2E984FC.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\C6300BFE37ADE6B52EC023F66124985F.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\C6300BFE37ADE6B52EC023F66124985F.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\701B705ED7DF100F88D5BC4A595E938D.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\701B705ED7DF100F88D5BC4A595E938D.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\79E817BC978E2D450EB9E3794DFDA6CF.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\79E817BC978E2D450EB9E3794DFDA6CF.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\E441354B9FE5F63362A481C9B9195A73.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\E441354B9FE5F63362A481C9B9195A73.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\42C894EEACAD83A4E41154685841B3E1.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\42C894EEACAD83A4E41154685841B3E1.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\D92470B796B6B18F9EE52301857F0567.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\D92470B796B6B18F9EE52301857F0567.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\2DA80135BA8EC175C9B1C1598F659434.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\2DA80135BA8EC175C9B1C1598F659434.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\608B41C6A2CD9460C2263E6CD80C335A.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\608B41C6A2CD9460C2263E6CD80C335A.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\731AE1FC8C795979F40FAD645FFBAEB1.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\731AE1FC8C795979F40FAD645FFBAEB1.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\C3A0BE17B37ACE48BE78B31580231AE9.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\C3A0BE17B37ACE48BE78B31580231AE9.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\D724DF13E0B0DF051EB5D403DD8EF2FC.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\D724DF13E0B0DF051EB5D403DD8EF2FC.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\6FFF7467A5B40765D5740A413CA8BB8A.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\6FFF7467A5B40765D5740A413CA8BB8A.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\808DA771D27710539621CD5ADC7606AC.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\808DA771D27710539621CD5ADC7606AC.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\1EBE968EB7AF815A32641E6185350A9E.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\1EBE968EB7AF815A32641E6185350A9E.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\3FCFB479827BB9576EB05BF8BCB3C3AD.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\3FCFB479827BB9576EB05BF8BCB3C3AD.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\AutoRecover\FF07AB34F5BE762768A8C26385B07B04.mof OK
C:\WINDOWS\system32\wbem\AutoRecover\FF07AB34F5BE762768A8C26385B07B04.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP OK
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP OK
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER OK
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP OK
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP OK
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA OK
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR OK
C:\WINDOWS\system32\wbem\Repository\$WinMgmt.CFG OK
C:\WINDOWS\system32\wbem\dgnet.mof OK
C:\WINDOWS\system32\wbem\dgnet.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\evntrprv.mof OK
C:\WINDOWS\system32\wbem\evntrprv.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\CmdEvTgProv.mof OK
C:\WINDOWS\system32\wbem\CmdEvTgProv.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\hnetcfg.mof OK
C:\WINDOWS\system32\wbem\hnetcfg.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\ieinfo5.mof OK
C:\WINDOWS\system32\wbem\ieinfo5.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\rsop.mfl OK
C:\WINDOWS\system32\wbem\rsop.mfl=>(unicode) OK
C:\WINDOWS\system32\wbem\scersop.mof OK
C:\WINDOWS\system32\wbem\scersop.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\sr.mof OK
C:\WINDOWS\system32\wbem\sr.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\whqlprov.mof OK
C:\WINDOWS\system32\wbem\whqlprov.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\evntrprv.dll OK
C:\WINDOWS\system32\wbem\CmdEvTgProv.dll OK
C:\WINDOWS\system32\wbem\rsop.mof OK
C:\WINDOWS\system32\wbem\rsop.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wbemperf.dll OK
C:\WINDOWS\system32\wbem\wscenter.mof OK
C:\WINDOWS\system32\wbem\wscenter.mof=>(unicode) OK
C:\WINDOWS\system32\wbem\wmiclivalueformat.xsl OK
C:\WINDOWS\system32\npp\ndisnpp.dll OK
C:\WINDOWS\system32\npp\nppagent.exe OK
C:\WINDOWS\system32\ias\ias.mdb OK
C:\WINDOWS\system32\ias\dnary.mdb OK
C:\WINDOWS\system32\dllcache\NT5INF.CAT OK
C:\WINDOWS\system32\dllcache\NT5.CAT OK
C:\WINDOWS\system32\dllcache\SP2.CAT OK
C:\WINDOWS\system32\dllcache\NTPRINT.CAT OK
C:\WINDOWS\system32\dllcache\NT5IIS.CAT OK
C:\WINDOWS\system32\dllcache\MAPIMIG.CAT OK
C:\WINDOWS\system32\dllcache\FP4.CAT OK
C:\WINDOWS\system32\dllcache\IMS.CAT OK
C:\WINDOWS\system32\dllcache\MSMSGS.CAT OK
C:\WINDOWS\system32\dllcache\HPCRDP.CAT OK
C:\WINDOWS\system32\dllcache\MW770.CAT OK
C:\WINDOWS\system32\dllcache\wmerrenu.cat OK
C:\WINDOWS\system32\dllcache\IASNT4.CAT OK
C:\WINDOWS\system32\dllcache\MSTSWEB.CAT OK
C:\WINDOWS\system32\dllcache\OEMBIOS.CAT OK
C:\WINDOWS\system32\dllcache\tabletpc.cat OK
C:\WINDOWS\system32\dllcache\mediactr.cat OK
C:\WINDOWS\system32\dllcache\msn7.cat OK
C:\WINDOWS\system32\dllcache\msn9.cat OK
C:\WINDOWS\system32\dllcache\netfx.cat OK
C:\WINDOWS\system32\dllcache\admwprox.dll OK
C:\WINDOWS\system32\dllcache\admin.dll OK
C:\WINDOWS\system32\dllcache\admin.exe OK
C:\WINDOWS\system32\dllcache\acgenral.dll OK
C:\WINDOWS\system32\dllcache\aclayers.dll OK
C:\WINDOWS\system32\dllcache\acspecfc.dll OK
C:\WINDOWS\system32\dllcache\acxtrnal.dll OK
C:\WINDOWS\system32\dllcache\adsiis51.dll OK
C:\WINDOWS\system32\dllcache\rundll32.exe OK
C:\WINDOWS\system32\dllcache\apphelp.dll OK
C:\WINDOWS\system32\dllcache\ahui.exe OK
C:\WINDOWS\system32\dllcache\asycfilt.dll OK
C:\WINDOWS\system32\dllcache\atmlib.dll OK
C:\WINDOWS\system32\dllcache\apps.chm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/#SYSTEM OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20812.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21147.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21148.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20504.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20781.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20896.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_30001.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21011.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21010.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20669.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20056.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20947.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20948.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20640.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21086.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20814.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20547.