Sujet Précédent Sujet Suivant

Virus Win 32: Trojan

Fermé
Gutt-A - 6 janv. 2008 à 14:00
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 - 7 janv. 2008 à 11:30
Bonjour à tous,

Quelqu'un pourrai m'indiquer les fichiers à supprimer s.v.p. pour le virus Win 32: Jan. Voici le rapport:


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\lim.ONZE\Bureau\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
A voir également:

8 réponses

Réponse 1 / 8
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
6 janv. 2008 à 15:26
salut,
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.cmd pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
0
Réponse 2 / 8
Gutt-A
6 janv. 2008 à 16:29
Re jfk,

Voici le nouveau log Hijackthis et le Report.txt..

Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 16:23:25, on 06/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\LIM~1.ONZ\LOCALS~1\Temp\Rar$EX00.312\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

Report.txt:

SDFix: Version 1.124

Run by lim on 06/01/2008 at 16:03

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found





Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-06 16:10:13
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:4686d64e
"s2"=dword:ddda3b93
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:8a,7a,77,3f,d0,ea,df,50,a2,a3,87,ca,24,b6,2a,a0,ec,0f,44,5c,b1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,aa,7c,ad,68,f3,fa,fa,36,fe,c6,f2,d5,da,1b,c3,b3,8c,..
"khjeh"=hex:68,56,a6,5c,3c,df,1c,21,ea,59,e7,f3,78,8e,09,32,a0,c7,c7,da,25,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:e9,9e,82,95,0e,7e,44,19,69,da,48,4d,fb,70,77,5c,1e,46,21,0b,aa,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:8a,7a,77,3f,d0,ea,df,50,a2,a3,87,ca,24,b6,2a,a0,ec,0f,44,5c,b1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,aa,7c,ad,68,f3,fa,fa,36,fe,c6,f2,d5,da,1b,c3,b3,8c,..
"khjeh"=hex:68,56,a6,5c,3c,df,1c,21,ea,59,e7,f3,78,8e,09,32,a0,c7,c7,da,25,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:e9,9e,82,95,0e,7e,44,19,69,da,48,4d,fb,70,77,5c,1e,46,21,0b,aa,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
"C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\softnyx\\GunboundWC\\GunBound.gme"="C:\\Program Files\\softnyx\\GunboundWC\\GunBound.gme:*:Enabled:GunBound"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------


Files with Hidden Attributes:

