Rapport hijackthis
Résolu
antouvda
Messages postés
57
Statut
Membre
-
antouvda -
antouvda -
Bonjour, mon ordi n' a pas la super forme . On m'a conseillé un rapport hijackthis . Un seul probléme l' analyser ^^.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:52, on 5/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NCH Software\Prism\prism.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
R3 - URLSearchHook: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [EasyPHP] "C:\Program Files\EasyPHP1-8\EasyPHP.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [RemoveWGA] H:\crack winxp\RemoveWGA.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe " -t
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Free Download Manager\softinfo.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: RAID Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Windows &Live Favorites - [vous ne pouvez pas voir le lien].[enregistrez vous ici]
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: [vous ne pouvez pas voir le lien].[enregistrez vous ici]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [vous ne pouvez pas voir le lien].[enregistrez vous ici]
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5D85E58-1E4F-4DD5-BA1C-D2D80EC3A778}: NameServer = 195.238.2.22,195.238.2.21
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - [vous ne pouvez pas voir le lien].[enregistrez vous ici] - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: MySQL - Unknown owner - C:\PROGRA~1\EASYPH~1.0B1\MySql\bin\mysqld.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:52, on 5/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NCH Software\Prism\prism.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [vous ne pouvez pas voir le lien].[enregistrez vous ici]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
R3 - URLSearchHook: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [EasyPHP] "C:\Program Files\EasyPHP1-8\EasyPHP.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [RemoveWGA] H:\crack winxp\RemoveWGA.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe " -t
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Free Download Manager\softinfo.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: RAID Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Windows &Live Favorites - [vous ne pouvez pas voir le lien].[enregistrez vous ici]
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: [vous ne pouvez pas voir le lien].[enregistrez vous ici]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [vous ne pouvez pas voir le lien].[enregistrez vous ici]
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5D85E58-1E4F-4DD5-BA1C-D2D80EC3A778}: NameServer = 195.238.2.22,195.238.2.21
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - [vous ne pouvez pas voir le lien].[enregistrez vous ici] - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: MySQL - Unknown owner - C:\PROGRA~1\EASYPH~1.0B1\MySql\bin\mysqld.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
A voir également:
- Rapport hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
73 réponses
salut
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
merci de m' aider voilà ton souhait
-----------\\ ToolBar S&D 1.2.6 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 09/26/04 14:53:28 Ver: 08.00.10
USER : User ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:76 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
L:\ (USB)
M:\ (USB)
N:\ (USB)
O:\ (USB)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( lun. 08/12/2008|14:10 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR"
"Search Bar"="http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR"
"Start Page"="https://www.google.be/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\User\Bureau\config counter\Steam2222\SteamApps\antouvda\counter-strike source\cstrike\sound\admin_plugin\triererhautzen\crack.wav
C:\DOCUME~1\User\Bureau\gravure\t‚l‚charg‚s\Nero.7.Premium.v7.2.7.0.FR.Incl-Keygen.rar
C:\DOCUME~1\User\Bureau\gravure\t‚l‚charg‚s\WinZip 10.0 pro+ keygen (En Fran‡ais).zip
1 - "C:\ToolBar SD\TB_1.txt" - lun. 08/12/2008|14:12 - Option : [1]
-----------\\ Fin du rapport a 14:12:45,70
-----------\\ ToolBar S&D 1.2.6 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 09/26/04 14:53:28 Ver: 08.00.10
USER : User ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:76 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
L:\ (USB)
M:\ (USB)
N:\ (USB)
O:\ (USB)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( lun. 08/12/2008|14:10 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR"
"Search Bar"="http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR"
"Start Page"="https://www.google.be/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\User\Bureau\config counter\Steam2222\SteamApps\antouvda\counter-strike source\cstrike\sound\admin_plugin\triererhautzen\crack.wav
C:\DOCUME~1\User\Bureau\gravure\t‚l‚charg‚s\Nero.7.Premium.v7.2.7.0.FR.Incl-Keygen.rar
C:\DOCUME~1\User\Bureau\gravure\t‚l‚charg‚s\WinZip 10.0 pro+ keygen (En Fran‡ais).zip
1 - "C:\ToolBar SD\TB_1.txt" - lun. 08/12/2008|14:12 - Option : [1]
-----------\\ Fin du rapport a 14:12:45,70
Attention aux cracks, c'est un important vecteur d'infection (télécharger un crack ou même visiter un site de crack a de grandes chances d'infecter l'ordinateur) : plus de 40%des infections
1-IMPORTANT :
je rappelle que bagle est amené par un crack et qu'il se relance dès que tu te sers de celui ci; même si tu ne sers pas, il peut se relancer de lui même au démarrage de ton PC . En claire :
Essayes surtout de te rappeler si récemment tu n' as pas clicker sur un "patch" ou un "keygen" pour installer un logiciel, un jeu cracké ou avoir une version complète d'un soft , et qu'il ne se soit rien passé de particulier ... C'est la que les bagles s'infiltrent ! Si tu retrouves ce crack en particulier ,scratch tout ( le crack, le soft ou encore les zip concernés). Si tu ne te rappelles plus trop , je te conseille fortement de supprimer tous les cracks qui sont sur ton PC ... ;)
https://forum.malekal.com/viewtopic.php?f=33&t=893
Si tu en as, il faut les supprimer, ou il vont réinfecter continuellement ton pc...
-------------------
1) Télécharge SDFix d' AndyManchesta
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe sur ton Bureau.
