Mon ordi plante des que je suis sur internet
stephaura
Messages postés
20
Statut
Membre
-
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
Bonjour, a tous merci de l'atention porter a mon probleme
mon ordi plante des que je change de page sur internet sur tout firefox. explorer et chrome qui fonctionne 2 seconde avant que tout plante et redemarrelordi au complet jai fait tout les scan mais cela continu ,voivi mon rapport hijach
Logfile of HijackThis v1.99.1
Scan saved at 21:28:17, on 2008-09-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\netdde.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\AVG\AVG8\avgrsx.exe
D:\PROGRA~1\AVG\AVG8\avgemc.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\robert\prhyper.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\stephane.MCE2005\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
merci davance
stephaura
p.s. avg me dit tout le temps que mon antiviris est outdate et ne veut pas updater m
merci encore
mon ordi plante des que je change de page sur internet sur tout firefox. explorer et chrome qui fonctionne 2 seconde avant que tout plante et redemarrelordi au complet jai fait tout les scan mais cela continu ,voivi mon rapport hijach
Logfile of HijackThis v1.99.1
Scan saved at 21:28:17, on 2008-09-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\netdde.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\AVG\AVG8\avgrsx.exe
D:\PROGRA~1\AVG\AVG8\avgemc.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\robert\prhyper.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\stephane.MCE2005\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
merci davance
stephaura
p.s. avg me dit tout le temps que mon antiviris est outdate et ne veut pas updater m
merci encore
A voir également:
- Mon ordi plante des que je suis sur internet
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Plus de son sur mon ordi - Guide
- Mon telephone plante que faire - Guide
- Gps sans internet - Guide
25 réponses
Salut !!
moi je conseillerais plutot antivir qu avast..
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarrer le pc et poste le rapport !!
moi je conseillerais plutot antivir qu avast..
Télécharger sur le bureau malwarebytes à cette adresse :
https://www.androidworld.fr/
Voici un tuto pour bien l installer et bien l utiliser :
https://www.androidworld.fr/
aide toi bien du tuto pour supprimer correctement ce qu il aura trouvé
Après l analyse, redémarrer le pc et poste le rapport !!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok...fais une recherche dans ton pc en tapant les noms des antivirus que tu as désinstallé pour supprimer les fichiers restants avant d installer antivir...Et fais une analyse avec malwarebytes stp
@+
@+
bonjour a tous pas de changement firefox plante meme avec antivir pas de virus
Logfile of HijackThis v1.99.1
Scan saved at 09:02:09, on 2008-09-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
C:\Program Files\robert\prhyper.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\stephane.MCE2005\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
merci stephaura
Logfile of HijackThis v1.99.1
Scan saved at 09:02:09, on 2008-09-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
C:\Program Files\robert\prhyper.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\stephane.MCE2005\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
merci stephaura
Salut !!
fais une analyse complete avec malwarebytes comme je t avais demandé stp
aide toi du tuto pour supprimer corrrectement ce qu il aura trouvé
fais une analyse complete avec malwarebytes comme je t avais demandé stp
aide toi du tuto pour supprimer corrrectement ce qu il aura trouvé
salut voici le rapport
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1147
Windows 5.1.2600 Service Pack 2
2008-09-27 07:59:22
mbam-log-2008-09-27 (07-59-22).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 88288
Temps écoulé: 57 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
stephaura
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1147
Windows 5.1.2600 Service Pack 2
2008-09-27 07:59:22
mbam-log-2008-09-27 (07-59-22).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 88288
Temps écoulé: 57 minute(s), 42 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
stephaura
télécharge combofix (par sUBs) à cette adresse :
(c est le numéro 5 en bas de la page) : https://www.androidworld.fr/
et enregistre le sur le Bureau.
désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
(c est le numéro 5 en bas de la page) : https://www.androidworld.fr/
et enregistre le sur le Bureau.
désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
merci voici le rapport de combo fix
ComboFix 08-09-13.05 - stephane 2008-09-14 11:17:38.1 - NTFSx86
Lancé depuis: D:\Documents and Settings\stephane.MCE2005\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - svchost.exe: deleted 88 bytes in 2 streams. [/i]
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\stephane.MCE2005\Application Data\inst.exe
D:\Documents and Settings\stephane.MCE2005\Application Data\Install.dat
D:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_6TO4
-------\Service_6to4
((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-14 au 2008-09-14 ))))))))))))))))))))))))))))))))))))
.
2008-09-27 08:09 . 2008-09-27 08:09 <REP> d-------- D:\Program Files\Avira
2008-09-27 08:09 . 2008-09-27 08:09 <REP> d----c--- D:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-09-26 22:25 . 2008-09-26 22:25 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 22:25 . 2008-09-26 22:25 <REP> d----c--- D:\Documents and Settings\stephane.MCE2005\Application Data\Malwarebytes
2008-09-26 22:25 . 2008-09-26 22:25 <REP> d----c--- D:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-09-26 22:25 . 2008-09-10 00:04 38,528 --a------ D:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 22:25 . 2008-09-10 00:03 17,200 --a------ D:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 21:46 . 2008-09-26 21:46 262,144 --a------ D:\Documents and Settings\IN972C~8
2008-09-26 21:44 . 2008-09-26 21:44 262,144 --a------ D:\Documents and Settings\IN972C~7
2008-09-10 11:32 . 2008-09-10 11:44 <REP> d----c--- D:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-09-10 10:15 . 2008-09-10 10:19 8,192 --a--c--- D:\Documents and Settings\IN972C~6
2008-09-09 19:01 . 2008-09-09 19:01 99 --a------ D:\WINDOWS\system32\mhncache.dat
2008-09-09 17:52 . 2008-09-09 17:52 262,144 --a------ D:\Documents and Settings\IN972C~5
2008-09-09 17:29 . 2008-09-09 17:29 262,144 --a------ D:\Documents and Settings\IN972C~4
2008-09-08 20:12 . 2008-09-08 20:15 8,192 --a--c--- D:\Documents and Settings\IN972C~3
2008-09-08 19:58 . 2008-09-08 19:58 262,144 --a------ D:\Documents and Settings\IN972C~2
2008-09-08 19:56 . 2008-09-08 19:57 8,192 --a--c--- D:\Documents and Settings\IN972C~1
2008-08-24 17:06 . 2008-08-24 17:06 <REP> d--hs---- D:\found.000
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-27 02:09 102,400 ----a-w D:\WINDOWS\DUMP855c.tmp
2008-09-11 03:48 --------- dc----w D:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-09-11 03:12 --------- d-----w D:\Program Files\Spybot - Search & Destroy
2008-09-10 15:32 --------- d-----w D:\Program Files\Lavasoft
2008-09-09 22:14 102,400 ----a-w D:\WINDOWS\DUMP8dc8.tmp
2008-08-12 00:10 --------- d-----w D:\Program Files\Fichiers communs\xing shared
2008-08-12 00:10 --------- d-----w D:\Program Files\Fichiers communs\Real
2008-07-30 15:25 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-07-22 22:09 --------- dc----w D:\Documents and Settings\stephane.MCE2005\Application Data\ATI
2008-07-22 21:57 --------- d-----w D:\Program Files\ATI Technologies
2008-06-17 16:01 47,360 -c--a-w D:\Documents and Settings\stephane.MCE2005\Application Data\pcouffin.sys
2005-08-20 00:50 56 --sh--r D:\WINDOWS\system32\54D8FF8D27.sys
2003-08-16 17:56 579,584 -csha-r D:\WINDOWS\system32\cd.exe
.
[code]<pre>
-c--a-w 83,456 2006-11-13 23:25:14 D:\Documents and Settings\All Users.WINDOWS\Documents\Windows serial number.doc .exe
</pre>[/code]
------- Sigcheck -------
2004-11-25 17:20 506368 048cb871e6f98e41f072b85c67c30925 D:\WINDOWS\system32\winlogon.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Le Petit Robert Hyperappel"="C:\Program Files\robert\prhyper.exe" [2001-10-11 22560]
"RoboForm"="D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-06-18 160592]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-10 15360]
"Shareaza"="D:\Program Files\Shareaza\Shareaza.exe" [2007-12-02 4677632]
"Google Update"="D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-09 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="D:\Program Files\Winamp\winampa.exe" [2008-04-01 36352]
"ATIPTA"="c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-03 344064]
"ATICCC"="D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"TkBellExe"="D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-11 185896]
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2005-10-16 155648]
"avgnt"="D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= D:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= D:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFavoritesMenu"= 0 (0x0)
"NoSMMyPictures"= 1 (0x1)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFavoritesMenu"= 0 (0x0)
"NoSMMyPictures"= 1 (0x1)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoUserNameInStartMenu"= 1 (0x1)
"NoInstrumentation"= 0 (0x0)
"NoStartMenuPinnedList"= 0 (0x0)
"ForceStartMenuLogoff"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\startupfolder\D:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk]
path=D:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk
backup=D:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup
[HKLM\~\startupfolder\D:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=D:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=D:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
D:\Program Files\D-Tools\daemon.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a--c--- 2005-09-24 01:08 49152 D:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
D:\Program Files\MSN Messenger\msnmsgr.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a--c--- 2005-10-16 02:14 155648 D:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
--a------ 2007-12-02 05:30 4677632 D:\Program Files\Shareaza\Shareaza.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SO5 Integrator Pass Two]
D:\WINDOWS\SOINTGR.EXE [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a--c--- 2004-10-14 15:42 1404928 D:\Program Files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-08-11 20:09 185896 D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-04-01 14:49 36352 D:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [N/A]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\MSN\\MSNCoreFiles\\Install\\msnsusii.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"D:\\Program Files\\Shareaza\\Shareaza.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26977:TCP"= 26977:TCP:BitComet 26977 TCP
"26977:UDP"= 26977:UDP:BitComet 26977 UDP
R2 Dnscache;Client DNS;D:\WINDOWS\system32\svchost.exe [2005-11-13 14336]
R2 NwSapAgent;Agent SAP;D:\WINDOWS\system32\svchost.exe [2005-11-13 14336]
S3 GPU-Z;GPU-Z;D:\DOCUME~1\STEPHA~1.MCE\LOCALS~1\Temp\GPU-Z.sys [ ]
S3 o1394bul;o1394bul;D:\DOCUME~1\STEPHA~1.MCE\LOCALS~1\Temp\o1394bul.sys [ ]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1cb2508-d764-11dc-a412-0008a116784e}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
.