Thu 5 Aug 2004 143,360 A..H. --- "C:\dotnetfx\ACCMGR.DLL"
Thu 5 Aug 2004 147,456 A..H. --- "C:\dotnetfx\CDMGR.DLL"
Thu 5 Aug 2004 40,960 A..H. --- "C:\dotnetfx\CMNRES.DLL"
Thu 5 Aug 2004 122,880 A..H. --- "C:\dotnetfx\DEFHELP.DLL"
Thu 5 Aug 2004 36,864 A..H. --- "C:\dotnetfx\DELTEMP.EXE"
Thu 5 Aug 2004 192,512 A..H. --- "C:\dotnetfx\DEPMGR.DLL"
Thu 5 Aug 2004 163,840 A..H. --- "C:\dotnetfx\DFCHGFLD.DLL"
Thu 5 Aug 2004 233,472 A..H. --- "C:\dotnetfx\DFDEPUI.DLL"
Thu 5 Aug 2004 135,168 A..H. --- "C:\dotnetfx\DFFACT.DLL"
Thu 5 Aug 2004 143,360 A..H. --- "C:\dotnetfx\DISKMGR.DLL"
Thu 5 Aug 2004 24,278,048 A..H. --- "C:\dotnetfx\DOTNETFX.EXE"
Thu 5 Aug 2004 335,872 A..H. --- "C:\dotnetfx\GENCOMP.DLL"
Thu 5 Aug 2004 131,072 A..H. --- "C:\dotnetfx\HTMLLITE.DLL"
Thu 5 Aug 2004 1,439,240 A..H. --- "C:\dotnetfx\LANGPACK.EXE"
Thu 5 Aug 2004 487,424 A..H. --- "C:\dotnetfx\MSVCP70.DLL"
Thu 5 Aug 2004 344,064 A..H. --- "C:\dotnetfx\MSVCR70.DLL"
Thu 5 Aug 2004 10,694,464 A..H. --- "C:\dotnetfx\NDPSP.EXE"
Thu 5 Aug 2004 118,784 A..H. --- "C:\dotnetfx\REBOOTST.EXE"
Thu 5 Aug 2004 139,264 A..H. --- "C:\dotnetfx\SETLOG.DLL"
Thu 5 Aug 2004 133,816 A..H. --- "C:\dotnetfx\SETUP.EXE"
Thu 5 Aug 2004 155,648 A..H. --- "C:\dotnetfx\SETUPDB.DLL"
Thu 5 Aug 2004 651,264 A..H. --- "C:\dotnetfx\SITSETUP.DLL"
Thu 5 Aug 2004 36,864 A..H. --- "C:\dotnetfx\SUITE.DLL"
Thu 5 Aug 2004 200,704 A..H. --- "C:\dotnetfx\SVRGRMGR.DLL"
Thu 5 Aug 2004 339,968 A..H. --- "C:\dotnetfx\TEMPLMGR.DLL"
Thu 5 Aug 2004 274,432 A..H. --- "C:\dotnetfx\UIMGR.DLL"
Thu 5 Aug 2004 135,168 A..H. --- "C:\dotnetfx\VALIDATE.DLL"
Thu 5 Aug 2004 200,704 A..H. --- "C:\dotnetfx\XPSPREQS.DLL"
Thu 5 Aug 2004 286,720 A..H. --- "C:\dotnetfx\XPSPSCEN.DLL"
Thu 5 Aug 2004 778,240 A..H. --- "C:\dotnetfx\XPSPUI.DLL"
Thu 5 Aug 2004 625,152 A..H. --- "C:\i386\AUTOCHK.EXE"
Thu 5 Aug 2004 616,960 A..H. --- "C:\i386\AUTOFMT.EXE"
Thu 5 Aug 2004 59,904 A..H. --- "C:\i386\CABINET.DLL"
Thu 5 Aug 2004 847,872 A..H. --- "C:\i386\DBGENG.DLL"
Thu 5 Aug 2004 640,000 A..H. --- "C:\i386\DBGHELP.DLL"
Thu 5 Aug 2004 16,896 A..H. --- "C:\i386\EXPAND.EXE"
Thu 5 Aug 2004 121,856 A..H. --- "C:\i386\EXTS.DLL"
Thu 5 Aug 2004 20,992 A..H. --- "C:\i386\FAXPATCH.EXE"
Thu 5 Aug 2004 69,632 A..H. --- "C:\i386\HWDB.DLL"
Thu 5 Aug 2004 144,384 A..H. --- "C:\i386\IMAGEHLP.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDA1.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDA2.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDA3.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDAL.DLL"
Thu 5 Aug 2004 5,120 A..H. --- "C:\i386\KBDARME.DLL"
Thu 5 Aug 2004 5,120 A..H. --- "C:\i386\KBDARMW.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDAZE.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDAZEL.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDBE.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDBLR.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDBR.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDBU.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDCA.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDCR.DLL"
Thu 5 Aug 2004 7,168 A..H. --- "C:\i386\KBDCZ.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDCZ1.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDCZ2.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDDA.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDDIV1.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDDIV2.DLL"
Thu 5 Aug 2004 5,120 A..H. --- "C:\i386\KBDDV.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDES.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDEST.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDFA.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDFC.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDFI.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDFR.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDGAE.DLL"