Double clique sur SDFix.exe et choisis Install. L'outil sera extrait à la racine du lecteur système (généralement le C:\)
N y touche pas pour l instant.
2) Redémarre en mode sans échec
3) SDFix
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
· Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
--------------------------
1-IMPORTANT :
je rappelle que bagle est amené par un crack et qu'il se relance dès que tu te sers de celui ci; même si tu ne sers pas, il peut se relancer de lui même au démarrage de ton PC . En claire :
Essayes surtout de te rappeler si récemment tu n' as pas clicker sur un "patch" ou un "keygen" pour installer un logiciel, un jeu cracké ou avoir une version complète d'un soft , et qu'il ne se soit rien passé de particulier ... C'est la que les bagles s'infiltrent ! Si tu retrouves ce crack en particulier ,scratch tout ( le crack, le soft ou encore les zip concernés). Si tu ne te rappelles plus trop , je te conseille fortement de supprimer tous les cracks qui sont sur ton PC ... ;)
https://forum.malekal.com/viewtopic.php?f=33&t=893
Si tu en as, il faut les supprimer, ou il vont réinfecter continuellement ton pc...
-------------------
1) Télécharge SDFix d' AndyManchesta
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe sur ton Bureau.
Double clique sur SDFix.exe et choisis Install. L'outil sera extrait à la racine du lecteur système (généralement le C:\)
N y touche pas pour l instant.
2) Redémarre en mode sans échec
3) SDFix
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
· Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
--------------------------
sais tu me dire quel programme je dois laissé si te donne la liste de mes programmes au démarrage ??
(plus de craks sur mon pc )
(plus de craks sur mon pc )
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
j ai fait l analyse (j ai eu un stress car le mode sans echec a mis longtemp a s ' afficher et j avais un ecran noir )
[b]SDFix: Version 1.240 [/b]
Run by Administrateur on 08/12/2008 at 16:01
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\ANTI_T~1.EXE - Deleted
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 16:38:59
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a940192d8]
"0018c546ebe8"=hex:f8,29,df,36,e0,19,94,6d,86,9c,7a,b4,09,0f,11,37
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:f2e4bc9d
"s2"=dword:02f3ee1d
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:2b,59,74,33,82,fb,34,a1,5f,ff,50,ec,8e,77,9c,c8,47,f0,b8,fb,b0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:2b,59,74,33,82,fb,34,a1,5f,ff,50,ec,8e,77,9c,c8,47,f0,b8,fb,b0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a940192d8]
"0018c546ebe8"=hex:f8,29,df,36,e0,19,94,6d,86,9c,7a,b4,09,0f,11,37
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:2b,59,74,33,82,fb,34,a1,5f,ff,50,ec,8e,77,9c,c8,47,f0,b8,fb,b0,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG06.00.00.01WORKSTATION"="56F9C1EE444732C820AC69838E40D19F10C13265B2015FDD013FD12A41DA7A89BDA907A3ADB9EFE9DEEA79ACD91609A27EBB7310EEE0AA57362166F8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6679DB7CE019D40AA5CA9C6AECB7A5D14075D575E7D6A3B9808805360001278DA70C8440D5759153E0617411241620139CCB72E601C05EC9DA96F5BACC820412518CF008ED11B9D761DE1BEE92EB56479C89DB9AB832A5BFB4832C158069CDC2987207E675FDB104865A04371AC70BCD5F6DF5D2606802865D6007BA11AFD03590AF62884DAA56762723849E0B1D2685AD1273F75519FB1E059E4043C8E4FB3D94F66E4C5431A62A63EDD4B6656348645BD700DB3B8AF18ABBCC4D74E0BB02F84E9D427FD3EED042CA41C48A3577B7A0B7E0A76EFB16F40B6CDD178F26055FDE6D1FB5E761368153D65D246AC9527ECD23C99B12B55335325BE16EB3A0184E8C362E802EAADE51F58A4B3C90B95474AF8871575DC62DF3FD027ED3B268319FC0F5C7D8E0B1DD7712FEBC6E13A0283430CCF4980EC3AEE3546010A75AD24828EF260F0007A96C09F2AA7651A2DA513CB506A5491BAE2EFA9C32AEF2B3DBFC4334D78CA5AD2713A006227BF8AC8F1451A3D91ACEE97870556C165F67232D975442F8DE9A49E2AEF2F2620D747647DF82D7DE197E0CA73E3376559CD64601BC160DD7100E85E5FA10C79AA846DCE7FA343F05D32B28C9A560F0D10731F8F4D6769D35593368655A5389141EF1D49D3D061ABE86C370D92BBE1C8F73D44F8DD3A06BDD2FC9D7EF4E19C59C6997906FD1D4FF4CE89C0EB1407FA5C64D3F8CCE1A19FFC64EAB7A3C8D363EEFED4A931A1B798493B212A41FDBCE3410A35E7AE0F1A65A8E85F1F43820CFB2612C75A6686678F5540204E955377EF248430BE34C0B0C98724307124732E1A040C6D3A379B06457FD3C40F68B8E6B46452EAADE8F409019ABD86D17C9672B3C45D94FDA8F00094DECDA351AAF64B0A18D45E6BCBCF5C0610C0DFE6F9852604D5DADEDCB2BB5698BC6DA4FB42FD7D8E86D3D6315018F398CF9C8E5B3B81A78BD83D4412C2D31FB01B52827D8ADEE4A2ACF8F3BD5DB83139F1A4B8DCD4EBEC8CA59F10DC3B370302AD044F45CFCF01E93B512DD04EBF84AD4490D720CE50FC0EC604DF026F874075D96A6C49552AE45096D1C8B171607781C9FBB9DAA458F55C7A4D26C82A072735BCD29280CFEBB681D6CFE4290A71238136667FC6C75406843346AB7C26A01E33A46FCDE8EAB7AFEEC9057105CE6EB9417432A0A39AB8F25B171889ED96601C2217D4FD8244521E4D6D11B4186B767C969F2864B3769D947801D5AEEE9F78B0FA4AFCD552ED26659679F4C436FECAC29A0C716ABDA63DD63580F15ED85A3C"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Sat 11 Nov 2006 774,144 A..H. --- "C:\Program Files\RngInterstitial.dll"
Wed 29 Aug 2007 255,320 A..H. --- "C:\Program Files\Apple Software Update\ScriptingObjectModel.dll"
Wed 29 Aug 2007 238,936 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateAdmin.dll"
Wed 29 Aug 2007 558,424 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.exe"
Wed 29 Aug 2007 345,432 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.dll"
Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 14 Apr 2008 1,314,816 A..H. --- "C:\Program Files\Outlook Express\msoe.dll"
Mon 14 Apr 2008 2,534,400 A..H. --- "C:\Program Files\Outlook Express\msoeres.dll"
Mon 14 Apr 2008 104,448 A..H. --- "C:\Program Files\Outlook Express\oeimport.dll"
Mon 14 Apr 2008 60,928 A..H. --- "C:\Program Files\Outlook Express\oemig50.exe"
Mon 14 Apr 2008 35,840 A..H. --- "C:\Program Files\Outlook Express\oemiglib.dll"
Mon 14 Apr 2008 73,728 A..H. --- "C:\Program Files\Outlook Express\setup50.exe"
Mon 14 Apr 2008 46,080 A..H. --- "C:\Program Files\Outlook Express\wab.exe"
Mon 14 Apr 2008 32,768 A..H. --- "C:\Program Files\Outlook Express\wabfind.dll"
Mon 14 Apr 2008 85,504 A..H. --- "C:\Program Files\Outlook Express\wabimp.dll"
Mon 14 Apr 2008 30,208 A..H. --- "C:\Program Files\Outlook Express\wabmig.exe"
Thu 27 Nov 2008 56 ..SHR --- "C:\WINDOWS\system32\D0BCBE7068.sys"
Thu 27 Nov 2008 11,270 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Thu 2 Mar 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 29 Aug 2007 202,072 A..H. --- "C:\Program Files\Apple Software Update\plugins\EXEInstallPlugin.dll"
Wed 29 Aug 2007 124,248 A..H. --- "C:\Program Files\Apple Software Update\plugins\MSIInstallPlugin.dll"
Mon 17 May 2004 925,696 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\AegisE5.dll"
Thu 29 Jul 2004 163,840 A..HR --- "C:\Program Files\ASUS\WLAN Card Utilities\AsAuthen.dll"
Fri 13 Aug 2004 1,557,504 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Center.exe"
Thu 1 Jul 2004 493,056 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\ClearIcs.exe"
Thu 18 Mar 2004 49,152 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\InstDrv.exe"
Thu 23 Oct 2003 24,576 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Launcher.exe"
Wed 11 Aug 2004 2,423,296 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Mobile.exe"
Thu 9 Oct 2003 17,920 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\NAUser.exe"
Wed 24 Sep 2003 184,396 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Remove.exe"
Wed 11 Jun 2003 17,920 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Resume.exe"
Wed 28 Jul 2004 1,121,280 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\StMonitor.exe"
Wed 28 Jul 2004 1,058,304 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\TShoot.exe"
Thu 3 Feb 2000 116,224 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Unzdll.dll"
Mon 9 Sep 2002 294,912 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\winFlash.exe"
Fri 13 Aug 2004 2,136,064 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Wireless.exe"
Fri 13 Aug 2004 2,305,024 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Wizard.exe"
Fri 14 Nov 2008 20,487 A.SHR --- "C:\Program Files\McAfee\MQC\MRU.bak"
Fri 14 Nov 2008 265 A.SHR --- "C:\Program Files\McAfee\MQC\qcconf.bak"
Thu 26 Oct 2006 953,192 A..H. --- "C:\Program Files\Microsoft Office\Office12\ACCDDS.DLL"
Thu 26 Oct 2006 404,320 A..H. --- "C:\Program Files\Microsoft Office\Office12\ACCDDSF.DLL"
Thu 26 Oct 2006 384,872 A..H. --- "C:\Program Files\Microsoft Office\Office12\ACCDDSLM.DLL"
Thu 26 Oct 2006 1,165,584 A..H. --- "C:\Program Files\Microsoft Office\Office12\ACCICONS.EXE"
Thu 26 Oct 2006 3,135,304 A..H. --- "C:\Program Files\Microsoft Office\Office12\ACCVDT.DLL"
Thu 26 Oct 2006 53,576 A..H. --- "C:\Program Files\Microsoft Office\Office12\AUTHZAX.DLL"
Thu 26 Oct 2006 15,168 A..H. --- "C:\Program Files\Microsoft Office\Office12\BJABLR32.DLL"
Thu 26 Oct 2006 18,776 A..H. --- "C:\Program Files\Microsoft Office\Office12\DSITF.DLL"
Thu 26 Oct 2006 106,824 A..H. --- "C:\Program Files\Microsoft Office\Office12\DSSM.EXE"
Thu 26 Oct 2006 35,160 A..H. --- "C:\Program Files\Microsoft Office\Office12\DUMPSTER.DLL"
Thu 26 Oct 2006 116,544 A..H. --- "C:\Program Files\Microsoft Office\Office12\EMABLT32.DLL"
Thu 26 Oct 2006 154,960 A..H. --- "C:\Program Files\Microsoft Office\Office12\ENVELOPE.DLL"
Thu 26 Oct 2006 72,472 A..H. --- "C:\Program Files\Microsoft Office\Office12\excelcnvpxy.dll"
Mon 12 Jun 2006 264,192 A..H. --- "C:\Program Files\Microsoft Office\Office12\EXCHCSP.DLL"
Thu 26 Oct 2006 15,680 A..H. --- "C:\Program Files\Microsoft Office\Office12\HLP95EN.DLL"
Thu 26 Oct 2006 66,368 A..H. --- "C:\Program Files\Microsoft Office\Office12\INLAUNCH.DLL"
Thu 26 Oct 2006 78,648 A..H. --- "C:\Program Files\Microsoft Office\Office12\INTLDATE.DLL"
Thu 26 Oct 2006 103,208 A..H. --- "C:\Program Files\Microsoft Office\Office12\MCPS.DLL"
Thu 26 Oct 2006 88,896 A..H. --- "C:\Program Files\Microsoft Office\Office12\Microsoft.Office.Interop.InfoPath.Xml.dll"
Thu 26 Oct 2006 404,296 A..H. --- "C:\Program Files\Microsoft Office\Office12\Microsoft.Office.Interop.InfoPath.SemiTrust.dll"
Thu 26 Oct 2006 21,312 A..H. --- "C:\Program Files\Microsoft Office\Office12\MLSHEXT.DLL"
Fri 27 Oct 2006 76,088 A..H. --- "C:\Program Files\Microsoft Office\Office12\MSOHEV.DLL"
Thu 26 Oct 2006 61,240 A..H. --- "C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL"
Thu 26 Oct 2006 67,896 A..H. --- "C:\Program Files\Microsoft Office\Office12\MSOHTMED.EXE"
Fri 27 Oct 2006 35,152 A..H. --- "C:\Program Files\Microsoft Office\Office12\MSOSTYLE.DLL"
Thu 26 Oct 2006 727,840 A..H. --- "C:\Program Files\Microsoft Office\Office12\msproof6.dll"
Thu 26 Oct 2006 96,008 A..H. --- "C:\Program Files\Microsoft Office\Office12\MSRTEDIT.DLL"
Thu 26 Oct 2006 145,688 A..H. --- "C:\Program Files\Microsoft Office\Office12\MSTORE.EXE"
Thu 26 Oct 2006 1,512,304 A..H. --- "C:\Program Files\Microsoft Office\Office12\nlsdata0000.dll"
Thu 26 Oct 2006 2,277,224 A..H. --- "C:\Program Files\Microsoft Office\Office12\NLSDATA0007.DLL"
Thu 26 Oct 2006 9,877,360 A..H. --- "C:\Program Files\Microsoft Office\Office12\NLSDATA000A.DLL"
Thu 26 Oct 2006 2,674,536 A..H. --- "C:\Program Files\Microsoft Office\Office12\NLSDATA000C.DLL"
Thu 26 Oct 2006 24,390,512 A..H. --- "C:\Program Files\Microsoft Office\Office12\NLSDATA0009.DLL"
Thu 26 Oct 2006 5,335,408 A..H. --- "C:\Program Files\Microsoft Office\Office12\NLSLEXICONS000A_SP.dll"
Thu 26 Oct 2006 7,253,360 A..H. --- "C:\Program Files\Microsoft Office\Office12\NLSMODELS000A.dll"
Thu 26 Oct 2006 16,192 A..H. --- "C:\Program Files\Microsoft Office\Office12\NPOFF12.DLL"
Fri 27 Oct 2006 54,680 A..H. --- "C:\Program Files\Microsoft Office\Office12\OFFRHD.DLL"
Fri 20 Oct 2006 637,744 A..H. --- "C:\Program Files\Microsoft Office\Office12\ogalegit.dll"
Thu 26 Oct 2006 23,392 A..H. --- "C:\Program Files\Microsoft Office\Office12\oisctrl.dll"
Thu 26 Oct 2006 254,776 A..H. --- "C:\Program Files\Microsoft Office\Office12\OLKFSTUB.DLL"
Fri 27 Oct 2006 31,000 A..H. --- "C:\Program Files\Microsoft Office\Office12\OUTLACCT.DLL"
Fri 27 Oct 2006 138,512 A..H. --- "C:\Program Files\Microsoft Office\Office12\OUTLCTL.DLL"
Thu 26 Oct 2006 368,968 A..H. --- "C:\Program Files\Microsoft Office\Office12\PPSLAX.DLL"
Thu 26 Oct 2006 48,448 A..H. --- "C:\Program Files\Microsoft Office\Office12\PUBTRAP.DLL"
Thu 26 Oct 2006 39,208 A..H. --- "C:\Program Files\Microsoft Office\Office12\RECALL.DLL"
Thu 26 Oct 2006 40,424 A..H. --- "C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL"
Fri 27 Oct 2006 408,880 A..H. --- "C:\Program Files\Microsoft Office\Office12\RTFHTML.DLL"
Thu 26 Oct 2006 291,128 A..H. --- "C:\Program Files\Microsoft Office\Office12\SAEXT.DLL"
Thu 26 Oct 2006 55,056 A..H. --- "C:\Program Files\Microsoft Office\Office12\SCANOST.EXE"
Thu 26 Oct 2006 24,368 A..H. --- "C:\Program Files\Microsoft Office\Office12\SENDTO.DLL"
Thu 26 Oct 2006 70,456 A..H. --- "C:\Program Files\Microsoft Office\Office12\SEQCHK10.DLL"
Thu 26 Oct 2006 34,104 A..H. --- "C:\Program Files\Microsoft Office\Office12\SETLANG.EXE"
Thu 26 Oct 2006 227,128 A..H. --- "C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL"
Fri 13 Oct 2006 503,296 A..H. --- "C:\Program Files\Microsoft Office\Office12\USP10.DLL"
Thu 26 Oct 2006 33,080 A..H. --- "C:\Program Files\Microsoft Office\Office12\VPREVIEW.EXE"
Wed 13 Sep 2006 215,840 A..H. --- "C:\Program Files\Microsoft Office\Office12\WDBIMP.DLL"
Thu 26 Oct 2006 509,200 A..H. --- "C:\Program Files\Microsoft Office\Office12\Wordcnvr.dll"
Sun 22 Apr 2007 71,168 ..SHR --- "C:\Program Files\Tripy\Arpentar\Setup.exe"
Sat 9 Jul 2005 16,384 A.SHR --- "C:\Program Files\Tripy\Arpentar\_Setup.dll"
Mon 16 Apr 2001 397,312 A..H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\AceLite.dll"
Mon 16 Apr 2001 53,248 ...H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\ACROFX32.DLL"
Mon 24 Sep 2001 3,891,268 A..H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe"
Wed 5 Sep 2001 1,138,688 A..H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\Agm.dll"
Mon 16 Apr 2001 147,456 A..H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\Bib.dll"
Tue 24 Jul 2001 1,441,792 A..H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\CoolType.dll"
Tue 19 Jun 2001 86,016 A..H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\OPP.dll"
Mon 16 Apr 2001 878,592 A..H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\vdk150.dll"
Mon 10 Sep 2001 172,032 ...H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\WHA Library.dll"
Wed 29 Aug 2007 24,576 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\da.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 26,624 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\de.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,064 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 25,600 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\es.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,576 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 26,112 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 25,088 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\it.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,064 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ja.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,064 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ko.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,576 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nb.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 26,112 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nl.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 25,088 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ru.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,576 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,064 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 24,064 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\SoftwareUpdateLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 5,120 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,096 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 5,120 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 5,120 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 5,120 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 5,120 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\SoftwareUpdateFilesLocalized.dll"
Wed 29 Aug 2007 4,608 A..H. --- "C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj\SoftwareUpdateFilesLocalized.dll"
Tue 25 Dec 2001 172,032 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\abmFind.dll"
Wed 5 Jun 2002 339,968 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\AlbumBase.dll"
Mon 3 Dec 2001 73,728 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\ASPI.dll"
Mon 22 Oct 2001 53,248 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\EditWin.dll"
Mon 22 Oct 2001 122,880 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\eff_ehn.dll"
Fri 15 Mar 2002 462,848 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\EXIF.dll"
Thu 30 May 2002 724,992 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\EzDll.dll"
Tue 21 May 2002 708,608 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\EzFile.dll"
Tue 23 Dec 1997 115,712 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\Filefpx.dll"
Fri 18 Jan 2002 332,800 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\FPXLIB.DLL"
Fri 18 Jan 2002 122,880 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\JPEGLIB.DLL"
Tue 12 Mar 2002 147,456 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\MultiPrint.dll"
Mon 28 Jan 2002 98,304 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\myCtrl.dll"
Mon 22 Oct 2001 32,768 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\OsWrapperForPI.dll"
Thu 6 Jun 2002 1,740,800 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\PhotoImpression.exe"
Tue 25 Dec 2001 61,440 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\PiApi.dll"
Mon 22 Oct 2001 77,824 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\PScan.dll"
Tue 16 Apr 2002 229,376 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\Res_Dll.dll"
Fri 7 Jun 2002 188,416 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\Res_Pi.dll"
Mon 22 Oct 2001 53,248 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\PhotoImpression\wdmcapture.dll"
Wed 4 Jul 2001 315,392 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\AlbumBase.dll"
Wed 13 Dec 2000 86,016 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\ASFWriter.dll"
Tue 21 Nov 2000 186,880 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\CDUtil.dll"
Thu 26 Apr 2001 53,248 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\EditWin.dll"
Mon 24 Jun 2002 696,320 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\EzFile.dll"
Sun 30 Apr 2000 115,712 A..HR --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\Filefpx.dll"
Sun 30 Apr 2000 308,736 A..HR --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\FPXLIB.DLL"
Sun 30 Apr 2000 91,136 A..HR --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\JPEGLIB.DLL"
Fri 21 Jun 2002 98,304 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\Res_vi17.dll"
Thu 27 Jun 2002 843,776 A..H. --- "C:\Program Files\ArcSoft\Camera Suite\VideoImpression\videoimp.exe"
Thu 26 Oct 2006 14,688 A..H. --- "C:\Program Files\Microsoft Office\MEDIA\CAGCAT10\CAGCAT10.DLL"
Thu 26 Oct 2006 14,688 A..H. --- "C:\Program Files\Microsoft Office\MEDIA\OFFICE12\OFFICE10.DLL"
Tue 22 Aug 2006 146,192 A..H. --- "C:\Program Files\Microsoft Office\Office12\1031\WWASUM.DLL"
Thu 26 Oct 2006 56,616 A..H. --- "C:\Program Files\Microsoft Office\Office12\1033\WWASUM.DLL"
Fri 27 Oct 2006 22,392 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\ACCDDSUI.DLL"
Fri 27 Oct 2006 17,840 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\ACCOLKI.DLL"
Fri 27 Oct 2006 187,720 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\ACCVDTUI.DLL"
Fri 27 Oct 2006 348,512 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\ACWIZRC.DLL"
Fri 27 Oct 2006 13,152 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\CERTINTL.DLL"
Fri 27 Oct 2006 20,880 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\CLVWINTL.DLL"
Fri 27 Oct 2006 28,472 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\ContactPickerIntl.dll"
Fri 27 Oct 2006 18,768 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\ENVELOPR.DLL"
Thu 26 Oct 2006 16,696 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\EXPTOOWS.DLL"
Fri 27 Oct 2006 188,728 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\GRINTL32.DLL"
Fri 27 Oct 2006 13,624 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\GRLEX.DLL"
Thu 26 Oct 2006 26,472 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\INFINTL.DLL"
Thu 26 Oct 2006 781,160 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\IPDSINTL.DLL"
Thu 26 Oct 2006 467,304 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\IPEDINTL.DLL"
Thu 26 Oct 2006 74,648 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\IPOLKINTL.DLL"
Thu 26 Oct 2006 465,200 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\MOR6INT.DLL"
Fri 27 Oct 2006 126,248 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\MSTINTL.DLL"
Thu 26 Oct 2006 112,992 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\OCLTINT.DLL"
Fri 27 Oct 2006 136,048 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\OISINTL.DLL"
Fri 27 Oct 2006 107,320 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\OMSINTL.DLL"
Fri 27 Oct 2006 280,352 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\OUTLWVW.DLL"
Fri 27 Oct 2006 967,472 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\PPINTL.DLL"
Fri 27 Oct 2006 425,800 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\PPVWINTL.DLL"
Fri 27 Oct 2006 105,240 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\QRYINT32.DLL"
Fri 27 Oct 2006 58,168 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\SLINTL.DLL"
Thu 26 Oct 2006 113,504 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\STSLISTI.DLL"
Thu 26 Oct 2006 70,504 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\STSUCRES.DLL"
Fri 27 Oct 2006 46,456 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\UmOutlookStrings.dll"
Thu 26 Oct 2006 129,336 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\VVIEWRES.DLL"
Tue 22 Aug 2006 154,384 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\WWASUM.DLL"
Thu 26 Oct 2006 1,060,648 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\WWINTL.DLL"
Fri 27 Oct 2006 1,909,560 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\XLINTL32.DLL"
Fri 27 Oct 2006 43,320 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\XLLEX.DLL"
Fri 27 Oct 2006 150,840 A..H. --- "C:\Program Files\Microsoft Office\Office12\1036\XLSLICER.DLL"
Tue 22 Aug 2006 555,848 A..H. --- "C:\Program Files\Microsoft Office\Office12\3082\WWASUM.DLL"
Thu 26 Oct 2006 94,016 A..H. --- "C:\Program Files\Microsoft Office\Office12\ADDINS\ACCOLK.DLL"
Thu 26 Oct 2006 7,168 A..H. --- "C:\Program Files\Microsoft Office\Office12\ADDINS\MSOSEC.DLL"
Thu 26 Oct 2006 344,064 A..H. --- "C:\Program Files\Microsoft Office\Office12\ADDINS\MSVCR71.DLL"
Thu 26 Oct 2006 81,920 A..H. --- "C:\Program Files\Microsoft Office\Office12\ADDINS\OTKLOADR.DLL"
Thu 26 Oct 2006 53,048 A..H. --- "C:\Program Files\Microsoft Office\Office12\ADDINS\OUTLVBA.DLL"
Fri 27 Oct 2006 436,512 A..H. --- "C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll"
Thu 26 Oct 2006 76,576 A..H. --- "C:\Program Files\Microsoft Office\Office12\CONVERT\RM.DLL"
Thu 26 Oct 2006 104,760 A..H. --- "C:\Program Files\Microsoft Office\Office12\CONVERT\TRANSMGR.DLL"
Fri 2 May 2008 3,493,888 A..H. --- "C:\Documents and Settings\User\Application Data\U3\temp\Launchpad Removal.exe"
Mon 10 Sep 2001 103,344 ...H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll"
Thu 26 Oct 2006 14,688 A..H. --- "C:\Program Files\Microsoft Office\MEDIA\OFFICE12\AUTOSHAP\AUTOSHAP.DLL"
Thu 26 Oct 2006 14,680 A..H. --- "C:\Program Files\Microsoft Office\MEDIA\OFFICE12\BULLETS\BULLETS.DLL"
Thu 26 Oct 2006 14,680 A..H. --- "C:\Program Files\Microsoft Office\MEDIA\OFFICE12\LINES\LINES.DLL"
Fri 27 Oct 2006 41,792 A..H. --- "C:\Program Files\Microsoft Office\Office12\CONVERT\1036\LOCALDV.DLL"
Fri 27 Oct 2006 15,184 A..H. --- "C:\Program Files\Microsoft Office\Office12\CONVERT\1036\TRANSMRR.DLL"
Thu 15 Mar 2001 24,576 ...H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\QT2.dll"
Thu 15 Mar 2001 32,768 ...H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\QT3.dll"
Thu 15 Mar 2001 36,864 ...H. --- "C:\Program Files\Adobe\Acrobat 5.0\Reader\plug_ins\Movie\QT4.dll"
Thu 19 Aug 2004 327,680 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Driver\WinXP\AP\MRV8KA51.SYS"
Thu 20 May 2004 258,560 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Driver\WinXP\STA\MRV8KA51.sys"
Thu 20 May 2004 258,432 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Driver\WL-138g\Win2K\MRV8KA50.sys"
Thu 20 May 2004 258,432 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Driver\WL-138g\Win98\MRV8KA50.sys"
Thu 20 May 2004 258,432 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Driver\WL-138g\WinME\MRV8KA50.sys"
Fri 27 Oct 2006 576,376 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACACEDAO.DLL"
Thu 26 Oct 2006 162,616 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACCWIZ.DLL"
Fri 27 Oct 2006 399,640 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CDLMSO.DLL"
Thu 26 Oct 2006 205,616 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CLVIEW.EXE"
Thu 26 Oct 2006 140,560 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CNFNOT32.EXE_0004"
Thu 26 Oct 2006 65,312 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\COLLIMP.DLL"
Fri 27 Oct 2006 133,936 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CONTAB32.DLL"
Thu 26 Oct 2006 189,760 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL"
Thu 26 Oct 2006 87,344 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\DLGSETP.DLL"
Fri 27 Oct 2006 392,456 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\EXSEC32.DLL_0001"
Thu 26 Oct 2006 2,526,520 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\GRAPH.EXE"
Thu 26 Oct 2006 173,328 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IEAWSDC.DLL"
Thu 26 Oct 2006 138,024 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IMPMAIL.DLL"
Fri 27 Oct 2006 1,439,032 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\INFOPATH.EXE"
Fri 27 Oct 2006 5,456,704 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IPDESIGN.DLL"
Fri 27 Oct 2006 5,281,592 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IPEDITOR.DLL"
Thu 26 Oct 2006 176,976 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IPOLK.DLL"
Thu 26 Oct 2006 828,704 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MEDCAT.DLL"
Thu 26 Oct 2006 340,248 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MIMEDIR.DLL"
Fri 27 Oct 2006 497,504 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MORPH9.DLL"
Fri 27 Oct 2006 10,371,880 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSACCESS.EXE"
Thu 26 Oct 2006 66,880 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSAEXP30.DLL"
Fri 27 Oct 2006 161,080 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSOCF.DLL"
Thu 26 Oct 2006 14,664 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSOCFU.DLL"
Thu 26 Oct 2006 428,816 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSODCW.DLL"
Thu 26 Oct 2006 672,024 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSQRY32.EXE"
Thu 26 Oct 2006 832,800 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSTORDB.EXE"
Thu 26 Oct 2006 538,904 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSTORES.DLL"
Thu 26 Oct 2006 65,824 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\NAME.DLL"
Fri 27 Oct 2006 14,151,456 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OART.DLL"
Thu 26 Oct 2006 7,033,152 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OFFOWC.DLL"
Thu 26 Oct 2006 274,744 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OIS.EXE"
Thu 26 Oct 2006 998,208 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OISAPP.DLL"
Thu 26 Oct 2006 285,008 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OISGRAPH.DLL"
Thu 26 Oct 2006 660,792 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OMSMAIN.DLL"
Thu 26 Oct 2006 192,848 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OMSXP32.DLL"
Wed 26 Jul 2006 459,080 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL"
Fri 27 Oct 2006 594,256 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLMIME.DLL"
Fri 27 Oct 2006 176,976 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLPH.DLL"
Fri 27 Oct 2006 46,864 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLRPC.DLL"
Thu 26 Oct 2006 58,160 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLVBS.DLL_0001"
Thu 26 Oct 2006 798,520 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OWSCLT.DLL_0001"
Thu 26 Oct 2006 140,608 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OWSSUPP.DLL_0001"
Fri 27 Oct 2006 465,200 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\POWERPNT.EXE"
Fri 27 Oct 2006 7,980,848 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPCORE.DLL"
Thu 26 Oct 2006 2,012,480 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPTVIEW.EXE"
Thu 26 Oct 2006 136,008 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PRTF9.DLL"
Thu 26 Oct 2006 413,472 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PSTPRX32.DLL"
Fri 27 Oct 2006 624,456 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PTXT9.DLL"
Thu 26 Oct 2006 38,168 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\REFEDIT.DLL"
Thu 26 Oct 2006 744,808 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\REGFORM.EXE"
Thu 26 Oct 2006 503,624 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SELFCERT.EXE"
Thu 26 Oct 2006 502,608 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SOA.DLL"
Fri 28 Jul 2006 277,320 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SSGEN.DLL"
Fri 27 Oct 2006 2,330,968 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\STSLIST.DLL"
Thu 26 Oct 2006 1,841,984 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL"
Thu 26 Oct 2006 3,732,792 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\VVIEWER.DLL"
Fri 27 Oct 2006 347,432 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WINWORD.EXE"
Thu 26 Oct 2006 11,072 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\XLCALL32.DLL"
Thu 26 Oct 2006 2,204,528 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F10090400000000000F01FEC\12.0.4518\NLSLEX.DLL_1033"
Thu 26 Oct 2006 6,253,936 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F10090400000000000F01FEC\12.0.4518\NLSMODEL.DLL_1033"
Fri 27 Oct 2006 1,363,792 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\000021095100C0400000000000F01FEC\12.0.4518\MSAIN.DLL_1036"
Thu 26 Oct 2006 6,264,624 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\000021099100C0400000000000F01FEC\12.0.4518\PUB6INTL.DLL_1036"
Thu 26 Oct 2006 441,136 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\000021099100C0400000000000F01FEC\12.0.4518\PUBWZINT.DLL_1036"
Fri 27 Oct 2006 1,326,888 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109A100C0400000000000F01FEC\12.0.4518\MAPIR.DLL_1036"
Fri 27 Oct 2006 6,059,312 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109A100C0400000000000F01FEC\12.0.4518\OUTLLIBR.DLL_1036"
Fri 27 Oct 2006 645,952 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109E600C0400000000000F01FEC\12.0.4518\OFFOWCI.DLL_1036"
Thu 26 Oct 2006 7,173,992 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F10070400000000000F01FEC\12.0.4518\NLSLEX.DLL_1031"
Thu 26 Oct 2006 6,911,336 A..HR --- "C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F10070400000000000F01FEC\12.0.4518\NLSMODEL.DLL_1031"
Thu 19 Aug 2004 327,680 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Driver\WL-138g\WinXP\AP\MRV8KA51.SYS"
Thu 20 May 2004 258,560 A..H. --- "C:\Program Files\ASUS\WLAN Card Utilities\Driver\WL-138g\WinXP\STA\MRV8KA51.sys"
[b]Finished![/b]
télécharge malwarbyte http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebytes anti malware
a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher
Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
A la fin du scan clique sur Afficher les résultats
Suppression des éléments détectés >>>> clique sur Supprimer la sélection ou supprimer tout
S'il t'es demandé de redémarrer >>> clique sur "Yes"
Et tu poste le rapport générer
et on attendant une réponse tu peut refaire un scan malwarbyte mais on mode sans échec car beaucoup plus efficace
comment démarrer on mode sans échec ici tuto http://www.infos-du-net.com/forum/272325-11-tuto-demarrer-mode-echec
tu enregistre le rapport générer de façon a le retrouver et tu poste le nouveau rapport
a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher
Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
A la fin du scan clique sur Afficher les résultats
Suppression des éléments détectés >>>> clique sur Supprimer la sélection ou supprimer tout
S'il t'es demandé de redémarrer >>> clique sur "Yes"
Et tu poste le rapport générer
et on attendant une réponse tu peut refaire un scan malwarbyte mais on mode sans échec car beaucoup plus efficace
comment démarrer on mode sans échec ici tuto http://www.infos-du-net.com/forum/272325-11-tuto-demarrer-mode-echec
tu enregistre le rapport générer de façon a le retrouver et tu poste le nouveau rapport
j ai une carte mère asus et
A noter: Sur certaines cartes mère (asus) F8 correspond à un menu de démarrage. Dans ce cas, sélectionner le disque de démarrage et refaire aussitôt F8 pour avoir le menu windows complet... ou faire directement F5 pour le mode sans échec uniquement.
Il se peut que vous ayez à valider via la touche "Entrée" une nouvelle fois si le message "Choisissez le système d'exploitation à démarrer" apparait. De même, lors de l'arrivée sur le bureau, un message peut vous demander de confirmer que vous souhaitez continuer à travailler en mode sans échec.
L'apparence des fenêtres, des icônes et du bureau est modifiée, ceci est tout à fait normal en mode sans
A noter: Sur certaines cartes mère (asus) F8 correspond à un menu de démarrage. Dans ce cas, sélectionner le disque de démarrage et refaire aussitôt F8 pour avoir le menu windows complet... ou faire directement F5 pour le mode sans échec uniquement.
Il se peut que vous ayez à valider via la touche "Entrée" une nouvelle fois si le message "Choisissez le système d'exploitation à démarrer" apparait. De même, lors de l'arrivée sur le bureau, un message peut vous demander de confirmer que vous souhaitez continuer à travailler en mode sans échec.
L'apparence des fenêtres, des icônes et du bureau est modifiée, ceci est tout à fait normal en mode sans
voilà c est fait il n a rien trouvé mais je l aivait déja fait en mode normal de windows il y a t il une suite ??
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07:19, on 8/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\program files\steam\steamapps\antouvda\counter-strike source\hl2.exe
C:\program files\steam\GameOverlayUI.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
R3 - URLSearchHook: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [RemoveWGA] H:\crack winxp\RemoveWGA.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: RAID Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5D85E58-1E4F-4DD5-BA1C-D2D80EC3A778}: NameServer = 195.238.2.22,195.238.2.21
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: MySQL - Unknown owner - C:\PROGRA~1\EASYPH~1.0B1\MySql\bin\mysqld.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Scan saved at 20:07:19, on 8/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\program files\steam\steamapps\antouvda\counter-strike source\hl2.exe
C:\program files\steam\GameOverlayUI.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
R3 - URLSearchHook: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FRANCE version Toolbar - {bc5031f9-2097-44f1-8979-74947557d6ce} - C:\Program Files\FRANCE_version\tbFRA1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [RemoveWGA] H:\crack winxp\RemoveWGA.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: RAID Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5D85E58-1E4F-4DD5-BA1C-D2D80EC3A778}: NameServer = 195.238.2.22,195.238.2.21
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: MySQL - Unknown owner - C:\PROGRA~1\EASYPH~1.0B1\MySql\bin\mysqld.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