Contenu du dossier 'Tƒches planifi‚es'
.
.
------- Examen suppl‚mentaire -------
.
FireFox -: Profile - D:\Documents and Settings\stephane.MCE2005\Application Data\Mozilla\Firefox\Profiles\jcmi47fh.default\
FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF -: plugin - D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - D:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava11.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava12.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava13.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava14.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava32.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPOJI610.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-14 13:30:46
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cach‚s ...
Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...
Recherche de fichiers cach‚s ...
Scan termin‚ avec succŠs
Fichiers cach‚s: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
D:\WINDOWS\system32\ati2evxx.exe
D:\WINDOWS\system32\ati2evxx.exe
D:\WINDOWS\system32\netdde.exe
D:\WINDOWS\ehome\ehRecvr.exe
D:\WINDOWS\ehome\ehSched.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-09-14 13:38:57 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-14 17:38:54
Avant-CF: 1,905,156,096 octets libres
AprŠs-CF: 1,861,300,224 octets libres
196
merci stephaura
ComboFix 08-09-13.05 - stephane 2008-09-14 11:17:38.1 - NTFSx86
Lancé depuis: D:\Documents and Settings\stephane.MCE2005\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - svchost.exe: deleted 88 bytes in 2 streams. [/i]
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\stephane.MCE2005\Application Data\inst.exe
D:\Documents and Settings\stephane.MCE2005\Application Data\Install.dat
D:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_6TO4
-------\Service_6to4
((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-14 au 2008-09-14 ))))))))))))))))))))))))))))))))))))
.
2008-09-27 08:09 . 2008-09-27 08:09 <REP> d-------- D:\Program Files\Avira
2008-09-27 08:09 . 2008-09-27 08:09 <REP> d----c--- D:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-09-26 22:25 . 2008-09-26 22:25 <REP> d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 22:25 . 2008-09-26 22:25 <REP> d----c--- D:\Documents and Settings\stephane.MCE2005\Application Data\Malwarebytes
2008-09-26 22:25 . 2008-09-26 22:25 <REP> d----c--- D:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-09-26 22:25 . 2008-09-10 00:04 38,528 --a------ D:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 22:25 . 2008-09-10 00:03 17,200 --a------ D:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 21:46 . 2008-09-26 21:46 262,144 --a------ D:\Documents and Settings\IN972C~8
2008-09-26 21:44 . 2008-09-26 21:44 262,144 --a------ D:\Documents and Settings\IN972C~7
2008-09-10 11:32 . 2008-09-10 11:44 <REP> d----c--- D:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-09-10 10:15 . 2008-09-10 10:19 8,192 --a--c--- D:\Documents and Settings\IN972C~6
2008-09-09 19:01 . 2008-09-09 19:01 99 --a------ D:\WINDOWS\system32\mhncache.dat
2008-09-09 17:52 . 2008-09-09 17:52 262,144 --a------ D:\Documents and Settings\IN972C~5
2008-09-09 17:29 . 2008-09-09 17:29 262,144 --a------ D:\Documents and Settings\IN972C~4
2008-09-08 20:12 . 2008-09-08 20:15 8,192 --a--c--- D:\Documents and Settings\IN972C~3
2008-09-08 19:58 . 2008-09-08 19:58 262,144 --a------ D:\Documents and Settings\IN972C~2
2008-09-08 19:56 . 2008-09-08 19:57 8,192 --a--c--- D:\Documents and Settings\IN972C~1
2008-08-24 17:06 . 2008-08-24 17:06 <REP> d--hs---- D:\found.000
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-27 02:09 102,400 ----a-w D:\WINDOWS\DUMP855c.tmp
2008-09-11 03:48 --------- dc----w D:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-09-11 03:12 --------- d-----w D:\Program Files\Spybot - Search & Destroy
2008-09-10 15:32 --------- d-----w D:\Program Files\Lavasoft
2008-09-09 22:14 102,400 ----a-w D:\WINDOWS\DUMP8dc8.tmp
2008-08-12 00:10 --------- d-----w D:\Program Files\Fichiers communs\xing shared
2008-08-12 00:10 --------- d-----w D:\Program Files\Fichiers communs\Real
2008-07-30 15:25 --------- d--h--w D:\Program Files\InstallShield Installation Information
2008-07-22 22:09 --------- dc----w D:\Documents and Settings\stephane.MCE2005\Application Data\ATI
2008-07-22 21:57 --------- d-----w D:\Program Files\ATI Technologies
2008-06-17 16:01 47,360 -c--a-w D:\Documents and Settings\stephane.MCE2005\Application Data\pcouffin.sys
2005-08-20 00:50 56 --sh--r D:\WINDOWS\system32\54D8FF8D27.sys
2003-08-16 17:56 579,584 -csha-r D:\WINDOWS\system32\cd.exe
.
[code]<pre>
-c--a-w 83,456 2006-11-13 23:25:14 D:\Documents and Settings\All Users.WINDOWS\Documents\Windows serial number.doc .exe
</pre>[/code]
------- Sigcheck -------
2004-11-25 17:20 506368 048cb871e6f98e41f072b85c67c30925 D:\WINDOWS\system32\winlogon.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Le Petit Robert Hyperappel"="C:\Program Files\robert\prhyper.exe" [2001-10-11 22560]
"RoboForm"="D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-06-18 160592]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-10 15360]
"Shareaza"="D:\Program Files\Shareaza\Shareaza.exe" [2007-12-02 4677632]
"Google Update"="D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-09 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="D:\Program Files\Winamp\winampa.exe" [2008-04-01 36352]
"ATIPTA"="c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-03 344064]
"ATICCC"="D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"TkBellExe"="D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-11 185896]
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2005-10-16 155648]
"avgnt"="D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= D:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= D:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFavoritesMenu"= 0 (0x0)
"NoSMMyPictures"= 1 (0x1)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFavoritesMenu"= 0 (0x0)
"NoSMMyPictures"= 1 (0x1)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoUserNameInStartMenu"= 1 (0x1)
"NoInstrumentation"= 0 (0x0)
"NoStartMenuPinnedList"= 0 (0x0)
"ForceStartMenuLogoff"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\startupfolder\D:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk]
path=D:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk
backup=D:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup
[HKLM\~\startupfolder\D:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=D:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=D:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
D:\Program Files\D-Tools\daemon.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a--c--- 2005-09-24 01:08 49152 D:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
D:\Program Files\MSN Messenger\msnmsgr.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a--c--- 2005-10-16 02:14 155648 D:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
--a------ 2007-12-02 05:30 4677632 D:\Program Files\Shareaza\Shareaza.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SO5 Integrator Pass Two]
D:\WINDOWS\SOINTGR.EXE [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a--c--- 2004-10-14 15:42 1404928 D:\Program Files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-08-11 20:09 185896 D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-04-01 14:49 36352 D:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [N/A]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\Program Files\\MSN\\MSNCoreFiles\\Install\\msnsusii.exe"=
"D:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"D:\\Program Files\\Shareaza\\Shareaza.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26977:TCP"= 26977:TCP:BitComet 26977 TCP
"26977:UDP"= 26977:UDP:BitComet 26977 UDP
R2 Dnscache;Client DNS;D:\WINDOWS\system32\svchost.exe [2005-11-13 14336]
R2 NwSapAgent;Agent SAP;D:\WINDOWS\system32\svchost.exe [2005-11-13 14336]
S3 GPU-Z;GPU-Z;D:\DOCUME~1\STEPHA~1.MCE\LOCALS~1\Temp\GPU-Z.sys [ ]
S3 o1394bul;o1394bul;D:\DOCUME~1\STEPHA~1.MCE\LOCALS~1\Temp\o1394bul.sys [ ]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1cb2508-d764-11dc-a412-0008a116784e}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
.