Thu 5 Aug 2004 5,120 A..H. --- "C:\i386\KBDGEO.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDGKL.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDGR.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDGR1.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDHE.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDHE220.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDHE319.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDHEB.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDHELA2.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDHELA3.DLL"
Thu 5 Aug 2004 8,192 A..H. --- "C:\i386\KBDHEPT.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDHU.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDHU1.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDIC.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDINDEV.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDINGUJ.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDINHIN.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDINKAN.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDINMAR.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDINPUN.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDINTAM.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDINTEL.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDIR.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDIT.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDIT142.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDKAZ.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDKYR.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDLA.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDLT.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDLT1.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDLV.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDLV1.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDMON.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDNE.DLL"
Thu 5 Aug 2004 7,168 A..H. --- "C:\i386\KBDNEC.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDNO.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDPL.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDPL1.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDPO.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDRO.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDRU.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDRU1.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDSF.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDSG.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDSL.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDSL1.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDSP.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDSW.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDSYR1.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDSYR2.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDTAT.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDTH0.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDTH1.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDTH2.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDTH3.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDTUF.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDTUQ.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDUK.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDUR.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDURDU.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDUS.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDUSL.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDUSR.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\KBDUSX.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDUZB.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDVNTC.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\KBDYCC.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\KBDYCL.DLL"
Thu 5 Aug 2004 92,032 A..H. --- "C:\i386\KSECDD.SYS"
Thu 5 Aug 2004 332,800 A..H. --- "C:\i386\NETSETUP.EXE"
