Sujet Précédent Sujet Suivant

Svw.exe sur mon ordinateur

Résolu/Fermé
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 - 22 août 2008 à 11:37
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 - 28 août 2008 à 11:42
Bonjour,

Bonjour,

J'ai eu un trojan sur mon ordinateur que j'ai cru pouvoir virer grace à plusieurs programmes : smitfraudfix, spybot ccleaner.
Toutefois, lorsque j'allume vista, le système de sécurité bloque toujours un accès à svw.exe.

Lorsque je refais des scans avec es programmes antispyware ils ne trouvent plus rien.

j'ai fais un test avec hiyjackthis et voilà le résultat. je n'y comprends rien ... pouvez-vous m'aider?


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:31, on 22/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\Admin\AppData\Local\Temp\bwgo000126cc.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
C:\WINDOWS\Downloaded Program Files\gatelauncher.exe
C:\Users\Admin\AppData\Local\Temp\fsgk32.exe
C:\Users\Admin\AppData\Local\Temp\fssm32.exe
c:\program files\google\googletoolbar3user.exe
c:\Users\Admin\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [netw] C:\Windows\svw.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
A voir également:

52 réponses

Réponse 1 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 11:42
Salut,

protocole à suivre pour Windows Vista :

*Désactiver le contrôle des comptes utilisateurs ou UAC (le réactiver seulement à la fin de la désinfection) :

Aller dans démarrer puis panneau de configuration
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
Puis redémarrer le PC quand il le vous saura demandé ...

Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517


* Important :
Pour installer ou pour lancer les outils, que tu utiliseras au court de la désinfection, fait toujours ainsi :
cliques DROIT ( sur le setup d'installe ou l'outil )-> choisis " Exécuter entant qu'administrateur " .
Fais ce-ci systématiquement ! ...

**********************************

Télécharges ToolBar S&D ( de Eric_71 ) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

* double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
* Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
* Choisis l'option 1 ( "recherche") et tapes "entrée" .
* Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
0
Réponse 2 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 12:13
Bonjour, merci pour ton aide

en enlevant uac, le message n'est plus apparu ???

voici le rapport :


-----------\\ ToolBar S&D 1.1.2 XP/Vista

Microsoft® Windows Vista™ Professionnel ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
Default System BIOS
USER : David ( Administrator )
USER : Magda ( Not Administrator ! )
BOOT : Normal boot

"C:\ToolBar SD" ( MAJ : 21-08-2008|14:05 )
Option : [1] ( 22/08/2008|12:10 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb125
C:\Program Files\Search Settings\SearchSettings.exe

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.google.be/?gws_rd=ssl"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Admin\Documents\Mes Programmes\Download.Accelerator.Plus.v8.1.2.1.Multilangages.Incl.Crack.rar
C:\Users\Admin\Documents\Mes Programmes\DVD.X.Player.Pro.v4.1.Multi.JiNo22.Incl-keygen.rar
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG\Clonecd4.0.0.1kg.exe


[ UAC => 1 ]

-----------\\ Fin du rapport a 12:11:14,38
0
Réponse 3 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 12:16
très bien ...

Fais ce-ci maintenant :

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

Relances Toolbar-S&D en double-cliquant sur le raccourci.
-->Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".
Note : ne touches à rien lors de la suppression !
Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse
accompagné d'un nouveau rapport hijackthis pour analyse ...

( PS : Si ton Bureau ne réapparait pas, appuies simultanément sur "Ctrl+Alt+Supp"r pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tapes explorer puis valides ... )

0
Réponse 4 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 12:37
voilà c'est fait ...

voici les 2 rapports

-----------\\ ToolBar S&D 1.1.2 XP/Vista

Microsoft® Windows Vista™ Professionnel ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
Default System BIOS
USER : David ( Administrator )
USER : Magda ( Not Administrator ! )
BOOT : Normal boot

"C:\ToolBar SD" ( MAJ : 21-08-2008|14:05 )
Option : [2] ( 22/08/2008|12:33 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
Supprime! - C:\Program Files\Search Settings\kb125
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\Program Files\Search Settings

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.google.be/?gws_rd=ssl"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Admin\Documents\Mes Programmes\Download.Accelerator.Plus.v8.1.2.1.Multilangages.Incl.Crack.rar
C:\Users\Admin\Documents\Mes Programmes\DVD.X.Player.Pro.v4.1.Multi.JiNo22.Incl-keygen.rar
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG\Clonecd4.0.0.1kg.exe


[ UAC => 1 ]

-----------\\ Fin du rapport a 12:33:59,73



et hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:10, on 22/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\svw.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Users\Admin\AppData\Local\Temp\bwgo0000d37c.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\system32\msfeedssync.exe
c:\Users\Admin\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [netw] C:\Windows\svw.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 13:06
Très bien ...

1- Il faut re-désactiver l'UAC car Toolbar S&D l'a remis en place :

Aller dans "démarrer" puis "panneau de configuration" :
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
Puis redémarrer le PC quand il le vous saura demandé ...

Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517

2- Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).

Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )


3- fais exactement ce qui suit :

Télécharges ComboFix (par sUBs) sur ton Bureau (et pas ailleur !):
http://download.bleepingcomputer.com/sUBs/ComboFix.exe <--- clik droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix et valide .

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnectes toi,fermes tes applications en cours et DESACTIVES TOUTES TES DEFENSES (anti-virus, guardes anti spy-ware, pare-feu) le temps de la manipe :
en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :
double-cliques C-Fix.exe ( = combofix.exe ) .

Appuyes sur la touche Y (Yes) pour démarrer le scan .

Attention :
--> n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi .
--> Il se peut que le PC redémarre de lui même ( pour finaliser le nettoyage ) , laisses le faire .
--> si un message d'erreur windows apparait à un momment : clik sur la croix rouge en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! sinon pas de rapport ... )

Le rapport sera crée dans: C:\Combofix.txt

Postes le rapport Combofix accompagné d'un nouveau rapport hijackthis pour analyse ...
0
Réponse 6 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 13:53
Combofix ne se lance pas malgrès avoir tout arrêter comme programme. Lorsque je click sur c-fix, il y a un rectangle qui s'ouvre, une recherche puis tous les éléments de mon bureau disparaissent et réapparaisse. c'est tout ???

Tient, je dois me déconnecter à internet ?? j'ai essayé connecté et non connecté, pareille ???
0
Réponse 7 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 13:58
1-vérifies bien que l'UAC soit désactivé .

2- Que toutes tes défences soient désactivées (anti-virus, guardes anti spy-ware, pare-feu).

3- tu te déconnectes .