Contenu du dossier 'Tƒches planifi‚es'
.
.
------- Examen suppl‚mentaire -------
.
FireFox -: Profile - D:\Documents and Settings\stephane.MCE2005\Application Data\Mozilla\Firefox\Profiles\jcmi47fh.default\
FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
FF -: plugin - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF -: plugin - D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - D:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava11.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava12.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava13.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava14.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPJava32.dll
FF -: plugin - D:\Program Files\Java\jre1.5.0_06\bin\NPOJI610.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-14 13:30:46
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cach‚s ...
Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...
Recherche de fichiers cach‚s ...
Scan termin‚ avec succŠs
Fichiers cach‚s: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
D:\WINDOWS\system32\ati2evxx.exe
D:\WINDOWS\system32\ati2evxx.exe
D:\WINDOWS\system32\netdde.exe
D:\WINDOWS\ehome\ehRecvr.exe
D:\WINDOWS\ehome\ehSched.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-09-14 13:38:57 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-14 17:38:54
Avant-CF: 1,905,156,096 octets libres
AprŠs-CF: 1,861,300,224 octets libres
196
merci stephaura
ok maintenant :
désinstalle ta version hijackthis car elle n est pas à jour...Et retélécharge le d ici stp :
Fais un rapport hijackthis pour que je puisses vérifier les infections de ton pc stp
Télécharge hijackthis à cette adresse, tout est expliqué pour bien l installer et pour savoir s'en servir :
https://www.androidworld.fr/
Comment copier/coller le rapport :
Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
Une explication des raccourcis clavier sont illustrés sur mon site web à cette adresse :
https://www.androidworld.fr/
désinstalle ta version hijackthis car elle n est pas à jour...Et retélécharge le d ici stp :
Fais un rapport hijackthis pour que je puisses vérifier les infections de ton pc stp
Télécharge hijackthis à cette adresse, tout est expliqué pour bien l installer et pour savoir s'en servir :
https://www.androidworld.fr/
Comment copier/coller le rapport :
Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
Une explication des raccourcis clavier sont illustrés sur mon site web à cette adresse :
https://www.androidworld.fr/
salut voila le rapport hijacks
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:23:46, on 2008-09-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\robert\prhyper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
d:\program files\mozilla firefox\firefox.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:23:46, on 2008-09-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\robert\prhyper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
d:\program files\mozilla firefox\firefox.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
Salut !!
télécharge ad-aware sur mon site web à cette adresse stp :
https://www.androidworld.fr/
fais la mise à jour et une analyse approfondie.
télécharge ad-aware sur mon site web à cette adresse stp :
https://www.androidworld.fr/
fais la mise à jour et une analyse approfondie.
salut desole pour le temps tres occupe voila mon rapport d ad aware
Scan Results
Ad-Aware 2008 Free Edition
Log File Created on:2008-09-1820:40:20
Using Definitions File:D:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft\Ad-Aware\core.aawdef
Computer name:MCE2005
Name of user performing scan:SYSTEM
Name of user ordering scan:stephane
Scan completed successfully
System Information
File Version Information
Ad-Aware 2008 Settings
Extended Ad-Aware 2008 Settings
Database Information
Scan Statistics
Scan Detailed Statistics
Infections Found
Listing of running processes
System Information
Number of processors:1
Processor type:Intel(R) Pentium(R) 4 CPU 2.26GHz
Memory Available:24%
Total Physical Memory:804044800 Bytes
Available Physical Memory:191152128 Bytes
Total Page File Size:2770960384 Bytes
Available On Page File:1992478720 Bytes
Total Virtual Memory:2147352576 Bytes
Available Virtual Memory:175648768 Bytes
OS:Microsoft Windows XP 5.1 (Build 2600)
[to top]
File Verion Information
File Version
CEAPI.dll 7,1,0,7
aawservice.exe 7,1,0,3
Ad-Aware.exe 7.1.0.8
[to top]
Ad-Aware 2008 Settings
Skipping files larger than:1048576 Bytes
Ignoring infections with lower TAI than:3
Safe Mode:False
[to top]
Extended Ad-Aware 2008 Settings
Unload malicious processes and modules
Unload Modules
Let Windows remove files at Start-Up
Deactivate Ad-Watch
Re-analyze Scan Result
Delete Restored Items
Write Protect System Files
Create Log file
Include basic settings
Include advanced settings
Include user and computer name
Environment information
Running processes
Running processes and modules
Include info about ignored objects in log file
[to top]
Database Info
Version number:0
Build Number:0
Build Date and Time:1969/12/3119:00:00
[to top]
Scan Statistics
Method:Smart
Items Scanned:65575
Infections Detected:2
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0
[to top]
Scan Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 0 0
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 0 0
Folder Scan 0 0
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 0 0
File Hash Scan 0 0
[to top]
Infections Found
Family Id Name Category TAI
9999 MRU Object MRU Object 0
[1] MRU Path: D:\Documents and Settings\stephane.MCE2005\Recent Count: 1
[2] MRU Registry Key: S-1-5-21-1060284298-362288127-682003330-1003\Software\Microsoft\Search Assistant\ACMru\5603 Count: 20
Quarantined Objects
Family Id Name Category TAI
Removed Objects
Family Id Name Category TAI
9999 MRU Object MRU Object 0
[1] MRU Path: D:\Documents and Settings\stephane.MCE2005\Recent Count: 1
[2] MRU Registry Key: S-1-5-21-1060284298-362288127-682003330-1003\Software\Microsoft\Search Assistant\ACMru\5603 Count: 20
[to top]
Listing of Running Processes
D:\WINDOWS\SYSTEM32\SMSS.EXE
d:\windows\system32\smss.exe
d:\windows\system32\ntdll.dll
D:\WINDOWS\SYSTEM32\CSRSS.EXE
d:\windows\system32\csrss.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\csrsrv.dll
d:\windows\system32\basesrv.dll
d:\windows\system32\winsrv.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\user32.dll
d:\windows\system32\sxs.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
D:\WINDOWS\SYSTEM32\WINLOGON.EXE
d:\windows\system32\winlogon.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\authz.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\nddeapi.dll
d:\windows\system32\profmap.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\userenv.dll
d:\windows\system32\psapi.dll
d:\windows\system32\regapi.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\version.dll
d:\windows\system32\winsta.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\imm32.dll
d:\windows\system32\msgina.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\odbc32.dll
d:\windows\system32\comdlg32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\odbcint.dll
d:\windows\system32\shsvcs.dll
d:\windows\system32\sfc.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\ole32.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\winscard.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\ati2evxx.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\cscdll.dll
d:\windows\system32\wlnotify.dll
d:\windows\system32\winspool.drv
d:\windows\system32\mpr.dll
d:\windows\system32\sxs.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\cscui.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wdmaud.drv
d:\windows\system32\msacm32.drv
d:\windows\system32\msacm32.dll
d:\windows\system32\midimap.dll
d:\windows\system32\comres.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\wbem\wbemprox.dll
d:\windows\system32\wbem\wbemcomn.dll
d:\windows\system32\wbem\wbemsvc.dll
d:\windows\system32\wbem\fastprox.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\dnsapi.dll
D:\WINDOWS\SYSTEM32\SERVICES.EXE
d:\windows\system32\services.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\userenv.dll
d:\windows\system32\scesrv.dll
d:\windows\system32\authz.dll
d:\windows\system32\umpnpmgr.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\ncobjapi.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\eventlog.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\psapi.dll
d:\windows\system32\wtsapi32.dll
D:\WINDOWS\SYSTEM32\LSASS.EXE
d:\windows\system32\lsass.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\lsasrv.dll
d:\windows\system32\mpr.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\samsrv.dll
d:\windows\system32\cryptdll.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\msprivs.dll
d:\windows\system32\kerberos.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\netlogon.dll
d:\windows\system32\w32time.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\schannel.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\wdigest.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\scecli.dll
d:\windows\system32\ipsecsvc.dll
d:\windows\system32\authz.dll
d:\windows\system32\oakley.dll
d:\windows\system32\winipsec.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\pstorsvc.dll
d:\windows\system32\psbase.dll
d:\windows\system32\dssenh.dll
D:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
d:\windows\system32\ati2evxx.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\ati2edxx.dll
d:\windows\system32\uxtheme.dll
D:\WINDOWS\SYSTEM32\SVCHOST.EXE
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\rpcss.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\termsrv.dll
d:\windows\system32\icaapi.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\authz.dll
d:\windows\system32\mstlsapi.dll
d:\windows\system32\activeds.dll
d:\windows\system32\adsldpc.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\atl.dll
d:\windows\system32\regapi.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\winsta.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\rpcss.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\wship6.dll
d:\windows\system32\wshisn.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\rasadhlp.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\shsvcs.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\dhcpcsvc.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\wzcsvc.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\wmi.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\esent.dll