Thu 5 Aug 2004 733,184 A..H. --- "C:\i386\NTDLL.DLL"
Thu 5 Aug 2004 574,592 A..H. --- "C:\i386\NTFS.SYS"
Thu 5 Aug 2004 31,744 A..H. --- "C:\i386\NTSD.EXE"
Thu 5 Aug 2004 36,864 A..H. --- "C:\i386\NTSDEXTS.DLL"
Thu 5 Aug 2004 24,064 A..H. --- "C:\i386\PIDGEN.DLL"
Thu 5 Aug 2004 153,088 A..H. --- "C:\i386\REGEDIT.EXE"
Thu 5 Aug 2004 241,152 A..H. --- "C:\i386\SPCMDCON.SYS"
Thu 5 Aug 2004 11,776 A..H. --- "C:\i386\SPNPINST.EXE"
Thu 5 Aug 2004 244,736 A..H. --- "C:\i386\SYSPARSE.EXE"
Thu 5 Aug 2004 77,824 A..H. --- "C:\i386\TELNET.EXE"
Thu 5 Aug 2004 512,000 A..H. --- "C:\i386\USETUP.EXE"
Thu 5 Aug 2004 87,635 A..H. --- "C:\i386\WINNT.EXE"
Thu 5 Aug 2004 48,640 A..H. --- "C:\i386\WINNT32.EXE"
Thu 5 Aug 2004 1,183,744 A..H. --- "C:\i386\WINNT32A.DLL"
Thu 5 Aug 2004 1,315,328 A..H. --- "C:\i386\WINNT32U.DLL"
Thu 5 Aug 2004 772,096 A..H. --- "C:\i386\WINNTBBA.DLL"
Thu 5 Aug 2004 773,632 A..H. --- "C:\i386\WINNTBBU.DLL"
Thu 5 Aug 2004 53,248 A..H. --- "C:\i386\WSDU.DLL"
Thu 5 Aug 2004 77,824 A..H. --- "C:\i386\WSDUENG.DLL"
Fri 4 Mar 2005 105,984 A..H. --- "C:\drv\LAN0\Rtlnic64.sys"
Fri 4 Mar 2005 74,496 A..H. --- "C:\drv\LAN0\Rtlnicxp.sys"
Tue 16 Nov 2004 32,768 A..H. --- "C:\drv\LAN1\gSetXP.exe"
Wed 14 Sep 2005 33,408 A..H. --- "C:\drv\LAN1\ipgdnd51.sys"
Thu 20 Oct 2005 282,240 A..H. --- "C:\drv\LAN2\rtl8185.sys"
Tue 13 Apr 2004 1,266,380 A..H. --- "C:\drv\Modem0\AGRSM.sys"
Mon 5 Apr 2004 64,512 A..H. --- "C:\drv\Modem0\agrsmdel.exe"
Tue 13 Apr 2004 88,363 A..H. --- "C:\drv\Modem0\AGRSMMsg.exe"
Mon 5 Apr 2004 29,184 A..H. --- "C:\drv\Modem0\agsetup1.dll"
Mon 5 Apr 2004 72,704 A..H. --- "C:\drv\Modem0\agsetup2.dll"
Fri 31 Aug 2001 7,840 A..H. --- "C:\drv\Modem0\agsetup3.EXE"
Mon 5 Apr 2004 97,792 A..H. --- "C:\drv\Modem0\setup.exe"
Wed 27 Apr 2005 286,975 A..H. --- "C:\drv\Modem1\sm56.reg"
Mon 6 Jun 2005 69,632 A..H. --- "C:\drv\Modem1\sm56brz.dll"
Mon 6 Jun 2005 49,152 A..H. --- "C:\drv\Modem1\sm56chs.dll"
Mon 6 Jun 2005 49,152 A..H. --- "C:\drv\Modem1\sm56cht.dll"
Mon 6 Jun 2005 73,728 A..H. --- "C:\drv\Modem1\sm56co.dll"
Mon 6 Jun 2005 69,632 A..H. --- "C:\drv\Modem1\sm56eng.dll"
Mon 6 Jun 2005 69,632 A..H. --- "C:\drv\Modem1\sm56fra.dll"
Mon 6 Jun 2005 69,632 A..H. --- "C:\drv\Modem1\sm56ger.dll"
Mon 6 Jun 2005 544,768 A..H. --- "C:\drv\Modem1\sm56hlpr.exe"
Mon 6 Jun 2005 69,632 A..H. --- "C:\drv\Modem1\sm56itl.dll"
Mon 6 Jun 2005 53,248 A..H. --- "C:\drv\Modem1\sm56jpn.dll"
Mon 6 Jun 2005 69,632 A..H. --- "C:\drv\Modem1\sm56spn.dll"
Mon 6 Jun 2005 258,048 A..H. --- "C:\drv\Modem1\sm56unst.exe"
Mon 6 Jun 2005 925,192 A..H. --- "C:\drv\Modem1\SmSerial.sys"
Fri 13 May 2005 1,707,856 A..H. --- "C:\drv\VGA0\instmsia.exe"
Fri 13 May 2005 1,821,008 A..H. --- "C:\drv\VGA0\instmsiw.exe"
Fri 13 May 2005 3,712 A..H. --- "C:\drv\VGA0\s3chipid.sys"
Fri 13 May 2005 167,936 A..H. --- "C:\drv\VGA0\s3iset32.dll"
Fri 13 May 2005 77,824 A..H. --- "C:\drv\VGA0\s3minset.exe"
Fri 13 May 2005 263,086 A..H. --- "C:\drv\VGA0\setup.exe"
Fri 13 May 2005 3,453,824 A..H. --- "C:\drv\VGA0\vtdisp.dll"
Fri 13 May 2005 487,424 A..H. --- "C:\drv\VGA0\VTDisply.dll"
Fri 13 May 2005 360,448 A..H. --- "C:\drv\VGA0\VTGamma2.dll"
Fri 13 May 2005 1,871,872 A..H. --- "C:\drv\VGA0\vticd.dll"
Fri 13 May 2005 253,952 A..H. --- "C:\drv\VGA0\VTInfo2.dll"
Fri 13 May 2005 172,544 A..H. --- "C:\drv\VGA0\vtmini.sys"
Fri 13 May 2005 389,120 A..H. --- "C:\drv\VGA0\VTOvrlay.dll"
Fri 13 May 2005 53,248 A..H. --- "C:\drv\VGA0\VTTimer.exe"
Fri 13 May 2005 143,360 A..H. --- "C:\drv\VGA0\VTTrayP.exe"
Tue 2 Aug 2005 176,128 A..H. --- "C:\drv\VGA2\nvudisp.exe"
Tue 2 Aug 2005 116,880 A..H. --- "C:\drv\VGA2\setup.exe"
Mon 15 Mar 2004 36,261 A..H. --- "C:\drv\VGA3\wf88tune.sys"
Mon 15 Mar 2004 209,171 A..H. --- "C:\drv\VGA3\wf88vcap.sys"
Mon 15 Mar 2004 9,284 A..H. --- "C:\drv\VGA3\wf88xbar.sys"
Thu 27 Feb 2003 3,072 A..H. --- "C:\drv\VGA4\34CoInstaller.dll"
Fri 26 Aug 2005 660,992 A..H. --- "C:\drv\VGA4\LVHybrid.sys"