4- pour lancer C-Fix -> cliques droit dessus / "éxecuter entant qu'administrateur .... "

0
Réponse 8 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 14:20
je ne comprends pas j'ai fais tout ce qu'il faut faire. j'ai même essayé en mode sans echec sans être lié au réseaux. il ne fonctionne tout de même pas.
0
Réponse 9 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 14:26
Bizard ... laisses tomber pour le momment et réacteives tes défences ...

j'aimerai vérifier une chose :

Redémarrer l'ordinateur en mode sans échec .
Comment aller en Mode sans échec
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
( ps : n'oublies pas , en mode sans échec , pas de connexion ! Donc copies ou imprimes bien les info ci-dessous ...)

Relances Toolbar-S&D en double-cliquant sur le raccourci.
-->Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".
Note : ne touches à rien lors de la suppression !
Un rapport sera généré à la fin du processus : sauvegardes le de façon à le retrouver !

( PS : Si ton Bureau ne réapparait pas, appuies simultanément sur "Ctrl+Alt+Supp"r pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tapes explorer puis valides ... )

Redémarres ton PC .

-> postes moi le rapport sauvegardé, accompagné d'un nouvel hijackthis ( fait en mode normale ) pour analyse et attends la suite ...
0
Réponse 10 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 14:45
voilà les deux rapports. uac s'est reconnecté tout seul ... après toolbar je suppose.


-----------\\ ToolBar S&D 1.1.2 XP/Vista

Microsoft® Windows Vista™ Professionnel ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
Default System BIOS
USER : David ( Administrator )
USER : Magda ( Not Administrator ! )
BOOT : Fail-safe with network boot

"C:\ToolBar SD" ( MAJ : 21-08-2008|14:05 )
Option : [2] ( 22/08/2008|14:33 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.google.be/?gws_rd=ssl"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Admin\Documents\Mes Programmes\Download.Accelerator.Plus.v8.1.2.1.Multilangages.Incl.Crack.rar
C:\Users\Admin\Documents\Mes Programmes\DVD.X.Player.Pro.v4.1.Multi.JiNo22.Incl-keygen.rar
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG\Clonecd4.0.0.1kg.exe


[ UAC => 1 ]

-----------\\ Fin du rapport a 14:34:19,83



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:42:19, on 22/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Windows\System32\rundll32.exe
C:\Windows\svw.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\Admin\AppData\Local\Temp\bwgo00008879.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Windows\system32\hpoipm07.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
c:\Users\Admin\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [netw] C:\Windows\svw.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
0
Réponse 11 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 15:03
Ok ... Alors dans l'ordre :

1- Encore --> Il faut re-désactiver l'UAC car Toolbar S&D l'a remis en place :

Aller dans "démarrer" puis "panneau de configuration" :
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
Puis redémarrer le PC quand il le vous saura demandé ...

Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517


2- Ce que tu vois à la fin du rapport ToolBar S&D :

--------------------\\ Cracks & Keygens ..

C:\Users\Admin\Documents\Mes Programmes\Download.Accelerator.Plus.v8.1.2.1.Multilangages.Incl.Crack.rar
C:\Users\Admin\Documents\Mes Programmes\DVD.X.Player.Pro.v4.1.Multi.JiNo22.Incl-keygen.rar
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG
C:\Users\Admin\esai\Clone CD 4\CloneCD.v4.0.0.1.Keygen.Only-TMG\Clonecd4.0.0.1kg.exe


--> ce sont tous des cracks infectés , si tu les réutilises , tu risques fort d'être infecté de nouveau ... Donc supprimes les ! ( directes à la poubelle et tu la vides ) .


3- regardes ici sur ton PC ( car je pense que combofix a du avoir une action ) :
Si tu trouves ce rapport -> "C:\Combofix.txt " , postes moi le stp ...


4 - Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).

Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )


5- il reste encore une infection à traiter :

Télécharges MalwareByte's :
ici ftp://ftp.commentcamarche.com/download/mbam-setup.exe
ou ici : http://www.malwarebytes.org/mbam.php

Installes le ( choisis bien "francais" ; ne modifies pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

Potasses le tuto pour te familiariser avec le prg : https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).

Impératif : redémarres en mode sans échec :
Comment aller en Mode sans échec
1) Redémarres ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)

Lances Malwarebyte's .

Fais un scan dit "complet" ( sélectionnes bien tout tes disks avant le scan ) et supprimes tout ce qu'il peut trouver, c.a.d :
--->une fois le scan terminé , click sur "résultat" : puis vérifies que tous les objets infectés soient validés, puis click sur " suppression " .

Redémarres ton PC ( mode normal ).

Postes le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) accompagné d'un nouvel hijackthis ( fait en mode normal ) ...


0
Réponse 12 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 17:39
voilà scan complet ... désolé j'ai du m'absenter ...

pas d'éléments infectés ???

rapport :

Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1076
Windows 6.0.6000

17:31:55 22/08/2008
mbam-log-08-22-2008 (17-31-55).txt

Type de recherche: Examen complet (C:\|G:\|)
Eléments examinés: 175706
Temps écoulé: 36 minute(s), 7 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:02, on 22/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Windows\System32\rundll32.exe
C:\Windows\svw.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
C:\Users\Admin\AppData\Local\Temp\bwgo00008433.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Windows\system32\hpoipm07.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Users\Admin\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [netw] C:\Windows\svw.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
0
Réponse 13 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 17:50
mince ... la bestiole en question n'est pas détecter par Malwarebytes ... et combofix qui ne passe pas ... :-/


Télécharge OAD ( par !aur3n7) : http://sosvirus.changelog.fr/OAD.exe
----> Enregistre le sur ton bureau .

cliques droit / "exécuter entant qu'admin..." sur l'icone OAD pour le lancer .

Si ton Antivirus s'affole , ignore l'alerte pour poursuivre la manipe .

- nom du fichier à rechercher --->tape ou fais un copier coller de : svw.exe
- Type de recherche : sélectionne l'option 6 puis valide ["entrée"]

OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ait terminé.
Le rapport de recherche s'affichera automatiquement à l’écran dès qu'il aura terminé.

Note : suivant la taille des disques durs cette recherche peut prendre plusieurs minutes. Sois patient ...

- Sauvegardes ce rapport sur ton Bureau et fais un copier / coller de celui-c dans ton prochain post.

Puis recommences avec :
netw

j'attends donc ces 2 rapports ...
0
Réponse 14 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 18:26
j'ai utilisé oad, voilà le rapport mais ... c'est quoi netw ???