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20840.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20649.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21138.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20049.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20849.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20851.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20949.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20700.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20782.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20704.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20038.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20094.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20819.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20820.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20506.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21105.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20009.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20066.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20642.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20677.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20591.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21183.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20088.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21232.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21189.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20962.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21215.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21217.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20017.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21225.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20915.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20005.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21182.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21020.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21021.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20877.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20549.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21153.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20900.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20878.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20085.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21122.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_30022.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_30023.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21134.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21135.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21198.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20083.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20764.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21188.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21166.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21144.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20964.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20841.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20685.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20705.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20858.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20928.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20040.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20931.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21229.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20032.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21123.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20718.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20713.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21162.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20714.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_30002.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21161.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21076.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21191.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20901.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20826.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21213.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20960.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21109.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20950.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20678.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20842.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20541.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20526.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20821.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20550.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20508.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20916.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21106.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_30003.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20044.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21192.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20965.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20509.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21246.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20057.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20621.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20710.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20624.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20827.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20206.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20208.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20966.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21193.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21163.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20047.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20967.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20968.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21321.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20051.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20089.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21172.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21173.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_30019.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21221.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_21139.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_20105.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_w2_30004.htm OK
C:\WINDOWS\system32\dllcache\apps.chm=>/idh_
0
willgt
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:50, on 17/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://will831310.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.0.15.0/ImageUploader5.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 4 / 16
ll0ll Messages postés 2617 Statut Contributeur 511
 