Tue 31 May 2005 11,970 A..H. --- "C:\drv\VGA5\hcw88aud.sys"
Tue 31 May 2005 27,984 A..H. --- "C:\drv\VGA5\hcw88bar.sys"
Tue 31 May 2005 130,112 A..H. --- "C:\drv\VGA5\hcw88bda.sys"
Tue 31 May 2005 9,539 A..H. --- "C:\drv\VGA5\hcw88r9x.sys"
Tue 31 May 2005 11,841 A..H. --- "C:\drv\VGA5\hcw88rc5.sys"
Tue 31 May 2005 296,259 A..H. --- "C:\drv\VGA5\hcw88tse.sys"
Tue 31 May 2005 137,793 A..H. --- "C:\drv\VGA5\hcw88tun.sys"
Tue 31 May 2005 611,444 A..H. --- "C:\drv\VGA5\hcw88vid.sys"
Thu 10 Feb 2005 86,072 A..H. --- "C:\drv\VGA5\HCWI2C32.DLL"
Wed 4 May 2005 196,664 A..H. --- "C:\drv\VGA5\hcwpnp32.dll"
Tue 8 Jun 2004 36,921 A..H. --- "C:\drv\VGA5\hcwutl32.dll"
Mon 23 Sep 2002 40,960 A..H. --- "C:\drv\VGA5\hcwxds.dll"
Wed 22 Jun 2005 1,467,862 A..H. --- "C:\drv\VGA5\SoftMCE.EXE"
Thu 5 Aug 2004 162,128 A..H. --- "C:\i386\DRW\DWWIN.EXE"
Thu 5 Aug 2004 28,672 A..H. --- "C:\i386\DRW\FAULTH.DLL"
Thu 5 Aug 2004 733,184 A..H. --- "C:\i386\SYSTEM32\NTDLL.DLL"
Thu 5 Aug 2004 512,512 A..H. --- "C:\i386\SYSTEM32\SMSS.EXE"
Thu 5 Aug 2004 13,312 A..H. --- "C:\i386\WINNTUPG\APMUPGRD.DLL"
Thu 5 Aug 2004 6,656 A..H. --- "C:\i386\WINNTUPG\BOSCOMP.DLL"
Thu 5 Aug 2004 58,128 A..H. --- "C:\i386\WINNTUPG\CFGMGR32.DLL"
Thu 5 Aug 2004 40,960 A..H. --- "C:\i386\WINNTUPG\CLUSCOMP.DLL"
Thu 5 Aug 2004 5,120 A..H. --- "C:\i386\WINNTUPG\FSFILTER.DLL"
Thu 5 Aug 2004 7,168 A..H. --- "C:\i386\WINNTUPG\FTCOMP.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\WINNTUPG\INPUPGRD.DLL"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\WINNTUPG\MSMQCOMP.DLL"
Thu 5 Aug 2004 122,368 A..H. --- "C:\i386\WINNTUPG\NETUPGRD.DLL"
Thu 5 Aug 2004 11,776 A..H. --- "C:\i386\WINNTUPG\NTDSUPG.DLL"
Thu 5 Aug 2004 6,144 A..H. --- "C:\i386\WINNTUPG\NV4PREP.DLL"
Thu 5 Aug 2004 323,344 A..H. --- "C:\i386\WINNTUPG\SETUPAPI.DLL"
Thu 5 Aug 2004 4,608 A..H. --- "C:\i386\WINNTUPG\TSCOMP.DLL"
Thu 5 Aug 2004 11,776 A..H. --- "C:\i386\WINNTUPG\VIDUPGRD.DLL"
Sun 28 Oct 2007 5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Sat 20 Nov 2004 26,112 A..H. --- "C:\WINDOWS\system32\InsD1211.exe"
Wed 6 Aug 2003 24,576 A..H. --- "C:\WINDOWS\system32\KCMDNIns.exe"
Sat 20 Nov 2004 36,864 A..H. --- "C:\WINDOWS\system32\kill1211.exe"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Wed 7 Dec 2005 1,024 ...H. --- "C:\WINDOWS\system32\NTIBUN4.dll"
Wed 7 Dec 2005 1,024 ...H. --- "C:\WINDOWS\system32\NTICDMK7.dll"
Wed 7 Dec 2005 1,024 ...H. --- "C:\WINDOWS\system32\NTIFCD3.dll"
Wed 7 Dec 2005 1,024 ...H. --- "C:\WINDOWS\system32\NTIMP3.dll"
Wed 7 Dec 2005 1,024 ...H. --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Thu 7 Aug 2003 24,576 A..H. --- "C:\WINDOWS\system32\reboot.exe"
Sat 20 Nov 2004 26,112 A..H. --- "C:\WINDOWS\system32\RemD1211.exe"
Mon 30 Aug 2004 44,032 A..H. --- "C:\WINDOWS\system32\rescan.exe"
Sat 20 Nov 2004 26,112 A..H. --- "C:\WINDOWS\XDRV\InsD1211.exe"
Mon 30 Aug 2004 44,032 A..H. --- "C:\WINDOWS\XDRV\rescan.exe"
Mon 6 Jun 2005 45,056 A..H. --- "C:\Acer\Empowering Technology\eRecovery\AboutNTISDK.dll"
Wed 6 Apr 2005 49,152 A..H. --- "C:\Acer\Empowering Technology\eRecovery\catply.exe"
Tue 10 May 2005 159,744 A..H. --- "C:\Acer\Empowering Technology\eRecovery\CdrMmc32.dll"
Tue 10 May 2005 196,608 A..H. --- "C:\Acer\Empowering Technology\eRecovery\Cdrw32.dll"
Wed 8 Jun 2005 65,536 A..H. --- "C:\Acer\Empowering Technology\eRecovery\CdrwEx32.dll"
Wed 3 Nov 2004 159,744 A..H. --- "C:\Acer\Empowering Technology\eRecovery\CloseProcessWindow.dll"
Tue 7 Jun 2005 147,456 A..H. --- "C:\Acer\Empowering Technology\eRecovery\Data32.dll"
Tue 7 Jun 2005 65,536 A..H. --- "C:\Acer\Empowering Technology\eRecovery\DataEx32.dll"
Wed 16 Nov 2005 516,096 A..H. --- "C:\Acer\Empowering Technology\eRecovery\eRecovery.exe"
Fri 25 Mar 2005 2,048 A..H. --- "C:\Acer\Empowering Technology\eRecovery\ETFSBOOT.COM"
Fri 22 Jul 2005 65,536 A..H. --- "C:\Acer\Empowering Technology\eRecovery\extResource.dll"
Mon 6 Jun 2005 14,848 A..H. --- "C:\Acer\Empowering Technology\eRecovery\ImagFile.dll"