22/08/2008 ---- 18:23:34,18

----------------------------------
§§§§§§ [svw.exe] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete


********************
[Registre]
********************


[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6000.16386_none_2021a451e82131db]
"f!mscorsvw.exe"=hex:6d,00,73,00,63,00,6f,00,72,00,73,00,76,00,77,00,2e,00,65,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\f256!mscorsvw.exe]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\f256!mscorsvw.exe\6a93aa71bcd081cfd565a14e5da69735b93dcfed0467a737af8cb4b783598d2f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\f256!mscorsvw.exe\b7d8100e4bd88c4dad80c12eb407c68cba70cb657aa8f393d5f053a206c8c66b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\v!6.0.6001.18000\UnstagedFiles]
"mscorsvw.exe"=hex:00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"netw"="C:\\Windows\\svw.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\DerivedData\Components\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.0.6000.16386_none_2021a451e82131db]
"f!mscorsvw.exe"=hex:6d,00,73,00,63,00,6f,00,72,00,73,00,76,00,77,00,2e,00,65,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\f256!mscorsvw.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\f256!mscorsvw.exe\6a93aa71bcd081cfd565a14e5da69735b93dcfed0467a737af8cb4b783598d2f]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\f256!mscorsvw.exe\b7d8100e4bd88c4dad80c12eb407c68cba70cb657aa8f393d5f053a206c8c66b]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_none_f1e2155e6e170949\v!6.0.6001.18000\UnstagedFiles]
"mscorsvw.exe"=hex:00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clr_optimization_v2.0.50727_32-2"="V2.0|Action=Block|Dir=Out|App=C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe|Svc=clr_optimization_v2.0.50727_32|Name=Block traffic for clr_optimization_v2.0.50727_32|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clr_optimization_v2.0.50727_32-1"="V2.0|Action=Block|Dir=In|App=C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe|Svc=clr_optimization_v2.0.50727_32|Name=Block traffic for clr_optimization_v2.0.50727_32|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clr_optimization_v2.0.50727_32-2"="V2.0|Action=Block|Dir=Out|App=C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe|Svc=clr_optimization_v2.0.50727_32|Name=Block traffic for clr_optimization_v2.0.50727_32|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clr_optimization_v2.0.50727_32-1"="V2.0|Action=Block|Dir=In|App=C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe|Svc=clr_optimization_v2.0.50727_32|Name=Block traffic for clr_optimization_v2.0.50727_32|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clr_optimization_v2.0.50727_32-2"="V2.0|Action=Block|Dir=Out|App=C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe|Svc=clr_optimization_v2.0.50727_32|Name=Block traffic for clr_optimization_v2.0.50727_32|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clr_optimization_v2.0.50727_32-1"="V2.0|Action=Block|Dir=In|App=C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe|Svc=clr_optimization_v2.0.50727_32|Name=Block traffic for clr_optimization_v2.0.50727_32|"

*******************
[Fichier]
*******************

c:\Windows\svw.exe


*********************
[Même date]
*********************

[21/08/2008 ] --- REP ---> C:\Program Files\Malwarebytes' Anti-Malware
[21/08/2008 ] --- REP ---> C:\Program Files\Spybot - Search & Destroy
[21/08/2008 ] --- REP ---> C:\Program Files\SUPERAntiSpyware
[21/08/2008 ] ---> C:\Windows\svw.exe
[21/08/2008 ] ---> C:\Windows\system32\549241099.dat
[21/08/2008 ] ---> C:\Windows\system32\drivers\mbam.sys
[21/08/2008 ] ---> C:\Windows\system32\drivers\mbamswissarmy.sys
[21/08/2008 ] ---> C:\Windows\system32\wuapi.dll
[21/08/2008 ] ---> C:\Windows\system32\wuapp.exe
[21/08/2008 ] ---> C:\Windows\system32\wuauclt.exe
[21/08/2008 ] ---> C:\Windows\system32\wuaueng.dll
[21/08/2008 ] ---> C:\Windows\system32\wucltux.dll
[21/08/2008 ] ---> C:\Windows\system32\wudriver.dll
[21/08/2008 ] ---> C:\Windows\system32\wups.dll
[21/08/2008 ] ---> C:\Windows\system32\wups2.dll
[21/08/2008 ] ---> C:\Windows\system32\wuwebv.dll



Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
0
Réponse 15 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 18:30
Refais la même manipe en mettant netw pour la recherche stp ... puis poste le rapport obtenu ...

0
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 18:37
22/08/2008 ---- 18:35:12,16

----------------------------------
§§§§§§ [netw] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete


********************
[Registre]
********************


[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Catalogs\57d2faf50e3c22127d9e6a6576b297365f5aefc849352ee11c8ecec5ad9c35cc]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..-deployment_31bf3856ad364e35_6.0.6000.16386_4a25c691998b4af3]
"p!CBS_microsoft-windows-wmpnetworksharingservice-package~31bf3856a_e84f81b243b4f397"=hex:70,\

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..-deployment_31bf3856ad364e35_6.0.6000.16386_4a25c691998b4af3]
"i!CBS_microsoft-windows-wmpnetworksharingservice-package~31bf3856a_e84f81b243b4f397"=hex:70,\

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..anguagepack_31bf3856ad364e35_6.0.6000.16386_eb042247295b5a8c]
"p!CBS_microsoft-windows-wmpnetworksharingservice-package~31bf3856a_ae4f9316706b0368"=hex:75,\

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..anguagepack_31bf3856ad364e35_6.0.6000.16386_eb042247295b5a8c]
"i!CBS_microsoft-windows-wmpnetworksharingservice-package~31bf3856a_ae4f9316706b0368"=hex:75,\

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\netw3.inf_31bf3856ad364e35_6.0.6001.18000_585af29a308fcbee]

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb]

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb]
"p!CBS_networking-mpssvc-rules-businessedition-package~31bf3856ad36_cd7fea905f4da8b8"=hex:7c,\

[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb]
"i!CBS_networking-mpssvc-rules-businessedition-package~31bf3856ad36_cd7fea905f4da8b8"=hex:7c,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-network-internet-access_31bf3856ad364e35_6.0.6000.16386_none_b85711c14117830d]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-network-internet-access_31bf3856ad364e35_6.0.6001.18000_none_ba8dd3bd3e0293e1]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netw.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_43082ff4d27a1346]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netw.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_43082ff4d27a1346]
"f!netw.h1s"=hex:6e,00,65,00,74,00,77,00,2e,00,68,00,31,00,73,00

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netwl.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_b174d827a40295e4]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netwl.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_b174d827a40295e4]
"f!netwl.h1s"=hex:6e,00,65,00,74,00,77,00,6c,00,2e,00,68,00,31,00,73,00