d:\windows\system32\atl.dll
d:\windows\system32\rastls.dll
d:\windows\system32\cryptui.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\wininet.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\mprapi.dll
d:\windows\system32\activeds.dll
d:\windows\system32\adsldpc.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\rasapi32.dll
d:\windows\system32\rasman.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\schannel.dll
d:\windows\system32\winscard.dll
d:\windows\system32\raschap.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\schedsvc.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\msidle.dll
d:\windows\system32\audiosrv.dll
d:\windows\system32\wkssvc.dll
d:\windows\system32\nwwks.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\mpr.dll
d:\windows\system32\nwapi32.dll
d:\windows\system32\qmgr.dll
d:\windows\system32\shfolder.dll
d:\windows\system32\winhttp.dll
d:\windows\system32\cryptsvc.dll
d:\windows\system32\certcli.dll
d:\windows\system32\dmserver.dll
d:\windows\system32\ersvc.dll
d:\windows\system32\es.dll
d:\windows\pchealth\helpctr\binaries\pchsvc.dll
d:\windows\system32\srvsvc.dll
d:\windows\system32\netman.dll
d:\windows\system32\netshell.dll
d:\windows\system32\credui.dll
d:\windows\system32\wzcsapi.dll
d:\windows\system32\ipxsap.dll
d:\windows\system32\rtm.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\adptif.dll
d:\windows\system32\seclogon.dll
d:\windows\system32\sens.dll
d:\windows\system32\srsvc.dll
d:\windows\system32\powrprof.dll
d:\windows\system32\sxs.dll
d:\windows\system32\trkwks.dll
d:\windows\system32\w32time.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\wbem\wmisvc.dll
d:\windows\system32\vssapi.dll
d:\windows\system32\wuauserv.dll
d:\windows\system32\browser.dll
d:\windows\system32\wuaueng.dll
d:\windows\system32\winspool.drv
d:\windows\system32\cabinet.dll
d:\windows\system32\mspatcha.dll
d:\windows\system32\wscsvc.dll
d:\windows\system32\msi.dll
d:\windows\system32\wbem\wbemcomn.dll
d:\windows\system32\wbem\wbemcore.dll
d:\windows\system32\wbem\esscli.dll
d:\windows\system32\wbem\fastprox.dll
d:\windows\system32\wbem\wbemsvc.dll
d:\windows\system32\ipnathlp.dll
d:\windows\system32\authz.dll
d:\windows\system32\wbem\wmiutils.dll
d:\windows\system32\comsvcs.dll
d:\windows\system32\colbact.dll
d:\windows\system32\mtxclu.dll
d:\windows\system32\clusapi.dll
d:\windows\system32\resutils.dll
d:\windows\system32\wbem\repdrvfs.dll
d:\windows\system32\sfc.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\wship6.dll
d:\windows\system32\wbem\wmiprvsd.dll
d:\windows\system32\ncobjapi.dll
d:\windows\system32\wbem\wbemess.dll
d:\windows\system32\wbem\ncprov.dll
d:\windows\system32\rasadhlp.dll
d:\windows\system32\netcfgx.dll
d:\windows\system32\rasmans.dll
d:\windows\system32\winipsec.dll
d:\windows\system32\tapisrv.dll
d:\windows\system32\psapi.dll
d:\windows\system32\rastapi.dll
d:\windows\system32\unimdm.tsp
d:\windows\system32\uniplat.dll
d:\windows\system32\kmddsp.tsp
d:\windows\system32\ndptsp.tsp
d:\windows\system32\ipconf.tsp
d:\windows\system32\h323.tsp
d:\windows\system32\hidphone.tsp
d:\windows\system32\hid.dll
d:\windows\system32\rasppp.dll
d:\windows\system32\ntlsapi.dll
d:\windows\system32\kerberos.dll
d:\windows\system32\cryptdll.dll
d:\windows\system32\ipxwan.dll
d:\windows\system32\upnp.dll
d:\windows\system32\ssdpapi.dll
d:\windows\system32\urlmon.dll
d:\windows\system32\rasdlg.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\catsrvut.dll
d:\windows\system32\catsrv.dll
d:\windows\system32\mfcsubs.dll
d:\windows\system32\wbem\wbemcons.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\dnsrslvr.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\lmhsvc.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\regsvc.dll
d:\windows\system32\ssdpsrv.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\upnphost.dll
d:\windows\system32\winhttp.dll
d:\windows\system32\ssdpapi.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\httpapi.dll
d:\windows\system32\wship6.dll
D:\WINDOWS\SYSTEM32\SPOOLSV.EXE
d:\windows\system32\spoolsv.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\spoolss.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\rasadhlp.dll
d:\windows\system32\localspl.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\winspool.drv
d:\windows\system32\netapi32.dll
d:\windows\system32\cnbjmon.dll
d:\windows\system32\pjlmon.dll
d:\windows\system32\tcpmon.dll
d:\windows\system32\usbmon.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\mpr.dll
d:\windows\system32\win32spl.dll
d:\windows\system32\netrap.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\inetpp.dll
d:\windows\system32\xpsp2res.dll
D:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
d:\program files\avira\antivir personaledition classic\sched.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\version.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\program files\avira\antivir personaledition classic\msvcr71.dll
d:\program files\avira\antivir personaledition classic\msvcp71.dll
d:\windows\system32\imm32.dll
d:\program files\avira\antivir personaledition classic\schedr.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\rasapi32.dll
d:\windows\system32\rasman.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\program files\avira\antivir personaledition classic\avevtlog.dll
d:\program files\avira\antivir personaledition classic\sqlite3.dll
D:\WINDOWS\SYSTEM32\NETDDE.EXE
d:\windows\system32\netdde.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\nddeapi.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\nddenb32.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\msctfime.ime
D:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
d:\windows\system32\ati2evxx.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\ati2edxx.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\version.dll
d:\windows\system32\msctf.dll
D:\WINDOWS\EXPLORER.EXE
d:\windows\explorer.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\browseui.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\ole32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\shdocvw.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\cryptui.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\wininet.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\userenv.dll
d:\windows\system32\imm32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\apphelp.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\cscui.dll
d:\windows\system32\cscdll.dll
d:\windows\system32\themeui.dll
d:\windows\system32\msimg32.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\msutb.dll
d:\windows\system32\msctf.dll
d:\windows\system32\linkinfo.dll
d:\windows\system32\ntshrui.dll
d:\windows\system32\atl.dll
d:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\ieframe.dll
d:\windows\system32\psapi.dll
d:\windows\system32\urlmon.dll
d:\windows\system32\msi.dll
d:\windows\system32\mlang.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\wdmaud.drv
d:\windows\system32\msacm32.drv
d:\windows\system32\midimap.dll
d:\windows\system32\winsta.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\stobject.dll
d:\windows\system32\batmeter.dll
d:\windows\system32\powrprof.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\upnpui.dll
d:\windows\system32\upnp.dll
d:\windows\system32\winhttp.dll
d:\windows\system32\ssdpapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\wship6.dll
d:\windows\system32\netshell.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\credui.dll
d:\windows\system32\mpr.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\drprov.dll
d:\windows\system32\ntlanman.dll
d:\windows\system32\netui0.dll
d:\windows\system32\netui1.dll
d:\windows\system32\netrap.dll
d:\windows\system32\samlib.dll
d:\windows\system32\davclnt.dll
d:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
d:\windows\system32\browselc.dll
d:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
d:\windows\system32\msvcr71.dll
d:\progra~1\spybot~1\sdhelper.dll
d:\windows\system32\comdlg32.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\faultrep.dll
d:\windows\system32\olepro32.dll
d:\windows\system32\jsproxy.dll
d:\program files\siber systems\ai roboform\roboform.dll
d:\windows\system32\winspool.drv
d:\windows\system32\oledlg.dll
d:\windows\system32\shdoclc.dll
d:\windows\system32\sxs.dll
d:\windows\system32\duser.dll
d:\windows\system32\shmedia.dll
d:\windows\system32\msvfw32.dll
d:\windows\system32\avifil32.dll
d:\windows\system32\l3codeca.acm
d:\windows\system32\wmvcore.dll
d:\windows\system32\wmasf.dll
d:\program files\malwarebytes' anti-malware\mbamext.dll
d:\program files\winrar\rarext.dll
d:\program files\avira\antivir personaledition classic\shlext.dll
d:\program files\avira\antivir personaledition classic\mfc71u.dll
d:\windows\system32\mfc71fra.dll
d:\windows\system32\quartz.dll
d:\windows\system32\msdmo.dll
d:\windows\system32\xvid.ax
d:\program files\fichiers communs\ahead\dsfilter\nevideo.ax
d:\windows\system32\msvcp60.dll
d:\program files\fichiers communs\ahead\dsfilter\nevdec.ax
d:\windows\system32\qdvd.dll
d:\windows\system32\rasapi32.dll
d:\windows\system32\rasman.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\sensapi.dll
d:\windows\system32\mcdvd_32.dll
d:\windows\system32\cryptnet.dll
d:\windows\system32\actxprxy.dll
d:\windows\system32\msgina.dll
d:\windows\system32\odbc32.dll
d:\windows\system32\odbcint.dll
d:\windows\system32\wiashext.dll
d:\windows\system32\sti.dll
d:\windows\system32\cfgmgr32.dll
d:\windows\system32\wmpshell.dll
d:\windows\system32\qedit.dll
d:\windows\system32\devenum.dll
d:\windows\system32\asfsipc.dll
d:\windows\system32\msisip.dll
d:\windows\system32\wshext.dll
d:\windows\system32\mfc42.dll
d:\windows\system32\mfc42loc.dll
d:\windows\system32\wshfr.dll
D:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE
d:\program files\avira\antivir personaledition classic\avguard.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\version.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\program files\avira\antivir personaledition classic\msvcr71.dll
d:\windows\system32\imm32.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\program files\avira\antivir personaledition classic\avevtlog.dll
d:\program files\avira\antivir personaledition classic\guardmsg.dll
d:\program files\avira\antivir personaledition classic\sqlite3.dll
d:\program files\avira\antivir personaledition classic\avpref.dll
d:\program files\avira\antivir personaledition classic\smtplib.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\program files\avira\antivir personaledition classic\avgio.dll
d:\windows\system32\fltlib.dll
d:\windows\system32\shlwapi.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\program files\avira\antivir personaledition classic\avipc.dll
d:\program files\avira\antivir personaledition classic\aecore.dll
d:\program files\avira\antivir personaledition classic\aevdf.dll
d:\program files\avira\antivir personaledition classic\aescript.dll
d:\program files\avira\antivir personaledition classic\aescn.dll
d:\program files\avira\antivir personaledition classic\aerdl.dll
d:\program files\avira\antivir personaledition classic\aepack.dll
d:\program files\avira\antivir personaledition classic\unacev2.dll
d:\windows\system32\shell32.dll
d:\program files\avira\antivir personaledition classic\aeoffice.dll
d:\program files\avira\antivir personaledition classic\aeheur.dll
d:\program files\avira\antivir personaledition classic\aehelp.dll
d:\program files\avira\antivir personaledition classic\aegen.dll
d:\program files\avira\antivir personaledition classic\aeemu.dll
d:\program files\avira\antivir personaledition classic\aebb.dll
D:\WINDOWS\EHOME\EHRECVR.EXE
d:\windows\ehome\ehrecvr.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\atl.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\version.dll
d:\windows\system32\sbe.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\msvidctl.dll
d:\windows\system32\quartz.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\devenum.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\msdmo.dll
D:\WINDOWS\EHOME\EHSCHED.EXE
d:\windows\ehome\ehsched.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\atl.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\version.dll
d:\windows\system32\msi.dll
d:\windows\ehome\ehproxy.dll
d:\windows\system32\tapi3.dll
d:\windows\system32\wininet.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\winmm.dll
d:\windows\system32\rtutils.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\confmsp.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\termmgr.dll
d:\windows\system32\h323msp.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\msasn1.dll
D:\WINDOWS\SYSTEM32\SVCHOST.EXE
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\wiaservc.dll
d:\windows\system32\cfgmgr32.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\mscms.dll
d:\windows\system32\winspool.drv
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\wiavusd.dll
d:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
d:\windows\system32\shfolder.dll
d:\windows\system32\actxprxy.dll
d:\windows\system32\sti.dll
D:\WINDOWS\SYSTEM32\DLLHOST.EXE
d:\windows\system32\dllhost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\comsvcs.dll
d:\windows\system32\colbact.dll
d:\windows\system32\mtxclu.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\clusapi.dll
d:\windows\system32\resutils.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\txflog.dll
d:\windows\system32\es.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\winsta.dll
d:\windows\system32\sxs.dll
D:\WINDOWS\SYSTEM32\ALG.EXE
d:\windows\system32\alg.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\atl.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
D:\WINDOWS\SYSTEM32\WSCNTFY.EXE
d:\windows\system32\wscntfy.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\shell32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\imm32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\ole32.dll
d:\windows\system32\msctf.dll
D:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE
d:\program files\ati technologies\ati.ace\cli.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\mscoree.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\imm32.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorwks.dll
d:\windows\microsoft.net\framework\v1.1.4322\msvcr71.dll
d:\windows\microsoft.net\framework\v1.1.4322\fusion.dll
d:\windows\system32\ole32.dll
d:\windows\system32\shell32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll
d:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_dbf950a0\mscorlib.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorsn.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctf.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorjit.dll
d:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_5c147402\system.windows.forms.dll
d:\windows\system32\xpsp2res.dll
d:\program files\ati technologies\ati.ace\cli.implementation.dll
d:\program files\ati technologies\ati.ace\log.foundation.dll
d:\program files\ati technologies\ati.ace\cli.foundation.dll
d:\program files\ati technologies\ati.ace\log.foundation.service.dll
d:\program files\ati technologies\ati.ace\log.foundation.shared.dll
d:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_93f6b43b\system.dll
d:\windows\system32\shfolder.dll
d:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll
d:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_da753e34\system.xml.dll
d:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\program files\ati technologies\ati.ace\cli.component.runtime.dll
d:\program files\ati technologies\ati.ace\aticccom.dll
d:\program files\ati technologies\ati.ace\aem.foundation.dll
d:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e4644227\system.drawing.dll
d:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_fr_b77a5c561934e089\system.windows.forms.resources.dll
d:\windows\system32\msctfime.ime
d:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
d:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.caste.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.component.runtime.shared.dll
d:\program files\ati technologies\ati.ace\dem.foundation.dll
d:\program files\ati technologies\ati.ace\dem.graphics.i0601.dll
d:\program files\ati technologies\ati.ace\ace.graphics.displaysmanager.shared.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\wldap32.dll
d:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll
d:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
d:\windows\system32\atidemgr.dll
d:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\version.dll
d:\windows\microsoft.net\framework\v1.1.4322\wminet_utils.dll
d:\windows\system32\wbem\wmiutils.dll
d:\windows\system32\wbem\wbemprox.dll
d:\windows\system32\wbem\wbemcomn.dll
d:\windows\system32\wbem\wbemsvc.dll
d:\windows\system32\wbem\fastprox.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\netapi32.dll
d:\windows\microsoft.net\framework\v1.1.4322\perfcounter.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\samlib.dll
d:\windows\system32\psapi.dll
d:\windows\microsoft.net\framework\v1.1.4322\aspnet_isapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\atl.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\perfproc.dll
d:\windows\system32\rasman.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\mprapi.dll
d:\windows\system32\activeds.dll
d:\windows\system32\adsldpc.dll
d:\windows\system32\setupapi.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.shared.dll
d:\program files\ati technologies\ati.ace\ace.graphics.videooverlay.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll
d:\program files\ati technologies\ati.ace\dem.graphics.i0600.dll
d:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll
d:\program files\ati technologies\ati.ace\dem.graphics.i0602.dll
d:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.shared.dll
d:\program files\ati technologies\ati.ace\apm.foundation.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\ieframe.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\urlmon.dll
D:\WINDOWS\SYSTEM32\CTFMON.EXE
d:\windows\system32\ctfmon.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\msctf.dll
d:\windows\system32\msutb.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\msctfime.ime
D:\DOCUMENTS AND SETTINGS\STEPHANE.MCE2005\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
d:\documents and settings\stephane.mce2005\local settings\application data\google\update\googleupdate.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\imm32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\shell32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\documents and settings\stephane.mce2005\local settings\application data\google\update\1.2.131.11\goopdate.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\dbghelp.dll
d:\windows\system32\version.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctf.dll
d:\windows\system32\msctfime.ime
D:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
d:\program files\siber systems\ai roboform\robotaskbaricon.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\program files\siber systems\ai roboform\roboform.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winspool.drv
d:\windows\system32\msvcrt.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\wininet.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\oledlg.dll
d:\windows\system32\ole32.dll
d:\windows\system32\olepro32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\urlmon.dll
d:\windows\system32\version.dll
d:\windows\system32\imm32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctf.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\oleacc.dll
d:\windows\system32\msvcp60.dll
D:\WINDOWS\SYSTEM32\SVCHOST.EXE
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\
Scan Results
Ad-Aware 2008 Free Edition
Log File Created on:2008-09-1820:40:20
Using Definitions File:D:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft\Ad-Aware\core.aawdef
Computer name:MCE2005
Name of user performing scan:SYSTEM
Name of user ordering scan:stephane
Scan completed successfully
System Information
File Version Information
Ad-Aware 2008 Settings
Extended Ad-Aware 2008 Settings
Database Information
Scan Statistics
Scan Detailed Statistics
Infections Found
Listing of running processes
System Information
Number of processors:1
Processor type:Intel(R) Pentium(R) 4 CPU 2.26GHz
Memory Available:24%
Total Physical Memory:804044800 Bytes
Available Physical Memory:191152128 Bytes
Total Page File Size:2770960384 Bytes
Available On Page File:1992478720 Bytes
Total Virtual Memory:2147352576 Bytes
Available Virtual Memory:175648768 Bytes
OS:Microsoft Windows XP 5.1 (Build 2600)
[to top]
File Verion Information
File Version
CEAPI.dll 7,1,0,7
aawservice.exe 7,1,0,3
Ad-Aware.exe 7.1.0.8
[to top]
Ad-Aware 2008 Settings
Skipping files larger than:1048576 Bytes
Ignoring infections with lower TAI than:3
Safe Mode:False
[to top]
Extended Ad-Aware 2008 Settings
Unload malicious processes and modules
Unload Modules
Let Windows remove files at Start-Up
Deactivate Ad-Watch
Re-analyze Scan Result
Delete Restored Items
Write Protect System Files
Create Log file
Include basic settings
Include advanced settings
Include user and computer name
Environment information
Running processes
Running processes and modules
Include info about ignored objects in log file
[to top]
Database Info
Version number:0
Build Number:0
Build Date and Time:1969/12/3119:00:00
[to top]
Scan Statistics
Method:Smart
Items Scanned:65575
Infections Detected:2
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0
[to top]
Scan Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 0 0
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 0 0
Folder Scan 0 0
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 0 0
File Hash Scan 0 0
[to top]
Infections Found
Family Id Name Category TAI
9999 MRU Object MRU Object 0
[1] MRU Path: D:\Documents and Settings\stephane.MCE2005\Recent Count: 1
[2] MRU Registry Key: S-1-5-21-1060284298-362288127-682003330-1003\Software\Microsoft\Search Assistant\ACMru\5603 Count: 20
Quarantined Objects
Family Id Name Category TAI
Removed Objects
Family Id Name Category TAI
9999 MRU Object MRU Object 0
[1] MRU Path: D:\Documents and Settings\stephane.MCE2005\Recent Count: 1
[2] MRU Registry Key: S-1-5-21-1060284298-362288127-682003330-1003\Software\Microsoft\Search Assistant\ACMru\5603 Count: 20
[to top]
Listing of Running Processes
D:\WINDOWS\SYSTEM32\SMSS.EXE
d:\windows\system32\smss.exe
d:\windows\system32\ntdll.dll
D:\WINDOWS\SYSTEM32\CSRSS.EXE
d:\windows\system32\csrss.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\csrsrv.dll
d:\windows\system32\basesrv.dll
d:\windows\system32\winsrv.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\user32.dll
d:\windows\system32\sxs.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
D:\WINDOWS\SYSTEM32\WINLOGON.EXE
d:\windows\system32\winlogon.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\authz.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\nddeapi.dll
d:\windows\system32\profmap.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\userenv.dll
d:\windows\system32\psapi.dll
d:\windows\system32\regapi.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\version.dll
d:\windows\system32\winsta.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\imm32.dll
d:\windows\system32\msgina.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\odbc32.dll
d:\windows\system32\comdlg32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\odbcint.dll
d:\windows\system32\shsvcs.dll
d:\windows\system32\sfc.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\ole32.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\winscard.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\ati2evxx.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\cscdll.dll
d:\windows\system32\wlnotify.dll
d:\windows\system32\winspool.drv
d:\windows\system32\mpr.dll
d:\windows\system32\sxs.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\cscui.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wdmaud.drv
d:\windows\system32\msacm32.drv
d:\windows\system32\msacm32.dll
d:\windows\system32\midimap.dll
d:\windows\system32\comres.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\wbem\wbemprox.dll
d:\windows\system32\wbem\wbemcomn.dll
d:\windows\system32\wbem\wbemsvc.dll
d:\windows\system32\wbem\fastprox.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\dnsapi.dll
D:\WINDOWS\SYSTEM32\SERVICES.EXE
d:\windows\system32\services.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\userenv.dll
d:\windows\system32\scesrv.dll
d:\windows\system32\authz.dll
d:\windows\system32\umpnpmgr.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\ncobjapi.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\eventlog.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\psapi.dll
d:\windows\system32\wtsapi32.dll
D:\WINDOWS\SYSTEM32\LSASS.EXE
d:\windows\system32\lsass.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\lsasrv.dll
d:\windows\system32\mpr.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\samsrv.dll
d:\windows\system32\cryptdll.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\msprivs.dll
d:\windows\system32\kerberos.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\netlogon.dll
d:\windows\system32\w32time.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\schannel.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\wdigest.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\scecli.dll
d:\windows\system32\ipsecsvc.dll
d:\windows\system32\authz.dll
d:\windows\system32\oakley.dll
d:\windows\system32\winipsec.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\pstorsvc.dll
d:\windows\system32\psbase.dll
d:\windows\system32\dssenh.dll
D:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
d:\windows\system32\ati2evxx.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\ati2edxx.dll
d:\windows\system32\uxtheme.dll
D:\WINDOWS\SYSTEM32\SVCHOST.EXE
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\rpcss.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\termsrv.dll
d:\windows\system32\icaapi.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\authz.dll
d:\windows\system32\mstlsapi.dll
d:\windows\system32\activeds.dll
d:\windows\system32\adsldpc.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\atl.dll
d:\windows\system32\regapi.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\winsta.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\rpcss.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\wship6.dll
d:\windows\system32\wshisn.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\rasadhlp.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\shsvcs.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\dhcpcsvc.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\wzcsvc.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\wmi.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\esent.dll
d:\windows\system32\atl.dll
d:\windows\system32\rastls.dll
d:\windows\system32\cryptui.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\wininet.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\mprapi.dll
d:\windows\system32\activeds.dll
d:\windows\system32\adsldpc.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\rasapi32.dll
d:\windows\system32\rasman.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\schannel.dll
d:\windows\system32\winscard.dll
d:\windows\system32\raschap.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\schedsvc.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\msidle.dll
d:\windows\system32\audiosrv.dll
d:\windows\system32\wkssvc.dll
d:\windows\system32\nwwks.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\mpr.dll
d:\windows\system32\nwapi32.dll
d:\windows\system32\qmgr.dll
d:\windows\system32\shfolder.dll
d:\windows\system32\winhttp.dll
d:\windows\system32\cryptsvc.dll
d:\windows\system32\certcli.dll
d:\windows\system32\dmserver.dll
d:\windows\system32\ersvc.dll
d:\windows\system32\es.dll
d:\windows\pchealth\helpctr\binaries\pchsvc.dll
d:\windows\system32\srvsvc.dll
d:\windows\system32\netman.dll
d:\windows\system32\netshell.dll
d:\windows\system32\credui.dll
d:\windows\system32\wzcsapi.dll
d:\windows\system32\ipxsap.dll
d:\windows\system32\rtm.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\adptif.dll
d:\windows\system32\seclogon.dll
d:\windows\system32\sens.dll
d:\windows\system32\srsvc.dll
d:\windows\system32\powrprof.dll
d:\windows\system32\sxs.dll
d:\windows\system32\trkwks.dll
d:\windows\system32\w32time.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\wbem\wmisvc.dll
d:\windows\system32\vssapi.dll
d:\windows\system32\wuauserv.dll
d:\windows\system32\browser.dll
d:\windows\system32\wuaueng.dll
d:\windows\system32\winspool.drv
d:\windows\system32\cabinet.dll
d:\windows\system32\mspatcha.dll
d:\windows\system32\wscsvc.dll
d:\windows\system32\msi.dll
d:\windows\system32\wbem\wbemcomn.dll
d:\windows\system32\wbem\wbemcore.dll
d:\windows\system32\wbem\esscli.dll
d:\windows\system32\wbem\fastprox.dll
d:\windows\system32\wbem\wbemsvc.dll
d:\windows\system32\ipnathlp.dll
d:\windows\system32\authz.dll
d:\windows\system32\wbem\wmiutils.dll
d:\windows\system32\comsvcs.dll
d:\windows\system32\colbact.dll
d:\windows\system32\mtxclu.dll
d:\windows\system32\clusapi.dll
d:\windows\system32\resutils.dll
d:\windows\system32\wbem\repdrvfs.dll
d:\windows\system32\sfc.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\wship6.dll
d:\windows\system32\wbem\wmiprvsd.dll
d:\windows\system32\ncobjapi.dll
d:\windows\system32\wbem\wbemess.dll
d:\windows\system32\wbem\ncprov.dll
d:\windows\system32\rasadhlp.dll
d:\windows\system32\netcfgx.dll
d:\windows\system32\rasmans.dll
d:\windows\system32\winipsec.dll
d:\windows\system32\tapisrv.dll
d:\windows\system32\psapi.dll
d:\windows\system32\rastapi.dll
d:\windows\system32\unimdm.tsp
d:\windows\system32\uniplat.dll
d:\windows\system32\kmddsp.tsp
d:\windows\system32\ndptsp.tsp
d:\windows\system32\ipconf.tsp
d:\windows\system32\h323.tsp
d:\windows\system32\hidphone.tsp
d:\windows\system32\hid.dll
d:\windows\system32\rasppp.dll
d:\windows\system32\ntlsapi.dll
d:\windows\system32\kerberos.dll
d:\windows\system32\cryptdll.dll
d:\windows\system32\ipxwan.dll
d:\windows\system32\upnp.dll
d:\windows\system32\ssdpapi.dll
d:\windows\system32\urlmon.dll
d:\windows\system32\rasdlg.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\catsrvut.dll
d:\windows\system32\catsrv.dll
d:\windows\system32\mfcsubs.dll
d:\windows\system32\wbem\wbemcons.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\dnsrslvr.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\lmhsvc.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\regsvc.dll
d:\windows\system32\ssdpsrv.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\upnphost.dll
d:\windows\system32\winhttp.dll
d:\windows\system32\ssdpapi.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\httpapi.dll
d:\windows\system32\wship6.dll
D:\WINDOWS\SYSTEM32\SPOOLSV.EXE
d:\windows\system32\spoolsv.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\spoolss.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\rasadhlp.dll
d:\windows\system32\localspl.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\winspool.drv
d:\windows\system32\netapi32.dll
d:\windows\system32\cnbjmon.dll
d:\windows\system32\pjlmon.dll
d:\windows\system32\tcpmon.dll
d:\windows\system32\usbmon.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\mpr.dll
d:\windows\system32\win32spl.dll
d:\windows\system32\netrap.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\inetpp.dll
d:\windows\system32\xpsp2res.dll
D:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
d:\program files\avira\antivir personaledition classic\sched.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\version.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\program files\avira\antivir personaledition classic\msvcr71.dll
d:\program files\avira\antivir personaledition classic\msvcp71.dll
d:\windows\system32\imm32.dll
d:\program files\avira\antivir personaledition classic\schedr.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\rasapi32.dll
d:\windows\system32\rasman.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\program files\avira\antivir personaledition classic\avevtlog.dll
d:\program files\avira\antivir personaledition classic\sqlite3.dll
D:\WINDOWS\SYSTEM32\NETDDE.EXE
d:\windows\system32\netdde.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\nddeapi.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\nddenb32.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\msctfime.ime
D:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
d:\windows\system32\ati2evxx.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\ati2edxx.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\version.dll
d:\windows\system32\msctf.dll
D:\WINDOWS\EXPLORER.EXE
d:\windows\explorer.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\browseui.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\ole32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\shdocvw.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\cryptui.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\wininet.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\userenv.dll
d:\windows\system32\imm32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\apphelp.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\cscui.dll
d:\windows\system32\cscdll.dll
d:\windows\system32\themeui.dll
d:\windows\system32\msimg32.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\msutb.dll
d:\windows\system32\msctf.dll
d:\windows\system32\linkinfo.dll
d:\windows\system32\ntshrui.dll
d:\windows\system32\atl.dll
d:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\ieframe.dll
d:\windows\system32\psapi.dll
d:\windows\system32\urlmon.dll
d:\windows\system32\msi.dll
d:\windows\system32\mlang.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\wdmaud.drv
d:\windows\system32\msacm32.drv
d:\windows\system32\midimap.dll
d:\windows\system32\winsta.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\stobject.dll
d:\windows\system32\batmeter.dll
d:\windows\system32\powrprof.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\upnpui.dll
d:\windows\system32\upnp.dll
d:\windows\system32\winhttp.dll
d:\windows\system32\ssdpapi.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\wship6.dll
d:\windows\system32\netshell.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\credui.dll
d:\windows\system32\mpr.dll
d:\windows\system32\nwprovau.dll
d:\windows\system32\drprov.dll
d:\windows\system32\ntlanman.dll
d:\windows\system32\netui0.dll
d:\windows\system32\netui1.dll
d:\windows\system32\netrap.dll
d:\windows\system32\samlib.dll
d:\windows\system32\davclnt.dll
d:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
d:\windows\system32\browselc.dll
d:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
d:\windows\system32\msvcr71.dll
d:\progra~1\spybot~1\sdhelper.dll
d:\windows\system32\comdlg32.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\faultrep.dll
d:\windows\system32\olepro32.dll
d:\windows\system32\jsproxy.dll
d:\program files\siber systems\ai roboform\roboform.dll
d:\windows\system32\winspool.drv
d:\windows\system32\oledlg.dll
d:\windows\system32\shdoclc.dll
d:\windows\system32\sxs.dll
d:\windows\system32\duser.dll
d:\windows\system32\shmedia.dll
d:\windows\system32\msvfw32.dll
d:\windows\system32\avifil32.dll
d:\windows\system32\l3codeca.acm
d:\windows\system32\wmvcore.dll
d:\windows\system32\wmasf.dll
d:\program files\malwarebytes' anti-malware\mbamext.dll
d:\program files\winrar\rarext.dll
d:\program files\avira\antivir personaledition classic\shlext.dll
d:\program files\avira\antivir personaledition classic\mfc71u.dll
d:\windows\system32\mfc71fra.dll
d:\windows\system32\quartz.dll
d:\windows\system32\msdmo.dll
d:\windows\system32\xvid.ax
d:\program files\fichiers communs\ahead\dsfilter\nevideo.ax
d:\windows\system32\msvcp60.dll
d:\program files\fichiers communs\ahead\dsfilter\nevdec.ax
d:\windows\system32\qdvd.dll
d:\windows\system32\rasapi32.dll
d:\windows\system32\rasman.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\sensapi.dll
d:\windows\system32\mcdvd_32.dll
d:\windows\system32\cryptnet.dll
d:\windows\system32\actxprxy.dll
d:\windows\system32\msgina.dll
d:\windows\system32\odbc32.dll
d:\windows\system32\odbcint.dll
d:\windows\system32\wiashext.dll
d:\windows\system32\sti.dll
d:\windows\system32\cfgmgr32.dll
d:\windows\system32\wmpshell.dll
d:\windows\system32\qedit.dll
d:\windows\system32\devenum.dll
d:\windows\system32\asfsipc.dll
d:\windows\system32\msisip.dll
d:\windows\system32\wshext.dll
d:\windows\system32\mfc42.dll
d:\windows\system32\mfc42loc.dll
d:\windows\system32\wshfr.dll
D:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE
d:\program files\avira\antivir personaledition classic\avguard.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\version.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\program files\avira\antivir personaledition classic\msvcr71.dll
d:\windows\system32\imm32.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\program files\avira\antivir personaledition classic\avevtlog.dll
d:\program files\avira\antivir personaledition classic\guardmsg.dll
d:\program files\avira\antivir personaledition classic\sqlite3.dll
d:\program files\avira\antivir personaledition classic\avpref.dll
d:\program files\avira\antivir personaledition classic\smtplib.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\program files\avira\antivir personaledition classic\avgio.dll
d:\windows\system32\fltlib.dll
d:\windows\system32\shlwapi.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\program files\avira\antivir personaledition classic\avipc.dll
d:\program files\avira\antivir personaledition classic\aecore.dll
d:\program files\avira\antivir personaledition classic\aevdf.dll
d:\program files\avira\antivir personaledition classic\aescript.dll
d:\program files\avira\antivir personaledition classic\aescn.dll
d:\program files\avira\antivir personaledition classic\aerdl.dll
d:\program files\avira\antivir personaledition classic\aepack.dll
d:\program files\avira\antivir personaledition classic\unacev2.dll
d:\windows\system32\shell32.dll
d:\program files\avira\antivir personaledition classic\aeoffice.dll
d:\program files\avira\antivir personaledition classic\aeheur.dll
d:\program files\avira\antivir personaledition classic\aehelp.dll
d:\program files\avira\antivir personaledition classic\aegen.dll
d:\program files\avira\antivir personaledition classic\aeemu.dll
d:\program files\avira\antivir personaledition classic\aebb.dll
D:\WINDOWS\EHOME\EHRECVR.EXE
d:\windows\ehome\ehrecvr.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\atl.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\wldap32.dll
d:\windows\system32\samlib.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\version.dll
d:\windows\system32\sbe.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\msvidctl.dll
d:\windows\system32\quartz.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\devenum.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\msdmo.dll
D:\WINDOWS\EHOME\EHSCHED.EXE
d:\windows\ehome\ehsched.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\atl.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\imm32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\version.dll
d:\windows\system32\msi.dll
d:\windows\ehome\ehproxy.dll
d:\windows\system32\tapi3.dll
d:\windows\system32\wininet.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\winmm.dll
d:\windows\system32\rtutils.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\confmsp.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\windows\system32\termmgr.dll
d:\windows\system32\h323msp.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\msasn1.dll
D:\WINDOWS\SYSTEM32\SVCHOST.EXE
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\wiaservc.dll
d:\windows\system32\cfgmgr32.dll
d:\windows\system32\setupapi.dll
d:\windows\system32\mscms.dll
d:\windows\system32\winspool.drv
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\wintrust.dll
d:\windows\system32\crypt32.dll
d:\windows\system32\msasn1.dll
d:\windows\system32\imagehlp.dll
d:\windows\system32\wiavusd.dll
d:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
d:\windows\system32\shfolder.dll
d:\windows\system32\actxprxy.dll
d:\windows\system32\sti.dll
D:\WINDOWS\SYSTEM32\DLLHOST.EXE
d:\windows\system32\dllhost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\comsvcs.dll
d:\windows\system32\colbact.dll
d:\windows\system32\mtxclu.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\clusapi.dll
d:\windows\system32\resutils.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\txflog.dll
d:\windows\system32\es.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\winsta.dll
d:\windows\system32\sxs.dll
D:\WINDOWS\SYSTEM32\ALG.EXE
d:\windows\system32\alg.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\atl.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\wsock32.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
D:\WINDOWS\SYSTEM32\WSCNTFY.EXE
d:\windows\system32\wscntfy.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\shell32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\imm32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\xpsp2res.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\ole32.dll
d:\windows\system32\msctf.dll
D:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE
d:\program files\ati technologies\ati.ace\cli.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\mscoree.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\imm32.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorwks.dll
d:\windows\microsoft.net\framework\v1.1.4322\msvcr71.dll
d:\windows\microsoft.net\framework\v1.1.4322\fusion.dll
d:\windows\system32\ole32.dll
d:\windows\system32\shell32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll
d:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_dbf950a0\mscorlib.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorsn.dll
d:\windows\system32\rsaenh.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctf.dll
d:\windows\microsoft.net\framework\v1.1.4322\mscorjit.dll
d:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_5c147402\system.windows.forms.dll
d:\windows\system32\xpsp2res.dll
d:\program files\ati technologies\ati.ace\cli.implementation.dll
d:\program files\ati technologies\ati.ace\log.foundation.dll
d:\program files\ati technologies\ati.ace\cli.foundation.dll
d:\program files\ati technologies\ati.ace\log.foundation.service.dll
d:\program files\ati technologies\ati.ace\log.foundation.shared.dll
d:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_93f6b43b\system.dll
d:\windows\system32\shfolder.dll
d:\program files\ati technologies\ati.ace\cli.foundation.xmanifestation.dll
d:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_da753e34\system.xml.dll
d:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\mswsock.dll
d:\windows\system32\hnetcfg.dll
d:\windows\system32\wshtcpip.dll
d:\program files\ati technologies\ati.ace\cli.component.runtime.dll
d:\program files\ati technologies\ati.ace\aticccom.dll
d:\program files\ati technologies\ati.ace\aem.foundation.dll
d:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
d:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e4644227\system.drawing.dll
d:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_fr_b77a5c561934e089\system.windows.forms.resources.dll
d:\windows\system32\msctfime.ime
d:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
d:\program files\ati technologies\ati.ace\cli.caste.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.caste.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.component.runtime.shared.dll
d:\program files\ati technologies\ati.ace\dem.foundation.dll
d:\program files\ati technologies\ati.ace\dem.graphics.i0601.dll
d:\program files\ati technologies\ati.ace\ace.graphics.displaysmanager.shared.dll
d:\windows\system32\dnsapi.dll
d:\windows\system32\winrnr.dll
d:\windows\system32\wldap32.dll
d:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll
d:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
d:\windows\system32\atidemgr.dll
d:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
d:\windows\system32\clbcatq.dll
d:\windows\system32\comres.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\version.dll
d:\windows\microsoft.net\framework\v1.1.4322\wminet_utils.dll
d:\windows\system32\wbem\wmiutils.dll
d:\windows\system32\wbem\wbemprox.dll
d:\windows\system32\wbem\wbemcomn.dll
d:\windows\system32\wbem\wbemsvc.dll
d:\windows\system32\wbem\fastprox.dll
d:\windows\system32\msvcp60.dll
d:\windows\system32\ntdsapi.dll
d:\windows\system32\netapi32.dll
d:\windows\microsoft.net\framework\v1.1.4322\perfcounter.dll
d:\windows\system32\ntmarta.dll
d:\windows\system32\samlib.dll
d:\windows\system32\psapi.dll
d:\windows\microsoft.net\framework\v1.1.4322\aspnet_isapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\atl.dll
d:\windows\system32\iphlpapi.dll
d:\windows\system32\perfproc.dll
d:\windows\system32\rasman.dll
d:\windows\system32\msv1_0.dll
d:\windows\system32\tapi32.dll
d:\windows\system32\rtutils.dll
d:\windows\system32\winmm.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\system32\mprapi.dll
d:\windows\system32\activeds.dll
d:\windows\system32\adsldpc.dll
d:\windows\system32\setupapi.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.multivpu.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.verylargedesktop.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displayscolour.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.mmvideo.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.videooverlay.graphics.shared.dll
d:\program files\ati technologies\ati.ace\ace.graphics.videooverlay.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.vpurecover.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecrt2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicelcd2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.customformats.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicecv2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicedfp2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive3.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.powerplay3.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.infocentre.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.runtime.dll
d:\program files\ati technologies\ati.ace\cli.aspect.hotkeyshandling.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3d.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.radeon3dlegacy.graphics.shared.dll
d:\program files\ati technologies\ati.ace\dem.graphics.i0600.dll
d:\program files\ati technologies\ati.ace\cli.aspect.smartgart.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.workstationconfig.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty.graphics.shared.dll
d:\program files\ati technologies\ati.ace\dem.graphics.i0602.dll
d:\program files\ati technologies\ati.ace\cli.aspect.deviceproperty2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.devicetv.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.overdrive2.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.displaysoptions.graphics.shared.dll
d:\program files\ati technologies\ati.ace\cli.aspect.integratedumaframebuffer.graphics.shared.dll
d:\program files\ati technologies\ati.ace\apm.foundation.dll
d:\windows\system32\apphelp.dll
d:\windows\system32\ieframe.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\urlmon.dll
D:\WINDOWS\SYSTEM32\CTFMON.EXE
d:\windows\system32\ctfmon.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\msctf.dll
d:\windows\system32\msutb.dll
d:\windows\system32\shimeng.dll
d:\windows\apppatch\acgenral.dll
d:\windows\system32\winmm.dll
d:\windows\system32\ole32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\msacm32.dll
d:\windows\system32\version.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\userenv.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\imm32.dll
d:\windows\system32\serwvdrv.dll
d:\windows\system32\umdmxfrm.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\msctfime.ime
D:\DOCUMENTS AND SETTINGS\STEPHANE.MCE2005\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
d:\documents and settings\stephane.mce2005\local settings\application data\google\update\googleupdate.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\ole32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\secur32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\user32.dll
d:\windows\system32\msvcrt.dll
d:\windows\system32\imm32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\shell32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\documents and settings\stephane.mce2005\local settings\application data\google\update\1.2.131.11\goopdate.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\ws2_32.dll
d:\windows\system32\ws2help.dll
d:\windows\system32\dbghelp.dll
d:\windows\system32\version.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctf.dll
d:\windows\system32\msctfime.ime
D:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
d:\program files\siber systems\ai roboform\robotaskbaricon.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\program files\siber systems\ai roboform\roboform.dll
d:\windows\system32\user32.dll
d:\windows\system32\gdi32.dll
d:\windows\system32\winspool.drv
d:\windows\system32\msvcrt.dll
d:\windows\system32\rpcrt4.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\secur32.dll
d:\windows\system32\shell32.dll
d:\windows\system32\shlwapi.dll
d:\windows\system32\wininet.dll
d:\windows\system32\normaliz.dll
d:\windows\system32\iertutil.dll
d:\windows\system32\oledlg.dll
d:\windows\system32\ole32.dll
d:\windows\system32\olepro32.dll
d:\windows\system32\oleaut32.dll
d:\windows\system32\urlmon.dll
d:\windows\system32\version.dll
d:\windows\system32\imm32.dll
d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
d:\windows\system32\comctl32.dll
d:\windows\system32\uxtheme.dll
d:\windows\system32\msctf.dll
d:\windows\system32\wtsapi32.dll
d:\windows\system32\winsta.dll
d:\windows\system32\netapi32.dll
d:\windows\system32\msctfime.ime
d:\windows\system32\oleacc.dll
d:\windows\system32\msvcp60.dll
D:\WINDOWS\SYSTEM32\SVCHOST.EXE
d:\windows\system32\svchost.exe
d:\windows\system32\ntdll.dll
d:\windows\system32\kernel32.dll
d:\windows\system32\advapi32.dll
d:\windows\system32\
salut
voila ta demande
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:47, on 2008-09-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
voila ta demande
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:47, on 2008-09-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
desoler
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:06, on 2008-09-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\robert\prhyper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HijackThis startup scan] D:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:06, on 2008-09-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\robert\prhyper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HijackThis startup scan] D:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
allo
et le voila apres un redemarage difficile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:35, on 2008-09-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\robert\prhyper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HijackThis startup scan] D:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
et le voila apres un redemarage difficile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:35, on 2008-09-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\netdde.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\robert\prhyper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Shareaza\Shareaza.exe
D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Program Files\ATI Technologies\ATI.ACE\cli.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.intl=ca&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [ATIPTA] c:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "D:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\robert\prhyper.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Shareaza] "D:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\stephane.MCE2005\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "D:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HijackThis startup scan] D:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Barre RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