Thu 13 Jan 2005 69,632 A..H. --- "C:\Acer\Empowering Technology\eRecovery\int15.sys"
Wed 30 Mar 2005 8,704 A..H. --- "C:\Acer\Empowering Technology\eRecovery\int15_x64.sys"
Thu 13 Jan 2005 69,632 A..H. --- "C:\Acer\Empowering Technology\eRecovery\int15_x32.sys"
Mon 6 Jun 2005 15,360 A..H. --- "C:\Acer\Empowering Technology\eRecovery\LogFile.dll"
Thu 13 Jan 2005 69,632 A..H. --- "C:\Acer\Empowering Technology\eRecovery\MBRwrWin.exe"
Thu 13 Jan 2005 1,060,864 A..H. --- "C:\Acer\Empowering Technology\eRecovery\MFC71.dll"
Thu 13 Jan 2005 1,047,552 A..H. --- "C:\Acer\Empowering Technology\eRecovery\MFC71u.dll"
Wed 16 Nov 2005 397,312 A..H. --- "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"
Mon 6 Jun 2005 40,960 A..H. --- "C:\Acer\Empowering Technology\eRecovery\Mpeg2Dec.dll"
Thu 13 Jan 2005 155,648 A..H. --- "C:\Acer\Empowering Technology\eRecovery\mscoree.dll"
Thu 13 Jan 2005 499,712 A..H. --- "C:\Acer\Empowering Technology\eRecovery\msvcp71.dll"
Thu 13 Jan 2005 348,160 A..H. --- "C:\Acer\Empowering Technology\eRecovery\msvcr71.dll"
Tue 10 May 2005 49,152 A..H. --- "C:\Acer\Empowering Technology\eRecovery\NtiAspi.dll"
Fri 25 Mar 2005 75,776 A..H. --- "C:\Acer\Empowering Technology\eRecovery\OSCDIMG.EXE"
Thu 13 Jan 2005 24,576 A..H. --- "C:\Acer\Empowering Technology\eRecovery\SysInfo.dll"
Mon 6 Jun 2005 126,976 A..H. --- "C:\Acer\Empowering Technology\eRecovery\Video32.dll"
Sat 11 Nov 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 11 Nov 2006 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv10.bak"
Wed 31 Aug 2005 307,200 A..H. --- "C:\drv\VGA1\B_26509\atiiiexx.dll"
Thu 5 Aug 2004 55,632 A..H. --- "C:\i386\DRW\1033\DWINTL.DLL"
Thu 5 Aug 2004 59,728 A..H. --- "C:\i386\DRW\1036\DWINTL.DLL"
Tue 7 Feb 2006 299,008 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\Maint.exe"
Mon 25 Apr 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\uinstrsc.dll"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Fri 4 Jan 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Thu 5 Aug 2004 4,096 A..H. --- "C:\VALUEADD\MSFT\USMT\ICONLIB.DLL"
Thu 5 Aug 2004 33,792 A..H. --- "C:\VALUEADD\MSFT\USMT\LOADSTATE.EXE"
Thu 5 Aug 2004 19,968 A..H. --- "C:\VALUEADD\MSFT\USMT\LOG.DLL"
Thu 5 Aug 2004 201,216 A..H. --- "C:\VALUEADD\MSFT\USMT\MIGISM.DLL"
Thu 5 Aug 2004 192,512 A..H. --- "C:\VALUEADD\MSFT\USMT\MIGISM_A.DLL"
Thu 5 Aug 2004 33,280 A..H. --- "C:\VALUEADD\MSFT\USMT\SCANSTATE.EXE"
Thu 5 Aug 2004 29,184 A..H. --- "C:\VALUEADD\MSFT\USMT\SCANSTATE_A.EXE"
Thu 5 Aug 2004 204,800 A..H. --- "C:\VALUEADD\MSFT\USMT\SCRIPT.DLL"
Thu 5 Aug 2004 189,440 A..H. --- "C:\VALUEADD\MSFT\USMT\SCRIPT_A.DLL"
Thu 5 Aug 2004 25,088 A..H. --- "C:\VALUEADD\MSFT\USMT\SHFOLDER.DLL"
Thu 5 Aug 2004 169,472 A..H. --- "C:\VALUEADD\MSFT\USMT\SYSMOD.DLL"
Thu 5 Aug 2004 155,648 A..H. --- "C:\VALUEADD\MSFT\USMT\SYSMOD_A.DLL"
Thu 5 Aug 2004 80,896 A..H. --- "C:\VALUEADD\MSFT\USMT\UNCTRN.DLL"
Thu 5 Aug 2004 66,048 A..H. --- "C:\VALUEADD\MSFT\USMT\UNCTRN_A.DLL"
Sun 29 Jul 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Thu 5 Aug 2004 5,632 A..H. --- "C:\i386\WINNTUPG\MS\MODEMSHR\MDMSHRUP.DLL"
Thu 5 Aug 2004 30,748 A..H. --- "C:\i386\WINNTUPG\MS\SNA\IBMMGUG.DLL"
Thu 5 Aug 2004 38,941 A..H. --- "C:\i386\WINNTUPG\MS\SNA\NTSNAUPG.DLL"
Thu 5 Aug 2004 28,701 A..H. --- "C:\i386\WINNTUPG\MS\SNA\SNADLCUG.DLL"
Thu 5 Aug 2004 114,717 A..H. --- "C:\i386\WINNTUPG\OEM\EQN\EQNUPGRD.DLL"
Thu 5 Aug 2004 33,792 A..H. --- "C:\i386\WINNTUPG\OEM\TIGERJET\TJUPG.DLL"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sat 3 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Thu 5 Aug 2004 2,872,872 A..H. --- "C:\VALUEADD\3RDPARTY\MGMT\CITRIX\ICA32.EXE"
Thu 5 Aug 2004 98,176 A..H. --- "C:\VALUEADD\MSFT\NET\NETBEUI\NBF.SYS"
Thu 5 Aug 2004 49,664 A..H. --- "C:\VALUEADD\MSFT\NET\TOOLS\TTCP.EXE"
Thu 5 Aug 2004 4,096 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\ICONLIB.DLL"
Thu 5 Aug 2004 19,968 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\LOG.DLL"