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netwl_31bf3856ad364e35_6.0.6000.16386_none_c60aae29b802170a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-network.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_62306dd6609d8404]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-network.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_62306dd6609d8404]
"f!network.h1s"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,2e,00,68,00,31,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-network_31bf3856ad364e35_6.0.6000.16386_none_7935c2ca8950a4c6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netwpr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_09a464666660ab5c]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netwpr.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_09a464666660ab5c]
"f!netwpr.h1s"=hex:6e,00,65,00,74,00,77,00,70,00,72,00,2e,00,68,00,31,00,73,00

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netwpr_31bf3856ad364e35_6.0.6000.16386_none_f7f020a4aa3f5a0c]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-help-netw_31bf3856ad364e35_6.0.6000.16386_none_22961aff2fe52a34]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16386_none_eb8fad2d167e631b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16623_none_ebcd9189165066e5]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16643_none_ebb7f1b116609ec7]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16681_none_eb8ab16d1682dbdd]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16711_none_ebd662c7164a156d]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20748_none_ec468fee2f79bd44]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20777_none_ec251fe02f92f7c0]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20823_none_ec57303a2f6e03d6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20868_none_ec30f1fc2f89f24d]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6001.18000_none_edc66f29136973ef]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6000.16386_none_0041f38286aeaf07]
"f!microsoft-windows-network_3f73b2e07ecec3eb"=hex:4d,00,69,00,63,00,72,00,6f,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6000.16386_none_0041f38286aeaf07]
"f!networking-mpssvc-svc-dl._1b1bac5cdce73693"=hex:4e,00,65,00,74,00,77,00,6f,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6000.16386_none_0041f38286aeaf07]
"f!printing-spooler-networkc_d2e5cf14e473802d"=hex:50,00,72,00,69,00,6e,00,74,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6000.16386_none_0041f38286aeaf07]
"f!wirelessnetworking-dl.man"=hex:57,00,69,00,72,00,65,00,6c,00,65,00,73,00,73,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb]
"f!microsoft-windows-network_3f73b2e07ecec3eb"=hex:4d,00,69,00,63,00,72,00,6f,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb]
"f!printing-spooler-networkc_d2e5cf14e473802d"=hex:50,00,72,00,69,00,6e,00,74,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-n..ction-adm.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_c3e6d31a17bcd6fa]
"f!networkprojection.adml"=hex:4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,50,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-n..kexplorer.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_281f13961dc996d3]
"f!networkexplorer.dll.mui"=hex:4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,45,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-n..kexplorer.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_281f13961dc996d3]
"f!networkmap.dll.mui"=hex:4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,4d,00,61,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-n..kexplorer.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_281f13961dc996d3]
"f!networkitemfactory.dll.mu_a5f12677c86c452c"=hex:4e,00,65,00,74,00,77,00,6f,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-n..tions-adm.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_64540bcf379acb7a]
"f!networkconnections.adml"=hex:4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,43,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_a3cec736885e66af]
"f!_networkingperfcounters_d_aee46443d658e9b6"=hex:5f,00,4e,00,65,00,74,00,77,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_a605893285497783]
"f!_networkingperfcounters_d_aee46443d658e9b6"=hex:5f,00,4e,00,65,00,74,00,77,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-network-basic_31bf3856ad364e35_6.0.6000.16386_none_9c93f6894067cd7d]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.16386_none_caedaded2d9fc735]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.18000_none_cd246fe92a8ad809]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_6.0.6000.16386_none_be0b3e32684a7af5]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_6.0.6001.18000_none_c042002e65358bc9]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6000.16386_none_05b32edf092a8853]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6000.16386_none_05b32edf092a8853]
"f!microsoft-windows-network_c9ebe1ec1a466ea5"=hex:4d,00,69,00,63,00,72,00,6f,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkcenter_31bf3856ad364e35_6.0.6000.16386_none_3362bbb2dbe6316b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkcenter_31bf3856ad364e35_6.0.6001.18000_none_35997daed8d1423f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkconnections-adm_31bf3856ad364e35_6.0.6000.16386_none_e20d9fad99541e3a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkconnections-adm_31bf3856ad364e35_6.0.6000.16386_none_e20d9fad99541e3a]
"f!networkconnections.admx"=hex:4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,43,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkconnections-adm_31bf3856ad364e35_6.0.6001.18000_none_e44461a9963f2f0e]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6000.16386_none_3e1b9f1648f54ac5]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6000.16386_none_3e1b9f1648f54ac5]
"f!networkitemfactory.mof"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6000.16386_none_3e1b9f1648f54ac5]
"f!networkitemfactory.dll"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6000.16386_none_3e1b9f1648f54ac5]
"f!networkmap.mof"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,6d,00,61,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6000.16386_none_3e1b9f1648f54ac5]
"f!networkmap.dll"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,6d,00,61,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6000.16386_none_3e1b9f1648f54ac5]
"f!networkexplorer.dll"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,65,00,78,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6001.18000_none_4052611245e05b99]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6001.18000_none_4052611245e05b99]
"f!networkitemfactory.mof"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.0.6001.18000_none_4052611245e05b99]
"f!networkmap.mof"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,6d,00,61,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networking-eqossnapin_31bf3856ad364e35_6.0.6000.16386_none_153496b792a2cf3a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprofile_31bf3856ad364e35_6.0.6000.16386_none_76648f5e793ab701]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprofile_31bf3856ad364e35_6.0.6001.18000_none_789b515a7625c7d5]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprojection-adm_31bf3856ad364e35_6.0.6000.16386_none_9229bd1e0526e874]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprojection-adm_31bf3856ad364e35_6.0.6000.16386_none_9229bd1e0526e874]
"f!networkprojection.admx"=hex:4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,50,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6000.16386_none_e190c135f3d21c7d]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6000.16386_none_e190c135f3d21c7d]
"f!networkprojection-ppdlic._442a81feac5d499e"=hex:4e,00,65,00,74,00,77,00,6f,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6001.18000_none_e3c78331f0bd2d51]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprovisioning_31bf3856ad364e35_6.0.6000.16386_none_cb1b3f2fbd560c9b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networkprovisioning_31bf3856ad364e35_6.0.6001.18000_none_cd52012bba411d6f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networktopology-inf_31bf3856ad364e35_6.0.6000.16386_none_3821e712a6535c57]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networktopology-inf_31bf3856ad364e35_6.0.6001.18000_none_3a58a90ea33e6d2b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6000.16386_none_cf1f3538fd925a7b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6001.18000_none_d155f734fa7d6b4f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..econsumer.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_56079b5b90a3d813]
"f!report.system.network.xml"=hex:52,00,65,00,70,00,6f,00,72,00,74,00,2e,00,53,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..econsumer.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_56079b5b90a3d813]
"f!rules.system.network.xml"=hex:52,00,75,00,6c,00,65,00,73,00,2e,00,53,00,79,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..econsumer.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_583e5d578d8ee8e7]
"f!report.system.network.xml"=hex:52,00,65,00,70,00,6f,00,72,00,74,00,2e,00,53,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..econsumer.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_583e5d578d8ee8e7]
"f!rules.system.network.xml"=hex:52,00,75,00,6c,00,65,00,73,00,2e,00,53,00,79,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..ooler-networkclient_31bf3856ad364e35_6.0.6000.16386_none_373c78bd73fef31e]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..ooler-networkclient_31bf3856ad364e35_6.0.6001.18000_none_39733ab970ea03f2]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09]
"f!report.system.network.xml"=hex:52,00,65,00,70,00,6f,00,72,00,74,00,2e,00,53,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6000.16386_none_b1a5cca33386fc09]
"f!rules.system.network.xml"=hex:52,00,75,00,6c,00,65,00,73,00,2e,00,53,00,79,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd]
"f!report.system.network.xml"=hex:52,00,65,00,70,00,6f,00,72,00,74,00,2e,00,53,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd]
"f!rules.system.network.xml"=hex:52,00,75,00,6c,00,65,00,73,00,2e,00,53,00,79,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-van_31bf3856ad364e35_6.0.6000.16386_none_a9e343105c209251]
"f!availablenetworkinfo.xsd"=hex:41,00,76,00,61,00,69,00,6c,00,61,00,62,00,6c,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-van_31bf3856ad364e35_6.0.6001.18000_none_ac1a050c590ba325]
"f!availablenetworkinfo.xsd"=hex:41,00,76,00,61,00,69,00,6c,00,61,00,62,00,6c,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-w..networkconfigwizard_31bf3856ad364e35_6.0.6000.16386_none_d6b5e501d2340861]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-w..networkconfigwizard_31bf3856ad364e35_6.0.6001.18000_none_d8eca6fdcf1f1935]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95]
"f!networks"=hex:6e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,73,00

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-w..s-service.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_abb926c13865d3c0]
"f!wmpnetwk.exe.mui"=hex:77,00,6d,00,70,00,6e,00,65,00,74,00,77,00,6b,00,2e,00,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6000.16386_none_015009d6d1a8909a]
"f!wmpnetwk.exe"=hex:77,00,6d,00,70,00,6e,00,65,00,74,00,77,00,6b,00,2e,00,65,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6000.16386_none_015009d6d1a8909a]
"f!wmpnetwk.mof"=hex:77,00,6d,00,70,00,6e,00,65,00,74,00,77,00,6b,00,2e,00,6d,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e]
"f!wmpnetwk.mof"=hex:77,00,6d,00,70,00,6e,00,65,00,74,00,77,00,6b,00,2e,00,6d,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6000.16386_none_96ee0340e66c3abe]
"f!_networkingperfcounters.h_de8cf13a6170cfff"=hex:5f,00,4e,00,65,00,74,00,77,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6000.16386_none_96ee0340e66c3abe]
"f!_networkingperfcounters.i_17caad79760b97f1"=hex:5f,00,4e,00,65,00,74,00,77,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6000.16386_none_96ee0340e66c3abe]
"f!_networkingperfcounters_d_aee46443d658e9b6"=hex:5f,00,4e,00,65,00,74,00,77,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6001.18000_none_96c284fce6c3e38a]
"f!_networkingperfcounters.h_de8cf13a6170cfff"=hex:5f,00,4e,00,65,00,74,00,77,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6001.18000_none_96c284fce6c3e38a]
"f!_networkingperfcounters_d_aee46443d658e9b6"=hex:5f,00,4e,00,65,00,74,00,77,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netw2.inf.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_c436f5b2ff59f0d4]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netw2.inf.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_c436f5b2ff59f0d4]
"f!netw2.inf_loc_ff1e8288a6db2ae6"=hex:6e,00,65,00,74,00,77,00,32,00,2e,00,69,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netw3.inf.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_a2ef61d8f2555a53]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netw3.inf.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_a2ef61d8f2555a53]
"f!netw3.inf_loc_ee6ff16d3fe1048d"=hex:6e,00,65,00,74,00,77,00,33,00,2e,00,69,\

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netw3.inf.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_a52623d4ef406b27]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netw3.inf_31bf3856ad364e35_6.0.6001.18000_none_585af29a308fcbee]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_netw3.inf_31bf3856ad364e35_6.0.6001.18000_none_585af29a308fcbee]
"c!netw3.inf_31bf3856ad364e35_6.0.6001.18000_585af29a308fcbee"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-admin.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_e13c2c638cd78ed6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-admin.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_e372ee5f89c29faa]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-admin_31bf3856ad364e35_6.0.6000.16386_none_a31b6bf784e3e536]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-admin_31bf3856ad364e35_6.0.6001.18000_none_a5522df381cef60a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-netsh.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_86dd1c65082f515b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-netsh_31bf3856ad364e35_6.0.6000.16386_none_acb9d32fc9c4af3d]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-netsh_31bf3856ad364e35_6.0.6001.18000_none_aef0952bc6afc011]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-r..sedition-deployment_31bf3856ad364e35_6.0.6000.16386_none_b4cb5409da78a2fb]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-r..sedition-deployment_31bf3856ad364e35_6.0.6000.16386_none_b4cb5409da78a2fb]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-bitssvc_31bf3856ad364e35_6.0.6000.16386_none_f5d6512ed28be13b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-bitssvc_31bf3856ad364e35_6.0.6000.16386_none_f5d6512ed28be13b]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-collab_31bf3856ad364e35_6.0.6000.16386_none_5f7f0086d2fa19ec]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-collab_31bf3856ad364e35_6.0.6000.16386_none_5f7f0086d2fa19ec]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-corenet_31bf3856ad364e35_6.0.6000.16386_none_a6f5dd2647521dd1]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-corenet_31bf3856ad364e35_6.0.6000.16386_none_a6f5dd2647521dd1]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-corenet_31bf3856ad364e35_6.0.6000.16501_none_a7475ee04715b9e4]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-corenet_31bf3856ad364e35_6.0.6000.20614_none_a7c92c9d6038c1a4]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-corenet_31bf3856ad364e35_6.0.6001.18000_none_a92c9f22443d2ea5]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-fps_31bf3856ad364e35_6.0.6000.16386_none_618150ff6009cf62]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-fps_31bf3856ad364e35_6.0.6000.16386_none_618150ff6009cf62]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-fps_31bf3856ad364e35_6.0.6001.18000_none_63b812fb5cf4e036]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-msdtc_31bf3856ad364e35_6.0.6000.16386_none_43bc5220a8f51602]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-msdtc_31bf3856ad364e35_6.0.6000.16386_none_43bc5220a8f51602]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-msiscsi_31bf3856ad364e35_6.0.6000.16386_none_b179c5725a4c4908]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-msiscsi_31bf3856ad364e35_6.0.6000.16386_none_b179c5725a4c4908]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-netdis_31bf3856ad364e35_6.0.6000.16386_none_9e7cbeb412119532]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-netdis_31bf3856ad364e35_6.0.6000.16386_none_9e7cbeb412119532]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-netdis_31bf3856ad364e35_6.0.6001.18000_none_a0b380b00efca606]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-netpres_31bf3856ad364e35_6.0.6000.16386_none_e5ecbe3fb94a27b0]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-netpres_31bf3856ad364e35_6.0.6000.16386_none_e5ecbe3fb94a27b0]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-pnrpmnrs_31bf3856ad364e35_6.0.6000.16386_none_4bb80566bf8d206f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-pnrpmnrs_31bf3856ad364e35_6.0.6000.16386_none_4bb80566bf8d206f]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remoteadmin_31bf3856ad364e35_6.0.6000.16386_none_549659dcfcc866a4]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remoteadmin_31bf3856ad364e35_6.0.6000.16386_none_549659dcfcc866a4]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remoteassistance_31bf3856ad364e35_6.0.6000.16386_none_ce9cea8d792abaf7]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remoteassistance_31bf3856ad364e35_6.0.6000.16386_none_ce9cea8d792abaf7]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotedesktop_31bf3856ad364e35_6.0.6000.16386_none_6fc7fd96ac91cadd]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotedesktop_31bf3856ad364e35_6.0.6000.16386_none_6fc7fd96ac91cadd]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remoteevntlogsvc_31bf3856ad364e35_6.0.6000.16386_none_2bb9e7375bb67416]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remoteevntlogsvc_31bf3856ad364e35_6.0.6000.16386_none_2bb9e7375bb67416]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotefwadmin_31bf3856ad364e35_6.0.6000.16386_none_5da697339ebca50f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotefwadmin_31bf3856ad364e35_6.0.6000.16386_none_5da697339ebca50f]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotesvcadmin_31bf3856ad364e35_6.0.6000.16386_none_593f0e90bed00924]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotesvcadmin_31bf3856ad364e35_6.0.6000.16386_none_593f0e90bed00924]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotetask_31bf3856ad364e35_6.0.6000.16386_none_0a721fe459c8135c]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotetask_31bf3856ad364e35_6.0.6000.16386_none_0a721fe459c8135c]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotevolmgmt_31bf3856ad364e35_6.0.6000.16386_none_2132ff92ce3b1d37]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-remotevolmgmt_31bf3856ad364e35_6.0.6000.16386_none_2132ff92ce3b1d37]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-rras_31bf3856ad364e35_6.0.6000.16386_none_13a0b8deda2b28e7]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-rras_31bf3856ad364e35_6.0.6000.16386_none_13a0b8deda2b28e7]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-slsvc_31bf3856ad364e35_6.0.6000.16386_none_16cc70905815b11c]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-slsvc_31bf3856ad364e35_6.0.6000.16386_none_16cc70905815b11c]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-winrm_31bf3856ad364e35_6.0.6000.16386_none_a7d091f21f6c1a3c]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-winrm_31bf3856ad364e35_6.0.6000.16386_none_a7d091f21f6c1a3c]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-wmi_31bf3856ad364e35_6.0.6000.16386_none_6921b7ed5b21cb20]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-wmi_31bf3856ad364e35_6.0.6000.16386_none_6921b7ed5b21cb20]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-wpdmpt_31bf3856ad364e35_6.0.6000.16386_none_51235a2fe092cc73]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules-wpdmpt_31bf3856ad364e35_6.0.6000.16386_none_51235a2fe092cc73]
"c!networking-..-deployment_31bf3856ad364e35_6.0.6000.16386_b4cb5409da78a2fb"=hex:

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-rules_31bf3856ad364e35_6.0.6000.16386_none_abf2d82a300ba648]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-svc.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_27b4c519848622d3]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-svc.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_29eb8715817133a7]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16386_none_97dd797ccaf1acc5]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.16501_none_982efb36cab548d8]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6000.20614_none_98b0c8f3e3d85098]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6001.18000_none_9a143b78c7dcbd99]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_690aef24dbef7c76]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc_31bf3856ad364e35_6.0.6000.16386_none_0842c4ddbc3f91a6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_networking-mpssvc_31bf3856ad364e35_6.0.6001.18000_none_0a7986d9b92aa27a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-network-internet-access_31bf3856ad364e35_none_da8cb5f1f383c611]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-network-internet-access_31bf3856ad364e35_none_da8cb5f1f383c611\f256!cclitesetupui.exe]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-network-internet-access_31bf3856ad364e35_none_da8cb5f1f383c611\f256!cclitesetupui.exe\621b80d92db1a8a6d1df797d3297abda2abdcb955ea508e94117edb5aa5cb7a4]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-network-internet-access_31bf3856ad364e35_none_da8cb5f1f383c611\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-network-internet-access_31bf3856ad364e35_none_da8cb5f1f383c611\v!6.0.6001.18000]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netw.resources_31bf3856ad364e35_fr-fr_5f40de6f8e070b60]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netw.resources_31bf3856ad364e35_fr-fr_5f40de6f8e070b60\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwl.resources_31bf3856ad364e35_fr-fr_99a98626cc145232]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwl.resources_31bf3856ad364e35_fr-fr_99a98626cc145232\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwl_31bf3856ad364e35_none_7a6fcd28c9db7cbc]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwl_31bf3856ad364e35_none_7a6fcd28c9db7cbc\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-network.resources_31bf3856ad364e35_fr-fr_f3256628b71f8d12]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-network.resources_31bf3856ad364e35_fr-fr_f3256628b71f8d12\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-network_31bf3856ad364e35_none_a0922957cf0ba5e0]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-network_31bf3856ad364e35_none_a0922957cf0ba5e0\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwpr.resources_31bf3856ad364e35_fr-fr_9e070dbe0bd0fa7a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwpr.resources_31bf3856ad364e35_fr-fr_9e070dbe0bd0fa7a\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwpr_31bf3856ad364e35_none_d73530900446754a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netwpr_31bf3856ad364e35_none_d73530900446754a\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netw_31bf3856ad364e35_none_5d642f35f56cec62]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-help-netw_31bf3856ad364e35_none_5d642f35f56cec62\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\092c547c31cf10666e5992f05afdeaa87e0a10e544af51a407dd76a1d23b48fc]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\0b0ace1340d0f1d0e6ff3ba9f9f39433877e096d64c58264724f5c713a00a709]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\0c27768c3a4564ccd0580a397f2318c9a466f6fe9e67661db96dc8c6d21b1b2b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\18d68be093717f7b0e103f80416410236cabc8fafedfed000e160af428cb1f13]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\2824c98181cabb14baa90a46af0672d2174d37894abc2bad8f4ae42dec7fceb3]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\3646e54f1c3fad41a2b984c55b08529e783becd796dbc9edbfd8ac15fc5077d7]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\9c060697c9c93e1dc9d2eb40afdb98809ed783ccd34f14a597863db89cdbd74c]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\aef93b70533d30f6f543e1e6899c23950d6f6d6f940e93ab6a712d6c658fd136]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\c794be835904f349173c675a6c4aa16a4ebe060bbff2694636bdfb7b82585659]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\f256!pngfilt.dll\eea7fdb5502074e173114f2f7f451699caf237d198d609a71d46d21d880c21fc]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.16623]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.16643]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.16681]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.16711]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.20748]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.20777]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.20823]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6000.20868]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6001.18000]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_none_6d9d2a34a2ea1ef3\v!6.0.6001.18000\UnstagedFiles]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!microsoft-windows-network_3f73b2e07ecec3eb]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!microsoft-windows-network_3f73b2e07ecec3eb\8f5684397d8a96760d34e389b4b3f29d3c8ca398b8882654ae7d51d55c7c62aa]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!networking-mpssvc-svc-dl._1b1bac5cdce73693]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!networking-mpssvc-svc-dl._1b1bac5cdce73693\0b31be87c7ef2150861017def8976aad0d42e8e2af418bcbeda642e4732b45f8]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!networking-mpssvc-svc-dl._1b1bac5cdce73693\73e47137757541618a56a99ab1efda10d39f4f984c389d9e5c52d26ac040bbfa]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!networkloadbalancingfulls_331e8870781fa220]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!networkloadbalancingfulls_331e8870781fa220\e8285dc0d24b3b633253a8f16b57fc3a4c05b50b29d49f9becd1b69ccee6c59a]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!printing-spooler-networkc_d2e5cf14e473802d]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!printing-spooler-networkc_d2e5cf14e473802d\cfc262948bec57563c1bff6ab54c50d1dea7dcd80f376592204c2bbca4ca7914]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!wirelessnetworking-dl.man]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!wirelessnetworking-dl.man\2652865fe6a57c7d61c652bde7c341822a5d46495b8932754110a6d45a70417e]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\f256!wirelessnetworking-dl.man\8b947ece383cc39c1576f6987100e22da40ca8384d1a29f430bf262153dcb549]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\v!6.0.6001.18000\UnstagedFiles]
"networkloadbalancingfulls_331e8870781fa220"=hex:00

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\v!6.0.6001.18000\UnstagedFiles]
"networking-mpssvc-svc-dl._1b1bac5cdce73693"=hex:00

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_none_ed48f444ebc84f67\v!6.0.6001.18000\UnstagedFiles]
"wirelessnetworking-dl.man"=hex:00

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_fr-fr_a557bbc479d13aff\f256!_networkingperfcounters_d_aee46443d658e9b6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_fr-fr_a557bbc479d13aff\f256!_networkingperfcounters_d_aee46443d658e9b6\37d37b574017104484a641c997d9cc518856849d8debd7a71bc463d7abf68e02]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-basic_31bf3856ad364e35_none_ab15585110091321]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-basic_31bf3856ad364e35_none_ab15585110091321\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!bfe.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!bfe.dll\2b0a4fb7f0c3256a5003821634dfa04ba8c3fbb46e942e8bc5d114af8d1e5354]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!bfe.dll\81e495c7104fe9c1f996b2672ed22be9e294d5c54b67ffcc6d2dd979dc94363c]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!fwpkclnt.sys]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!fwpkclnt.sys\87cdf4b2d523098d7c8d8199d3ef50f2ebdc3f36ead2c6136f1dc860546834b7]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!fwpkclnt.sys\aea5e5d106c6631cc03d640795cb153d255e24d2e164cd4144844dbe21f1cd10]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!fwpuclnt.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!fwpuclnt.dll\3f94df8a305bc2e3a023bd163b0398c05588f059bf0977d58b3e25831732a9c6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!fwpuclnt.dll\86c351b4f70c85b35184a120498e692f758a9391cbc6db259310e2b51a6dfbb8]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!ikeext.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!ikeext.dll\1be7b8d5e5e4e4d9e8ecc697aacf3c6edb390051a2c18b7dcf63b337343b76d6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!ikeext.dll\ed795b07b38edbb2850384edfa04c85539d4d22a7aab8981c83c84e2eab5976f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!wfp.mof]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!wfp.mof\1f263c5f73814772996b08f27b7736045882da9cafeac82c25bd923e91e30ea8]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!wfp.mof\af61070f0eb0aa8edc4826097ba90fa7d411b66261be49673e6bbcc192d45fa1]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!wfp.tmf]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!wfp.tmf\088a89992864b89f78a96177c6fa4e8f2f9315af7e1a4a258484ebf990bed9f3]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\f256!wfp.tmf\14bad2cd0801e086341728d64d769795b11d1841ea88847971a37b8e8c5ea5e3]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\v!6.0.6001.18000]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-network-security_31bf3856ad364e35_none_6a5901b983e66929\v!6.0.6001.18000\UnstagedFiles]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_none_d5c99b1560efe369]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_none_d5c99b1560efe369\f256!hnetmon.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_none_d5c99b1560efe369\f256!hnetmon.dll\47c0a1a58ab7a5e236b3a04ae2d17506a1923a208d978fff084358e760e32023]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_none_d5c99b1560efe369\f256!hnetmon.dll\eb0772b697fd91c9676f09d1038aefdee2dbb12d4c9f1c24f7791005bb7aa2fb]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_none_d5c99b1560efe369\v!6.0.6000.16386]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_none_d5c99b1560efe369\v!6.0.6001.18000]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridgenetsh_31bf3856ad364e35_none_d5c99b1560efe369\v!6.0.6001.18000\UnstagedFiles]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!brdgcfg.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!brdgcfg.dll\7c501441e5c21e5b7649780d2c84c260be4bd667d39bf6e82507932a2fb79284]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridge.sys]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridge.sys\fae4a59b5f62675916db1f1efccdeebafaa04d19a647d5e9d481dca201ef5490]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridge.sys\fddf3a66ebfe4f2b8a3b5bf129ce56717ad22ff6d21b3365d5d2dc06ed74c582]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgemigplugin.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgemigplugin.dll\8b6e35928ed66046366bc7e831bf5344b1b6d65946000c54359f6f2314747dd6]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgemigplugin.dll\ade8fcd0f7e7a34b15c3a2b9ca9d5554a840c74b242ca344ca55ef0db55c9b9b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgeres.dll]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgeres.dll\06098fa03ee5f498a5002f43a36e8e853a7e7c22af047b696a474178ec35c2e8]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgeunattend.exe]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgeunattend.exe\d9b702696b848b281aa69eac362f78d4500900d31dd62036124fdc239c981370]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!bridgeunattend.exe\febd31f0b050c489a9597827999196cb9afa9d6a3f9a2b907ed67da8b36a4c8f]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!microsoft-windows-network_c9ebe1ec1a466ea5]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!microsoft-windows-network_c9ebe1ec1a466ea5\58bc96e14a3c9aa192853ab26e3e9343b3660d82be997ae557c4b1f37b8b0832]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!microsoft-windows-network_c9ebe1ec1a466ea5\67e921536dbda383446fcf10518aa18308021ca8cab3c698f73fe0c5e6a0eacf]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!netbrdgm.inf]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!netbrdgm.inf\3a39a76e48ea32b1943c48510b82de38f9af14c07c349091b227c7612d767c9b]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!netbrdgm.inf\8c347feb2bee1d1d60c501095023d880be0531802fd54ad015ce6023a5f706f7]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!netbrdgs.inf]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!netbrdgs.inf\b5e0a1ec1c142c676ccc34e7d94d9e74f3579b7e1757454319c70a45b8564a60]