Bonjour.
Il va falloir telecharger BOOTVIS (gratuit) et essayer d'optimiser le systeme.
Sinon, effectuer une reparation de windows (avec le CD original, ou pas).
enjoy
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
re me

ensuite fais ceci :

élécharger et nettoyer son PC avec CCleaner
ici :

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

Utilisation :

* Choisir l’onglet "Options" puis cliquer sur "Avancé" et décocher les cases "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures".
* Dans l'onglet "Nettoyeur" cliquer sur "Analyse".
* Une fois l'analyse terminée, cliquer sur "Lancer le Nettoyage".
* Ensuite, dans l'onglet "Erreurs" cliquer sur "Chercher des erreurs" puis, avant de cliquer sur "Réparer les erreurs sélectionnées" effectuer une sauvegarde du registre (comme proposé).
* Recommencer jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).

2. Scan avec un Anti-Spyware

Télécharger et scanner son PC avec AVG anti-spyware
Copier/coller le rapport entier sur le forum.

Remarque : Une fois l'analyse terminée, il faut faire un clique droit sur un fichier infecté et demander à "AVG Anti-Spyware 7.5" de le supprimer.
Puis cliquer sur "Appliquer toutes les actions" afin de tout supprimer automatiquement :)

puis ceci :

Scanner ensuite son PC avec un BitDefender en ligne (uniquement sous Internet Explorer) :

www.bitdefender.com/scan8/ie.html

Utilisation :

* Cliquer sur "J'accepte" puis accepter également l'ActiveX bloqué par la barre anti-popup du SP2 qui clignotera en haut et l'installer.
* Ensuite, cliquer sur "Cliquez ici pour scanner".
* Patienter jusqu'à la fin du scan qui peut durer assez longtemps...

Copier/coller le rapport entier sur le forum.

Tutoriel en images ici : (merci à Balltrap34 pour cette réalisation)

ceci fait remets 1 log hijack ainsi que tous rapport donnés

bizzzz
0
Réponse 6 / 16
tanger212 Messages postés 205 Statut Membre 22
 
salut essaye de faire une defragmentaion du dd et exucuter msconfig et decocher tout les produit de demarage ton pc redemarera car il n'aura pas a lancer tout ces logitiel avant que le bureau s'affiche
0
Réponse 7 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
re moi

* Télécharge VundoFix.exe (par Atribune) sur ton Bureau:

http://www.atribune.org/public-beta/VundoFix.exe

* Double-clique VundoFix.exe afin de le lancer
* Clique sur le bouton Scan for Vundo
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

mets 1 rapport + 1 nouveau log hijack pour voir

bizz
0
Réponse 8 / 16
dezactives Messages postés 10 Statut Membre
 
Logfile of HijackThis v1.99.1
Scan saved at 22:08:59, on 09/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Program Files\DriveCleaner Free\UDC6cw.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
C:\Program Files\DriveCleaner Free\UDC.exe
F:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: (no name) - {4DD3C70C-611A-4745-9937-C291884F82CE} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [DriveCleaner Free] "C:\Program Files\DriveCleaner Free\UDC.exe" /min
O4 - HKLM\..\Run: [UDC6cw] "C:\Program Files\DriveCleaner Free\UDC6cw.exe" -c
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awveniet - C:\WINDOWS\Config\awveniet.dll (file missing)
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\system32\catsrvut.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
0
Réponse 9 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
ok !!

fais vundo fix comme dis + haut stp

bizoux
0
Réponse 10 / 16
dezactives Messages postés 10 Statut Membre
 
Désolé Raleuboleu mais Vundo n'a rien trouvé ( c'est bon signe j'espere )
0
Réponse 11 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
re

bon attend ne pas crier victoire tout de suite lool

bizzz
0
Réponse 12 / 16
did71 Messages postés 2187 Statut Contributeur sécurité 36
 
bonsoir,

désolé d'intervenir!

1) Télécharge Blacklight (de F-Secure), sauvegarde le sur ton Bureau:

https://europe.f-secure.com/exclude/blacklight/index.shtml

Double-clique blbeta.exe et accepte la licence ;clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse!

2) Télécharge clean.zip

http://www.malekal.com/download/clean.zip

Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Ouvre le dossier Clean qui se trouve sur ton bureau.
Double-clic sur clean.cmd.
Une fenêtre noire va apparaître, choisis l'option 1.

Poste le rapport qui se trouve ici C:\rapport_clean.txt

a+
0
dezactives
 
Tout d'abord un grand merci à toi did71 pour l'interet que tu portes à mon problème........chez fais ce que tu m'as demandé et voilà le résultat :

05/10/07 19:18:26 [Info]: BlackLight Engine 1.0.61 initialized
05/10/07 19:18:26 [Info]: OS: 5.1 build 2600 (Service Pack 2)
05/10/07 19:18:27 [Note]: 7019 4
05/10/07 19:18:27 [Note]: 7005 0
05/10/07 19:18:38 [Note]: 7006 0
05/10/07 19:18:38 [Note]: 7011 2080
05/10/07 19:18:38 [Note]: 7026 0
05/10/07 19:18:38 [Note]: 7026 0
05/10/07 19:18:41 [Note]: FSRAW library version 1.7.1021
05/10/07 19:18:50 [Note]: 2000 1012
05/10/07 19:20:22 [Note]: 7007 0


puis

10/05/2007 a 19:30:53,73

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\Dispatcher.exe FOUND
C:\WINDOWS\Router.exe FOUND
C:\WINDOWS\dispatcher.exe FOUND

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND
C:\WINDOWS\nsreg.dat FOUND
"C:\Documents and Settings\maison\Application Data\ezpinst.exe" FOUND
"C:\Documents and Settings\maison\Application Data\DriveCleaner Free\" FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Fichiers communs\DriveCleaner Free\" FOUND
"C:\Program Files\VSAdd-in\" FOUND
*** Fin du rapport !
0
Réponse 13 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
re salut

nan did71 merci de ton intervention !!!!!^^ et merci beaucoup a toi

bizoux
0
Réponse 14 / 16
did71 Messages postés 2187 Statut Contributeur sécurité 36
 
Bonjour,

en attendant le retour de raleuboleu, que je salue!

1) désinstalle via ajout/suppression de programme:

drivecleaner qui est une saleté!

2) relance cleanzip,

Choisis cette fois l'option 2!

Poste le rapport ensuite

3) Télécharge ComboFix (par sUBs) d'un de ces liens sur ton bureau:

http://www.techsupportforum.com/sectools/combofix.exe

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites

Poste le rapport ainsi qu'un nouvel hijackthis!

a+
0
dezactives
 
Voici ce que tu m'as demandé :

Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 10/05/2007 a 21:55:41,73

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\Dispatcher.exe
tentative de suppression de C:\WINDOWS\Router.exe

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
tentative de suppression de C:\WINDOWS\nsreg.dat
tentative de suppression de "C:\Documents and Settings\maison\Application Data\ezpinst.exe"
tentative de suppression de "C:\Documents and Settings\maison\Application Data\DriveCleaner Free\"

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Fichiers communs\DriveCleaner Free\"
tentative de suppression de "C:\Program Files\VSAdd-in\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !





"maison" - 2007-05-10 22:04:54 Service Pack 2
ComboFix 07-05.08.3.V - Running from: "C:\"


((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))


Granting SeDebugPrivilege to Administrateurs ... successful



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\vbuzip10.dll
C:\WINDOWS\system32\vbzip11.dll


((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-10 ))))))))))))))))))))))))))))))))))


2007-05-10 22:02 1,088,478 --a------ C:\ComboFix.exe
2007-05-10 08:10 14 --a------ C:\DOCUME~1\maison\getfile.dat
2007-05-09 22:16 <REP> d-------- C:\VundoFix Backups
2007-05-09 21:14 14 --a------ C:\WINDOWS\system32\getfile.dat
2007-05-09 04:26 <REP> d-------- C:\Program Files\CCleaner
2007-05-05 01:59 921 --a------ C:\WINDOWS\QSFVExit.bat
2007-05-03 23:35 <REP> d-------- C:\Program Files\Live_TV
2007-04-26 20:40 <REP> d-------- C:\Program Files\RegistrySmart
2007-04-26 20:40 <REP> d-------- C:\DOCUME~1\maison\APPLIC~1\RegistrySmart
2007-04-26 00:04 <REP> d-------- C:\0000000000000000000000000000000000000
2007-04-25 13:13 <REP> d-------- C:\Program Files\GPL MPEG Decoder
2007-04-20 14:49 <REP> d-------- C:\Program Files\HomePlayer1.5.0.2
2007-04-20 11:23 <REP> d-------- C:\FREEBOX
2007-04-17 10:00 <REP> d--hs---- C:\FOUND.016


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-10 19:47:08 86,050 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-05-10 19:47:08 494,342 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:56 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:42 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:52 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:24 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-03-14 12:45:22 -------- d-----w C:\Program Files\Nero
2007-03-12 20:07:10 -------- d-----w C:\Program Files\Sony Corporation
2007-03-12 20:06:28 108,544 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-03-12 20:06:26 20,576 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-03-12 20:06:26 151,552 ------w C:\WINDOWS\system32\pxwma.dll
2007-03-12 20:06:26 104,960 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-03-12 20:05:14 -------- d-----w C:\Program Files\Sony
2007-03-12 20:04:32 -------- d-----w C:\DOCUME~1\maison\APPLIC~1\Sony Corporation
2007-03-12 20:04:30 -------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2007-03-09 17:15:24 -------- d-----w C:\Program Files\802.11 Wireless LAN
2007-03-04 07:40:18 1,105,878 ----a-w C:\undelete_plus_setup.exe
2007-02-27 02:29:00 38 ----a-w C:\WINDOWS\system32\netjr32.dll
2007-02-23 00:59:26 21,697,088 ----a-w C:\Democracy_Installer.exe
2007-02-18 21:18:24 6,425,857 ----a-w C:\pci_fr_smartrecovery.exe
2007-02-15 16:34:28 14,997,504 ----a-w C:\Audio jack.exe
2007-02-15 11:45:36 707,344 ----a-w C:\WINDOWS\system32\oodag.exe
2007-02-15 11:34:30 217,360 ----a-w C:\WINDOWS\system32\oodbs.exe
2007-02-15 11:22:10 11,536 ----a-w C:\WINDOWS\system32\oodbsrs.dll
2007-02-15 11:22:00 17,168 ----a-w C:\WINDOWS\system32\oodagrs.dll
2007-02-15 11:21:50 18,704 ----a-w C:\WINDOWS\system32\oodagmg.dll
2007-02-15 07:44:32 16,656 ----a-w C:\WINDOWS\system32\ootmapi.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"="C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll"
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"="C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"nForce Tray Options"="sstray.exe /r"
"AnyDVD"="C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender8\\bdmcon.exe\""
"BDNewsAgent"="\"C:\\Program Files\\Softwin\\BitDefender8\\bdnagent.exe\""
"WA6PV_Check"="\"C:\\Program Files\\Fichiers communs\\DriveCleaner Free\\udcwap.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Uniblue Registry Booster"="C:\\Program Files\\Uniblue\\Registry Booster\\RegistryBooster.exe /S"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=dword:00000000
"NoBandCustomize"=dword:00000000
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=dword:00000000
"NoBandCustomize"=dword:00000000
"NoLowDiskSpaceChecks"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll"


HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awveniet

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages msv1_0\0\0
Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages scecli\0\0


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter HTTPFilter\0\0
LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService DnsCache\0\0
DcomLaunch DcomLaunch\0TermService\0\0
rpcss RpcSs\0\0
imgsvc StiSvc\0\0
termsvcs TermService\0\0
Usnsvc usnsvc\0\0
WudfServiceGroup WUDFSvc\0\0

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51cac649-cdc7-11db-9319-0040f4d9c1f8}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe



~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20070509-220448-382
O20 - Winlogon Notify: winjrs32 - winjrs32.dll (file missing)
backup-20070509-220448-832
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
backup-20070509-220447-294
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com
backup-20070509-220447-427
O15 - Trusted Zone: http://locator.cdn.imageservr.com
backup-20070509-220447-160
O4 - HKLM\..\Run: [Dispatcher] C:\WINDOWS\dispatcher.exe
backup-20070509-220447-626
O15 - Trusted Zone: http://locator1.cdn.imageservr.com
backup-20070509-220447-868
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
backup-20070509-220447-911
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
backup-20070509-220447-538
O2 - BHO: (no name) - {842F1E58-4F81-49B8-88B6-334B7CB2367b} - C:\WINDOWS\system32\glbxtsmy.dll (file missing)
backup-20070509-220447-152
O2 - BHO: (no name) - {68069B37-06A0-465B-9C2C-DD2D6ACF99B5} - (no file)

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-10 22:08:23
Windows 5.1.2600 Service Pack 2 FAT

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 2007-05-10 22:08:58 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-10 22:09



Logfile of HijackThis v1.99.1
Scan saved at 22:11:29, on 10/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
F:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: (no name) - {4DD3C70C-611A-4745-9937-C291884F82CE} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awveniet - C:\WINDOWS\Config\awveniet.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
0
Réponse 15 / 16
did71 Messages postés 2187 Statut Contributeur sécurité 36
 
re,

rends toi ici:

http://www.virustotal.com/flash/index_en.html

et fais analyser les fichiers ci dessous:

C:\WINDOWS\system32\pxcpyi64.exe
C:\undelete_plus_setup.exe
C:\WINDOWS\system32\netjr32.dll

poste le rapport virus total ensuite

a+
0
Réponse 16 / 16
raleuboleu Messages postés 5028 Statut Membre 79
 
merci a toi my did 71

bizouxx
0

Discussions similaires

Pc très lent du jour au lendemain
Zelaz93330 -
Malekal_morte- -

33 réponses