Thu 5 Aug 2004 192,512 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\MIGISM.DLL"
Thu 5 Aug 2004 29,184 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\SCANSTATE.EXE"
Thu 5 Aug 2004 189,440 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\SCRIPT.DLL"
Thu 5 Aug 2004 25,088 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\SHFOLDER.DLL"
Thu 5 Aug 2004 155,648 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\SYSMOD.DLL"
Thu 5 Aug 2004 66,048 A..H. --- "C:\VALUEADD\MSFT\USMT\ANSI\UNCTRN.DLL"
Thu 20 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2b3ec987c557c0db8aeefc1b4c479971\BITD.tmp"
Thu 20 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\778fd2fc3fe6b905e366b5ddbba384c8\BITB.tmp"
Thu 20 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\eaf9a70595fa5abd295f301727b0d6e2\BITC.tmp"
Thu 27 Dec 2007 51,375,616 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL0108.tmp"
Sat 3 Nov 2007 49,033,728 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL0109.tmp"
Mon 3 Dec 2007 50,847,232 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL0803.tmp"
Sun 4 Nov 2007 49,688,064 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL0881.tmp"
Sun 2 Dec 2007 49,423,872 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL1776.tmp"
Sun 28 Oct 2007 43,530,752 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL1877.tmp"
Sun 4 Nov 2007 50,982,400 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL1967.tmp"
Mon 3 Dec 2007 51,316,736 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL2052.tmp"
Sun 4 Nov 2007 49,493,504 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL2087.tmp"
Sat 1 Dec 2007 49,416,192 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL2199.tmp"
Sun 4 Nov 2007 49,687,552 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL2370.tmp"
Sun 4 Nov 2007 50,934,784 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL2434.tmp"
Fri 9 Nov 2007 50,962,944 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL3019.tmp"
Sun 4 Nov 2007 49,596,928 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL3219.tmp"
Sun 2 Dec 2007 50,844,672 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL3263.tmp"
Sat 3 Nov 2007 48,951,808 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL3337.tmp"
Mon 3 Dec 2007 51,315,200 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL3541.tmp"
Mon 5 Nov 2007 50,995,200 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL3809.tmp"
Sat 3 Nov 2007 48,935,936 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL4040.tmp"
Sat 3 Nov 2007 48,923,136 ...H. --- "C:\Documents and Settings\lim.ONZE\Application Data\Microsoft\Word\~WRL4045.tmp"
Thu 5 Aug 2004 74,802 A..H. --- "C:\i386\ASMS\6000\MSFT\VCRTL\ATL.DLL"
Thu 5 Aug 2004 995,383 A..H. --- "C:\i386\ASMS\6000\MSFT\VCRTL\MFC42.DLL"
Thu 5 Aug 2004 995,384 A..H. --- "C:\i386\ASMS\6000\MSFT\VCRTL\MFC42U.DLL"
Thu 5 Aug 2004 401,462 A..H. --- "C:\i386\ASMS\6000\MSFT\VCRTL\MSVCP60.DLL"
Thu 5 Aug 2004 57,344 A..H. --- "C:\i386\ASMS\6000\MSFT\VCRTLINT\MFC42FRA.DLL"
Thu 5 Aug 2004 9,756 A..H. --- "C:\i386\WINNTUPG\OEM\DIGI\ASYNC\DGUPGRD.DLL"
Thu 5 Aug 2004 11,292 A..H. --- "C:\i386\WINNTUPG\OEM\DIGI\REALPORT\DGRPUPG.DLL"
Thu 5 Aug 2004 31,744 A..H. --- "C:\i386\WINNTUPG\OEM\SPX\MPS\SPXUPGRD.DLL"
Tue 9 Jan 2007 25,839,664 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\f8da354fef804e89ae2e375e9026fb3b\BIT2.tmp"
Thu 5 Aug 2004 1,700,352 A..H. --- "C:\i386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL"
Thu 5 Aug 2004 50,688 A..H. --- "C:\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCIRT.DLL"
Thu 5 Aug 2004 322,560 A..H. --- "C:\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL"
Thu 5 Aug 2004 72,732 A..H. --- "C:\i386\WINNTUPG\OEM\DIGI\ISDN\BRI\DIGIUPG.DLL"
Thu 5 Aug 2004 28,701 A..H. --- "C:\i386\WINNTUPG\OEM\DIGI\ISDN\PRI\DIGPRIUP.DLL"
Thu 5 Aug 2004 921,088 A..H. --- "C:\i386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL"