[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6001.18000_001c50b5\ComponentFamilies\x86_microsoft-windows-networkbridge_31bf3856ad364e35_none_5b3c79b0dd48c57b\f256!netbrdgs.inf\dc5c70139f0dea08396e5e7430d6e5dfe248
0
Réponse 16 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 18:54
Bon ... laisse tomber pour le dernier ... cela devrai suffir ...

On va faire commce-ci :

Télécharges OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
ou http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

* Impératif : Redémarrer l'ordinateur en mode sans échec .
Comment aller en Mode sans échec
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
( ps : n'oublies pas , en mode sans échec , pas de connexion ! Donc copies ou imprimes bien les info ci-dessous ...)

clic double sur OTMoveIt.exe pour le lancer.
Copies ce qui trouve en citation ci-dessous :

C:\Windows\svw.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"netw"=-

et colles-la dans le cadre de gauche de OTMoveIt2 :
Paste standard List of Files/Folders to be moved.

cliques sur MoveIt! pour lancer la suppression.
le résultat apparaîtra dans le cadre Results.

cliques sur Exit pour fermer.

il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas acceptes par "Yes". Sinon , redémarres manuellement pour retourner
en mode normal ...

--->postes le rapport situé dans " C:\OTMoveIt\MovedFiles." + un nouvel hijackthis pour analyse ...
0
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 19:12
voilà, c'est fait, je t'envoie les rapports ...

C:\Windows\svw.exe moved successfully.
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run >
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \\ not found.
File/Folder "netw"=- not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08222008_190554


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:01, on 22/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Users\Admin\AppData\Local\Temp\bwgo000088e6.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\hpoipm07.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\Users\Admin\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
0
Réponse 17 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 19:32
Ok ...

Refais un coup de CCleaner ( registre compris ) puis redémarres ton PC .

Ensuite postes un nouvel hijackthis pour contrôler et attends la suite ...

Dis moi aussi comment va le PC ... du mieux ?
0
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 19:44
Mon pc va beaucoup mieux ... vraiment un tout grand merçi pour ton aide et ta patience ;)

voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42:19, on 22/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Users\Admin\AppData\Local\Temp\bwgo00007a31.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Windows\system32\hpoipm07.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Admin\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
0
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1 > psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009
22 août 2008 à 19:48
certains images (associées aux programmes) dans explorer ont disparues ???
0
Réponse 18 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 19:48
très bien ... alors on finalise ...

1- Mets à jours ce qui suit, c'est important ( des version pas à jours = failles de sécurité ) :
* pour la console Java :
aller sur : Démarrer > Panneau de configuration : cliques sur " affichage classique " ( sur la droite de la fenêtre ) .

Puis cliques sur l' icône Java > onglet Mise à jour > "Mettre à jour maintenant" > cocher la case "Automatiser la détection des mises à jour".
( puis désinstalles les versions antérieurs via "paneau de configuration" et "ajout/suppression de prg" ...)


* Adobe Reader :
télécharges et installes la dernière version ici (désinstalles avant l'ancienne version via son propre prg de désinstallation):
http://www.commentcamarche.net/telecharger/telecharger 27 acrobat reader


2- refais un scan hijackthis et poste le rapport ...
0
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 20:07
ok, je fait tout cela

jse runtime environment 5.0 update 11, 10, 6 et 3
java 6 update 1

je dois les eliminer ?
0
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463 > psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009
22 août 2008 à 20:08
Yes pour 5.0 update 11, 10, 6 et 3 ....
0
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1 > sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012
22 août 2008 à 20:23
voilç c'est fait.

le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:29, on 22/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\MediaLife\MediaLifeService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Users\Admin\AppData\Local\Temp\bwgo0001da7c.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Windows\system32\hpoipm07.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Admin\Downloads\hijackthis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MediaLifeService] "C:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: MediaChecker.lnk = C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} -
O16 - DPF: {D27CDB6E-AE6D-11CF-9600-000000000000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
0
Réponse 19 / 52
psy025 Messages postés 40 Date d'inscription dimanche 8 juillet 2007 Statut Membre Dernière intervention 19 août 2009 1
22 août 2008 à 20:52
voilà pour l'instant tout fonctionne bien. je te remercie beaucoup pour ton aide.
il est vraiment trop top ce site, merci encore.
0
Réponse 20 / 52
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
22 août 2008 à 20:54
1- Fermes toutes tes applications et déconnectes toi .

Relances Hijackthis mais click sur " Do a scan only "
Tu vois donc apparaitre le résultat du scan : une multitudes de lignes ,chacunes précédées d'un carré vide .
Tu vas cliquer sur les carrés des lignes suivantes :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - ( <- il y en a 2 pareil ... tu coche la deuxieme ! )


Tu cliques en bas sur le bouton FIX CHECKED et valides .


2- refais un coup de CCleaner ( registre compris ) .


3- on va vérifier un truc qui me chagrine :

Rends toi sur ce site :

https://www.virustotal.com/gui/

Copies ce qui suit et colles le dans l'espace pour la recherche :
C:\Users\Admin\AppData\Local\Temp\bwgo00007a31.exe

Cliques sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copies le dans ta prochaine réponse ...

( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )

0

Discussions similaires

Où est la touche SHIFT sur mon clavier d'ordi ?
joe! -
fernando-_ytb -

18 réponses
j'ai renversé de l'eau sur mon pc portable
sardine -
moudubulbe -

14 réponses