Finished!
0
Réponse 3 / 8
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
6 janv. 2008 à 18:03
la version "hijackthis" n'est pas bonne:
1) Clique ICI pour télécharger le fichier d'installation d'HijackThis :http://www.infos-du-net.com/telecharger/HijackThis,0301-454.html

Enregistre HJTInstall.exe sur ton bureau

Double-clique sur HJTInstall.exe pour lancer le programme

Par défaut, il s'installera là || C:\Program Files\Trend Micro\HijackThis

Accepte la license en cliquant sur le bouton "I Accept"

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

Colle le rapport que tu viens de copier sur ce forum

Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctem
0
Réponse 4 / 8
Gutt-A
6 janv. 2008 à 20:13
Voici le log HisJackthis,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:08, on 06/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\LIM~1.ONZ\LOCALS~1\Temp\Rar$EX01.734\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2804783989-3694800924-3129927501-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'eMule_Secure')
O4 - HKUS\S-1-5-21-2804783989-3694800924-3129927501-1008\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe (User 'eMule_Secure')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
6 janv. 2008 à 20:40
tu vas cocher ces lignes avec hijackthis:
C:\PROGRA~1\Wanadoo\Inactivity.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
ensuite tu clique sur "fixcheked"
dis moi si ca va mieux?
combien as tu d'antivirus?
0
Réponse 6 / 8
Gutt-A
6 janv. 2008 à 21:53
No, ca ne marche....
0
Réponse 7 / 8
Gutt-A
7 janv. 2008 à 11:16
.....pas
J'ai Avast, Norton, Spyware Doctor, AVG Anti Rootkit Free.
0
Réponse 8 / 8
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
7 janv. 2008 à 11:30
2 antivirus en meme temps.....aie AIE!!
desinstalle un antivirus>>>je te conseille de garder AVAST.NE GARDE QU'UN ANTIVIRUS SINON RISQUE DE CONFLITS!!!!
pour desinstaller NORTON:http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
avg antirootkit>>>>tu n'en a pas besoin pour le moment(tu peux le supprimer et tu le téléchargera vraiment quand tu en auras besoin pour démasquer les root-kits)
pour le pare-feu prend celui ci:https://forums.cnetfrance.fr

pour supprimer des lignes avec hijackthis ,voir démo ici:http://pageperso.aol.fr/balltrap34/demohijack.htm
une fois virer ces lignes dis moi si ca va mieux avec ton pc.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Voxbone ? qui est-ce ?
fanfan54 -
djakool4 -

158 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses