Aller au contenu

cayli

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    58

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par cayli

  1. cayli
    Merci pour ton aide. Voici le rapport: Search Navipromo version 3.5.1 commencé le 24/03/2008 à 16:33:52,06 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Jérémy ameline" Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 *** *** Recherche dossiers dans "C:\Documents and Settings\Jérémy ameline\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Jérémy ameline\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Jérémy ameline\menudm~1\progra~1" *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\Documents and Settings\Jérémy ameline\Local Settings\Application Data\kbphqsy.dat C:\Documents and Settings\Jérémy ameline\Local Settings\Application Data\kbphqsy.exe C:\Documents and Settings\Jérémy ameline\Local Settings\Application Data\kbphqsy_nav.dat C:\Documents and Settings\Jérémy ameline\Local Settings\Application Data\kbphqsy_navps.dat *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans "C:\Documents and Settings\Jérémy ameline\locals~1\applic~1" * Fichiers suspects : kbphqsy.exe trouvé ! * Recherche dans "C:\docume~1\Administrateur\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans C:\WINDOWS\system32 : * Dans "C:\Documents and Settings\Jérémy ameline\locals~1\applic~1" : kbphqsy.dat trouvé ! * Dans "C:\docume~1\Administrateur\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 24/03/2008 à 16:37:36,71 ***
  2. cayli
    Bonjour! Alors mon copain a un problème sur son ordinateur. Lors de surf sur Internet (Firefox), des fenêtres publicitaires s'ouvrent. Il a utilisé à plusieurs reprises Spybot, Adware SE personal, et AVG anti spyware, mais le problème persiste. J'ai suivi la procédure péliminaire à toute demande d'analyse du rapport d'hijackthis. Antivir n'a rien trouvé. Merci pour votre aide. Voici le rapport HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:03:53, on 23/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\Apoint\Apntex.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Documents and Settings\Jérémy ameline\Mes documents\WinZip\WZQKPICK.EXE C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe O4 - HKLM\..\Run: [switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WinZip Quick Pick.lnk = ? O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: Ajouter un site de support RSS à VAIO Information FLOW - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Transfert par Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/ O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- End of file - 11793 bytes
  3. cayli
    Bonjour! Même en affichant les dossiers cachés, je ne trouve pas le dossier Tk9FIA En ce qui concerne les cracks, je sais qu'il sont très néfastes mais je ne suis pas responsable de leur présence. (ce n'est pas mon ordinateur personnel) Par contre je ne sais pas si le disque dur a été défragmenté. Je vais le faire, on ne sais jamais. Sinon, oui j'aimerais bien désactiver les applications qui se lancent au démarrage de windows et qui monopolisent des ressources Merci
  4. cayli
    Bonsoir! Je 'ai pas trouver le fichier C:\WINDOWS\Tk9FIA En ce qui concerne les problèmes rencontrés avant la désinfection:L'UC n'est plus à 100% mais le PC a un temps de réaction toujours aussi lent. Les pages prennent du temps pour s'ouvrir. Voici les rapports DiagHelp DiagHelp version v1.1.2 - http://www.malekal.com excute le 25/06/2007 à 23:54:57,59 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\fwdrv.err -->19/06/2007 15:20:02 C:\WINDOWS\System32/drivers\AvgAsCln.sys -->30/05/2007 14:10:42 C:\WINDOWS\System32/drivers\aswmon.sys -->30/04/2007 17:41:55 C:\WINDOWS\System32/drivers\aswmon2.sys -->30/04/2007 17:41:42 C:\WINDOWS\System32/drivers\aswRdr.sys -->30/04/2007 17:39:41 C:\WINDOWS\System32/drivers\aswTdi.sys -->30/04/2007 17:38:51 C:\WINDOWS\System32/drivers\aavmker4.sys -->30/04/2007 17:37:23 C:\WINDOWS\System32\wpa.dbl -->25/06/2007 23:33:15 C:\WINDOWS\System32\CONFIG.NT -->05/05/2007 14:33:24 C:\WINDOWS\System32\perfh00C.dat -->05/05/2007 14:30:15 C:\WINDOWS\System32\perfh009.dat -->05/05/2007 14:30:15 C:\WINDOWS\System32\perfc00C.dat -->05/05/2007 14:30:15 C:\WINDOWS\System32\perfc009.dat -->05/05/2007 14:30:15 C:\WINDOWS\System32\PerfStringBackup.INI -->05/05/2007 14:30:14 C:\WINDOWS\System32\aswBoot.exe -->30/04/2007 17:46:10 C:\WINDOWS\System32\AVASTSS.scr -->30/04/2007 17:35:28 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->26/04/2007 22:34:42 C:\WINDOWS\System32\FNTCACHE.DAT -->16/03/2007 20:10:15 C:\WINDOWS\System32\javaws.exe -->14/03/2007 02:04:46 C:\WINDOWS\System32\javacpl.cpl -->14/03/2007 02:04:46 C:\WINDOWS\System32\javaw.exe -->14/03/2007 00:31:28 C:\WINDOWS\System32\java.exe -->14/03/2007 00:31:24 C:\WINDOWS\System32\jupdate-1.5.0_11-b03.log -->06/03/2007 00:58:57 C:\WINDOWS\System32\ff_vfw.dll -->21/02/2007 22:00:28 C:\WINDOWS\System32\wmv9vcm.dll -->20/01/2007 22:26:06 C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -->19/12/2006 12:08:25 C:\WINDOWS\System32\jupdate-1.5.0_09-b03.log -->19/12/2006 12:05:38 C:\WINDOWS\System32\xvidvfw.dll -->01/11/2006 15:54:30 C:\WINDOWS\System32\xvidcore.dll -->01/11/2006 15:52:38 C:\WINDOWS\System32\zllictbl.dat -->28/09/2006 11:21:45 C:\WINDOWS\System32\bacbda_s.ocx -->04/07/2006 21:31:41 C:\WINDOWS\System32\addcc3_s.dll -->04/07/2006 21:31:41 C:\WINDOWS\ntbtlog.txt -->25/06/2007 23:40:09 C:\WINDOWS.log -->25/06/2007 23:35:18 C:\WINDOWS\wiadebug.log -->25/06/2007 23:34:39 C:\WINDOWS\wiaservc.log -->25/06/2007 23:34:38 C:\WINDOWS\Sti_Trace.log -->25/06/2007 23:34:37 C:\WINDOWS\bootstat.dat -->25/06/2007 23:33:13 C:\WINDOWS\SchedLgU.Txt -->24/06/2007 13:03:56 C:\WINDOWS\win.ini -->19/06/2007 16:25:09 C:\WINDOWS\system.ini -->19/06/2007 16:25:09 C:\WINDOWS\mozver.dat -->19/12/2006 11:54:13 C:\WINDOWS\wininit.ini -->14/07/2006 16:08:53 C:\WINDOWS\msoffice.ini -->14/07/2006 16:08:43 C:\WINDOWS\adiras.ini -->30/06/2006 21:56:19 C:\WINDOWS\WMSysPr9.prx -->29/06/2006 23:13:19 C:\WINDOWS\nsreg.dat -->29/06/2006 22:41:22 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\system 10/09/1999 13:06 4 672 Wowpost.exe 1 fichier(s) 4 672 octets 0 Rép(s) 468 770 816 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\system32 28/08/2001 14:00 4 096 csrss.exe 1 fichier(s) 4 096 octets 0 Rép(s) 468 770 816 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\Downloaded Program Files 19/06/2007 16:36 <REP> . 19/06/2007 16:36 <REP> .. 18/02/2006 22:14 65 desktop.ini 08/08/2006 11:45 576 kavwebscan.inf 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 08/10/2004 17:01 372 736 MsnPUpld.dll 08/10/2004 17:13 587 MSNPupld.inf 22/09/2004 16:59 110 592 PURen-us.dll 15/10/2004 08:59 110 592 PURfr-xx.dll 09/11/2006 15:36 5 019 swflash.inf 8 fichier(s) 601 329 octets Total des fichiers listés : 8 fichier(s) 601 329 octets 2 Rép(s) 468 766 720 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-25 23:56:49 Windows 5.1.2600 NTFS scanning hidden files ... scan completed successfully hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 460 - ashWebSv.exe 532 - kpf4gui.exe 620 - alg.exe 648 - guard.exe 712 - kpf4ss.exe 872 - csrss.exe 896 - winlogon.exe 940 - services.exe 952 - lsass.exe 1108 - svchost.exe 1132 - svchost.exe 1432 - svchost.exe 1480 - kpf4gui.exe 1584 - explorer.exe 1608 - sgbhp.exe 1724 - ashServ.exe 1816 - CFD.exe 1864 - MotiveSB.exe 1908 - McciTrayApp.exe 1916 - ashDisp.exe 1932 - avgas.exe 1940 - ctfmon.exe 1948 - msmsgs.exe 2004 - sgmain.exe 2572 - ashMaiSv.exe 3224 - cmd.exe 4072 - firefox.exe Total number of processes = 28 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D0000 - \WINDOWS\system32\ntoskrnl.exe 806B5000 - \WINDOWS\system32\hal.dll F9761000 - \WINDOWS\system32\KDCOM.DLL F9671000 - \WINDOWS\system32\BOOTVID.dll F9214000 - ACPI.sys F9763000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F9261000 - pci.sys F9271000 - isapnp.sys F9765000 - intelide.sys F94E1000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F9281000 - MountMgr.sys F91F5000 - ftdisk.sys F9767000 - dmload.sys F91D1000 - dmio.sys F94E9000 - PartMgr.sys F9291000 - VolSnap.sys F91BB000 - atapi.sys F92A1000 - disk.sys F92B1000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F91A9000 - sr.sys F92C1000 - PxHelp20.sys F9195000 - KSecDD.sys F9112000 - Ntfs.sys F90EA000 - NDIS.sys F90D0000 - Mup.sys F8D01000 - \SystemRoot\System32\DRIVERS\i81xnt5.sys F93D1000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F8CE4000 - \SystemRoot\System32\DRIVERS\e100b325.sys F93E1000 - \SystemRoot\System32\DRIVERS\i8042prt.sys F9541000 - \SystemRoot\System32\DRIVERS\mouclass.sys F9549000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F8CD1000 - \SystemRoot\System32\DRIVERS\parport.sys F93F1000 - \SystemRoot\System32\DRIVERS\serial.sys F9701000 - \SystemRoot\System32\DRIVERS\serenum.sys F9551000 - \SystemRoot\System32\DRIVERS\fdc.sys F9401000 - \SystemRoot\System32\DRIVERS\cdrom.sys F9411000 - \SystemRoot\System32\DRIVERS\redbook.sys F8CB1000 - \SystemRoot\System32\DRIVERS\ks.sys F9559000 - \SystemRoot\System32\DRIVERS\usbuhci.sys F8C92000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F8C7A000 - \SystemRoot\system32\drivers\ac97intc.sys F8C59000 - \SystemRoot\system32\drivers\portcls.sys F9421000 - \SystemRoot\system32\drivers\drmk.sys F9431000 - \SystemRoot\System32\DRIVERS\p3.sys F9933000 - \SystemRoot\System32\DRIVERS\audstub.sys F9441000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F9725000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F8C43000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F9451000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F9461000 - \SystemRoot\System32\DRIVERS\raspptp.sys F9729000 - \SystemRoot\System32\DRIVERS\TDI.SYS F8C32000 - \SystemRoot\System32\DRIVERS\psched.sys F9471000 - \SystemRoot\System32\DRIVERS\msgpc.sys F9561000 - \SystemRoot\System32\DRIVERS\ptilink.sys F9569000 - \SystemRoot\System32\DRIVERS\raspti.sys F8C05000 - \SystemRoot\System32\DRIVERS\rdpdr.sys F9481000 - \SystemRoot\System32\DRIVERS\termdd.sys F993F000 - \SystemRoot\System32\DRIVERS\swenum.sys F8B43000 - \SystemRoot\System32\DRIVERS\update.sys F94C1000 - \SystemRoot\System32\Drivers\NDProxy.SYS F95B9000 - \SystemRoot\System32\DRIVERS\flpydisk.sys F92F1000 - \SystemRoot\System32\DRIVERS\usbhub.sys F9789000 - \SystemRoot\System32\DRIVERS\USBD.SYS F46B1000 - \SystemRoot\System32\DRIVERS\zd1211Bu.sys F9791000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F997D000 - \SystemRoot\System32\Drivers\Null.SYS F9793000 - \SystemRoot\System32\Drivers\Beep.SYS F997E000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys F95C9000 - \SystemRoot\System32\drivers\vga.sys F9795000 - \SystemRoot\System32\Drivers\mnmdd.SYS F9797000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F45B2000 - \SystemRoot\system32\drivers\fwdrv.sys F95D1000 - \SystemRoot\System32\Drivers\Msfs.SYS F95D9000 - \SystemRoot\System32\Drivers\Npfs.SYS F96F5000 - \SystemRoot\System32\DRIVERS\rasacd.sys F9301000 - \SystemRoot\System32\DRIVERS\ipsec.sys F4562000 - \SystemRoot\System32\DRIVERS\tcpip.sys F9311000 - \SystemRoot\System32\Drivers\aswTdi.SYS F453D000 - \SystemRoot\System32\DRIVERS\netbt.sys F9321000 - \SystemRoot\System32\DRIVERS\netbios.sys F4515000 - \SystemRoot\System32\DRIVERS\rdbss.sys F4489000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys F4474000 - \SystemRoot\system32\drivers\khips.sys F9331000 - \SystemRoot\System32\DRIVERS\wanarp.sys F9351000 - \SystemRoot\System32\Drivers\Fips.SYS F999D000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys F95F1000 - \SystemRoot\System32\Drivers\Aavmker4.SYS F93C1000 - \SystemRoot\System32\Drivers\Cdfs.SYS F43BE000 - \SystemRoot\System32\Drivers\dump_atapi.sys F97B3000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \??\C:\WINDOWS\system32\win32k.sys F4A5B000 - \??\C:\WINDOWS\system32\watchdog.sys BFF80000 - \SystemRoot\System32\drivers\dxg.sys F98E3000 - \SystemRoot\System32\drivers\dxgthk.sys BFEE0000 - \SystemRoot\System32\i81xdnt5.dll F423E000 - \SystemRoot\System32\drivers\afd.sys F9749000 - \SystemRoot\System32\DRIVERS\ndisuio.sys F40E8000 - \SystemRoot\System32\Drivers\aswMon2.SYS F3C5D000 - \SystemRoot\System32\DRIVERS\mrxdav.sys F3C49000 - \SystemRoot\system32\drivers\wdmaud.sys F417E000 - \SystemRoot\system32\drivers\sysaudio.sys F97D1000 - \SystemRoot\System32\Drivers\ParVdm.SYS F3D64000 - \SystemRoot\System32\Drivers\Aspi32.SYS F9942000 - \??\C:\WINDOWS\System32\STEC3.sys F3A95000 - \SystemRoot\System32\DRIVERS\srv.sys F391A000 - \SystemRoot\System32\DRIVERS\ipnat.sys F9529000 - \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS F3836000 - \SystemRoot\System32\Drivers\aswRdr.SYS F99A5000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 109 Liste des programmes installes Ad-Aware SE Personal Adaptateur IEEE 802.11g Sans-Fil USB Adobe Acrobat 5.0 Adobe Flash Player 9 ActiveX Adobe Photoshop CS ArcSoft PhotoStudio 5.5 avast! Antivirus AVG Anti-Spyware 7.5 Barre d'outils MSN BroadJump Client Foundation Canon MP Navigator 2.0 Canon MP170 Canon Utilities Easy-PhotoPrint CCleaner (remove only) Club Internet Agent Wi-Fi V2.1 Codeur Windows Media Série 9 Codeur Windows Media Série 9 Configurateur Modem Easy-WebPrint EasyCleaner eMule HijackThis 1.99.1 Installation Adaptateur USB sans fil Club-Internet IrfanView (remove only) J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 Java SE Runtime Environment 6 Update 1 jv16 PowerTools 1.3 K-Lite Codec Pack 2.86 Full BETA2 Kaspersky Online Scanner LE COMPAGNON CLUB Lecteur Windows Media 10 Microsoft Office XP Professional avec FrontPage Mozilla Firefox (1.5.0.12) MSN Messenger 7.5 Music Manager MuVo Driver OmniPage SE 2.0 QuickTime QuickTime SAGEM F@st 800-840 Shareaza version 2.2.1.0 Spybot - Search & Destroy 1.4 SpywareGuard v2.2 Sunbelt Kerio Personal Firewall WebFldrs XP Windows Media Format Runtime Windows XP Hotfix (SP1) [see Q317181 for more information] WinRAR archiver Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files 19/06/2007 16:36 <REP> . 19/06/2007 16:36 <REP> .. 03/12/2006 16:41 <REP> Adobe 14/02/2007 19:07 <REP> Alwil Software 06/09/2006 18:30 <REP> ArcSoft 29/06/2006 19:53 <REP> BroadJump 25/05/2006 17:40 <REP> Canon 29/06/2006 22:43 <REP> CCleaner 08/02/2007 17:12 <REP> Club-Internet 29/06/2006 19:57 <REP> Common Files 26/04/2007 22:42 <REP> Creative 16/03/2007 22:57 <REP> DIKO 19/03/2007 00:38 <REP> DivX 15/03/2007 19:24 <REP> DLA 15/06/2007 20:23 <REP> eMule 24/06/2007 12:13 <REP> Fichiers communs 19/06/2007 15:10 <REP> Grisoft 04/05/2007 00:24 <REP> Hijackthis 18/02/2006 22:14 <REP> Internet Explorer 30/03/2007 01:30 <REP> IrfanView 26/04/2007 22:34 <REP> Java 06/03/2007 14:14 <REP> jv16 PowerTools 19/03/2007 00:54 <REP> K-Lite Codec Pack 29/06/2006 22:47 <REP> Lavasoft 26/05/2006 21:11 <REP> Messenger 18/02/2006 22:17 <REP> microsoft frontpage 18/02/2006 22:18 <REP> Microsoft Office 08/02/2007 17:09 <REP> Motive 18/02/2006 22:13 <REP> Movie Maker 25/06/2007 23:47 <REP> Mozilla Firefox 18/02/2006 22:11 <REP> MSN 30/06/2006 00:18 <REP> MSN Apps 18/02/2006 22:10 <REP> MSN Gaming Zone 02/07/2006 12:44 <REP> MSN Messenger 12/07/2006 12:48 <REP> Music Manager 18/02/2006 22:12 <REP> NetMeeting 06/09/2006 19:08 <REP> Nikon 18/02/2006 22:12 <REP> Outlook Express 20/01/2007 14:45 <REP> QuickTime 25/05/2006 17:41 <REP> ScanSoft 18/02/2006 22:14 <REP> Services en ligne 01/07/2006 23:35 <REP> Shareaza 04/05/2007 15:18 <REP> Spybot - Search & Destroy 20/01/2007 14:45 <REP> Spybott - Search & Destroy 12/07/2006 12:53 <REP> SpywareGuard 14/02/2007 19:16 <REP> Sunbelt Software 14/07/2006 16:01 <REP> ToniArts 16/03/2007 00:34 <REP> VSO 04/07/2006 20:35 <REP> Windows Media Components 20/01/2007 14:45 <REP> Windows Media Player 18/02/2006 22:10 <REP> Windows NT 19/03/2007 14:51 <REP> WinISO 04/05/2007 00:24 <REP> WinRAR 08/02/2007 16:59 <REP> WLAN 18/02/2006 22:17 <REP> xerox 26/04/2007 22:33 <REP> Yahoo! 0 fichier(s) 0 octets 56 Rép(s) 430 813 184 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\fichiers communs 24/06/2007 12:13 <REP> . 24/06/2007 12:13 <REP> .. 03/12/2006 16:47 <REP> Adobe 03/12/2006 16:50 <REP> Adobe Systems Shared 18/02/2006 22:19 <REP> Designer 12/07/2006 12:29 <REP> InstallShield 19/12/2006 12:03 <REP> Java 29/06/2006 23:53 <REP> Microsoft Shared 08/02/2007 16:50 <REP> Motive 18/02/2006 22:12 <REP> MSSoap 08/09/2006 21:00 <REP> muvee Technologies 08/09/2006 21:00 <REP> Nikon 11/07/2006 21:16 <REP> ScanSoft Shared 18/02/2006 22:12 <REP> Services 18/02/2006 22:02 <REP> SpeechEngines 18/02/2006 22:18 <REP> System 0 fichier(s) 0 octets 16 Rép(s) 430 809 088 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 18/02/2006 22:19 <REP> . 18/02/2006 22:19 <REP> .. 18/02/2006 22:19 <REP> 1033 18/02/2006 22:18 <REP> 1036 15/02/2001 06:45 1 318 912 MSONSEXT.DLL 13/02/2001 09:23 58 784 MSOSV.DLL 03/06/1999 15:09 122 937 MSOWS409.DLL 07/03/2001 10:00 127 033 MSOWS40c.DLL 06/08/2000 10:04 401 462 MSVCP60.DLL 22/01/2001 04:25 69 632 PKMAXCTL.DLL 22/01/2001 04:25 872 448 PKMCDO.DLL 22/01/2001 04:25 159 744 PKMCORE.DLL 07/02/2001 10:59 106 496 PKMFORMS.DLL 12/02/2001 05:03 684 032 PKMRES.DLL 22/01/2001 04:25 28 672 PKMSSTLB.DLL 22/01/2001 04:25 40 960 PKMTEMPL.DLL 22/01/2001 04:25 24 576 PKMTRACE.DLL 22/01/2001 04:25 86 016 PKMWS.DLL 22/01/2001 04:25 237 568 PROMDEMO.DLL 22/01/2001 04:25 184 320 SECMGR.DLL 22/01/2001 04:25 323 584 VAIDDMGR.DLL 22/01/2001 04:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 430 809 088 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\common files 29/06/2006 19:57 <REP> . 29/06/2006 19:57 <REP> .. 08/02/2007 17:12 <REP> Motive 0 fichier(s) 0 octets 3 Rép(s) 430 809 088 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\ 12/05/2007 18:22 68 096 diff.exe 12/05/2007 18:22 103 424 grep.exe 21/02/2006 20:22 7 249 Installer.exe 3 fichier(s) 178 769 octets 0 Rép(s) 430 809 088 octets libres c:\Documents and Settings\NEO\Application Data\ezpinst.exe c:\Documents and Settings\NEO\Application Data\Nikon\Message Center\DOWNLOAD_LOG\11914\S-P2____-161WU-EURFR.exe c:\Documents and Settings\NEO\Bureau\avgas-setup-7.5.1.43.exe c:\Documents and Settings\NEO\Bureau\BrancheMoi.exe c:\Documents and Settings\NEO\Bureau\Firefox Setup 2.0.0.4.exe c:\Documents and Settings\NEO\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\DivXInstaller.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\kerio-personal-firewall_kerio_personal_firewall_4.3.268_francais_11071.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\klcodec286fbeta2.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\VirtualDub_Traduction_francais_pour_v1.5.4.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\WinISO\WinISO v5.3.exe c:\Documents and Settings\NEO\Bureau\SDFix\Catchme.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\cliptext.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\download.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\LS.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\MD5File.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\MoveEx.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\Process.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\RegDACL.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\RestartIt!.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\sc.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\SF.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\shutdown.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\swreg.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\swsc.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\unzip.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\zip.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\Replace\W2K.exe c:\Documents and Settings\NEO\Bureau\SDFix\apps\Replace\XP.exe c:\Documents and Settings\NEO\Bureau\SDFix\backups\attrib.exe c:\Documents and Settings\NEO\Bureau\SDFix\backups\find.exe c:\Documents and Settings\NEO\Bureau\SDFix\backups\findstr.exe c:\Documents and Settings\NEO\Bureau\SDFix\backups\regedit.exe c:\Documents and Settings\NEO\Mes documents\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\NEO\Mes documents\ATF-Cleaner.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\blindman.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\SpybotSD.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\TeaTimer.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\unins000.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\Update.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\USMT\iconlib.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll c:\Documents and Settings\NEO\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll ****** Fin du rapport DiagHelp Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 00:39:19, on 26/06/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\System32\cmd.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\NEO\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Workflow] D:\install\Workflow.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
  5. cayli
    Bonjour! Désolée pour le temps énorme que j'ai pris pour vous répondre. J'ai dû m'absenter. Alors voici les deux rapports Le rapport AVG Anti-Spyware --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 16:18:44 19/06/2007 + Résultat de l'analyse: C:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\WinISO\WinISO_crk.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine). C:\Program Files\eMule\Incoming\WinRAR.v3.51+ crack\crack.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Tk9FIA\n46IKE.vbs -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine). Fin du rapport Le rapport Kaspersky ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Tuesday, June 19, 2007 6:11:26 PM Système d'exploitation : Microsoft Windows XP Professional, (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 19/06/2007 Enregistrements dans la base antivirus Kaspersky : 327645 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: standard Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Poste de travail: A:\ C:\ D:\ Statistiques de l'analyse: Total d'objets analysés: 29766 Nombre de virus trouvés: 2 Nombre d'objets infectés: 2 / 0 Nombre d'objets suspects: 6 Durée de l'analyse: 01:21:44 Nom de l'objet infecté / Nom du virus / Dernière action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommandService4.zip/DR21206.exe Suspect : Password-protected-EXE ignoré C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommandService4.zip ZIP: suspect - 1 ignoré C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommandService5.zip/winsysupd10.exe Suspect : Password-protected-EXE ignoré C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CommandService5.zip ZIP: suspect - 1 ignoré C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip/drsmartload1.exe Suspect : Password-protected-EXE ignoré C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip ZIP: suspect - 1 ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\cert8.db L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\formhistory.dat L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\history.dat L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\key3.db L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\parent.lock L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Application Data\Mozilla\Firefox\Profiles\6f7m5vi7.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Temp\~DF2BD6.tmp L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Temp\~DF7D43.tmp L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Temp\~DFAD1A.tmp L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Temp\~DFAD2B.tmp L'objet est verrouillé ignoré C:\Documents and Settings\NEO\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NEO\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NEO\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré C:\Program Files\Club-Internet\Le Compagnon Club\log\mpbtn.log L'objet est verrouillé ignoré C:\SDFix\backups\backups.zip/backups/i Infecté : Trojan-Downloader.BAT.Ftp.ab ignoré C:\SDFix\backups\backups.zip ZIP: infecté - 1 ignoré C:\System Volume Information\_restore{AB1A63A7-4EB0-4FF6-81D5-CA6C567CB5D3}\RP314\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\oakley.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\DEFAULT.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SOFTWARE.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SYSTEM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_608.dat L'objet est verrouillé ignoré C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré Analyse terminée. Merci
  6. cayli
    Bonjour! J'ai bien suivi la procédure, mais je n'ai pas trouvé cette ligne dans le scan d'Hijackthis: O4 - HKLM\..\RunServices: [Laord service] awsdelf.exe J'ai quand même coché cette ligne O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k Et j'ai cliqué sur Fix checked Sinon voici les deux rapports que tu m'as demandé de poster. Le rapport SDFix SDFix: Version 1.82 Run by NEO - 05/05/2007 - 14:12:14,43 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\NEO\Bureau\SDFix Safe Mode: Checking Services: Name: Windows Kernel ImagePath: "C:\WINDOWS\krnl386.exe" Windows Kernel - Deleted Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: No Trojan Files Found... Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Remaining Files: --------------- Checking For Files with Hidden Attributes: C:\Program Files\Canon\MP Navigator 2.0\uinstrsc.dll C:\WINDOWS\system32\addcc3_s.dll C:\Program Files\Canon\MP Navigator 2.0\Maint.exe C:\Documents and Settings\NEO\Mes documents\~WRL0002.tmp C:\Documents and Settings\NEO\Mes documents\~WRL0004.tmp C:\Documents and Settings\NEO\Mes documents\~WRL0979.tmp C:\Documents and Settings\NEO\Mes documents\~WRL2360.tmp C:\Documents and Settings\NEO\Mes documents\~WRL3452.tmp C:\Documents and Settings\NEO\Mes documents\~WRL3877.tmp C:\WINDOWS\LastGood.Tmp\INF\oem1.inf C:\WINDOWS\LastGood.Tmp\INF\oem1.PNF Finished Le rapport hijackthis StartupList report, 05/05/2007, 14:58:25 StartupList version: 1.52.2 Started from : C:\Documents and Settings\NEO\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.EXE Detected: Windows XP (WinNT 5.01.2600) Detected: Internet Explorer v6.00 (6.00.2600.0000) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SpywareGuard\sgmain.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\NEO\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\NEO\Menu Démarrer\Programmes\Démarrage] SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run OpwareSE2 = "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" BJCFD = C:\Program Files\BroadJump\Client Foundation\CFD.exe QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" Workflow = D:\install\Workflow.exe Motive SmartBridge = C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe Club-Internet_McciTrayApp = C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background ccleaner = "C:\Program Files\CCleaner\ccleaner.exe" /AUTO -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}] * StubPath = rundll32 iesetup.dll,IEAccessUserInst -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\Program Files\SpywareGuard\dlprotect.dll - {4A368E80-174F-4872-96B5-0B27DDD11DB2} (no name) - C:\PROGRA~1\SPYBOT~2\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} (no name) - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [Microsoft XML Parser for Java] OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd [{321FB770-1FBE-4BFE-BDC1-6F622D4FA497}] CODEBASE = https://activation.club-internet.fr/wizlet/...ntrols/root.exe [MSN Photo Upload Tool] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll CODEBASE = http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.5.0_10] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [Java Plug-in 1.5.0_11] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Service d'installation du pilote audio Intel® 82801 (WDM): system32\drivers\ac97intc.sys (manual start) Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) General Purpose USB Driver (adildr.sys): System32\Drivers\adildr.sys (autostart) USB ADSL WAN Adapter: System32\DRIVERS\adiusbaw.sys (manual start) Adobe LM Service: "C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe" (manual start) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (autostart) Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart) avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start) avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: C:\WINDOWS\System32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (manual start) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Pilote de carte Intel ® PRO: System32\DRIVERS\e100b325.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) Firewall Driver: \SystemRoot\system32\drivers\fwdrv.sys (system) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) i81x: System32\DRIVERS\i81xnt5.sys (manual start) iAimFP0: System32\DRIVERS\wADV01nt.sys (manual start) iAimFP1: System32\DRIVERS\wADV02NT.sys (manual start) iAimFP2: System32\DRIVERS\wADV05NT.sys (manual start) iAimFP3: System32\DRIVERS\wSiINTxx.sys (manual start) iAimFP4: System32\DRIVERS\wVchNTxx.sys (manual start) iAimTV0: System32\DRIVERS\wATV01nt.sys (manual start) iAimTV1: System32\DRIVERS\wATV02NT.sys (manual start) iAimTV2: System32\DRIVERS\wATV03nt.sys (manual start) iAimTV3: System32\DRIVERS\wATV04nt.sys (manual start) iAimTV4: System32\DRIVERS\wCh7xxNT.sys (manual start) InstallDriver Table Manager: C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (manual start) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) IntelIde: System32\DRIVERS\intelide.sys (system) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Kerio HIPS Driver: \SystemRoot\system32\drivers\khips.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Sunbelt Kerio Personal Firewall 4: C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe (autostart) Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) MRENDIS5 NDIS Protocol Driver: \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: System32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (manual start) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (manual start) Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Pilote processeur Intel Pentium III: System32\DRIVERS\p3.sys (system) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\System32\PCANDIS5.SYS (manual start) Pilote de bus PCI: System32\DRIVERS\pci.sys (system) VSO Software pcouffin: System32\Drivers\pcouffin.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Pilote de redirecteur de périphérique Terminal Server: System32\DRIVERS\rdpdr.sys (manual start) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Prise en charge des cartes à puces: %SystemRoot%\System32\SCardSvr.exe (manual start) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) Pare-feu de connexion Internet (ICF) / Partage de connexion Internet (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Srv: System32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) STEC3: \??\C:\WINDOWS\System32\STEC3.sys (autostart) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{7499E330-7634-49EA-9D61-2BBBAFD0B986} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Telnet: C:\WINDOWS\System32\tlntsvr.exe (manual start) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows User Mode Driver Framework: C:\WINDOWS\System32\wdfmgr.exe (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Gestionnaire de téléchargement: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote parent générique USB Microsoft: System32\DRIVERS\usbccgp.sys (manual start) Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start) Classe d'imprimantes USB Microsoft: System32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: System32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Mises à jour automatiques: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS): System32\DRIVERS\zd1211Bu.sys (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\DOCUME~1\NEO\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\NEO\Cookies\index.dat -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 34 081 bytes Report generated in 0,578 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only Voilou
  7. cayli
    Salut! Pas grave pour l'attente, je comprends que tu dois être bien occupé avec tous nos problèmes J'ai retrouvé ma connexion et je n'ai pas encore rencontré de problème avec Kerio. Voici le rapport Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 15:57:23, on 04/05/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\taskmgr.exe C:\Documents and Settings\NEO\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [Microsoft FixUp] vpiqurle.exe O4 - HKLM\..\Run: [Windows Update] update32.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Workflow] D:\install\Workflow.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\RunServices: [MSN Messenger] msnmrigr.exe O4 - HKLM\..\RunServices: [Laord service] awsdelf.exe O4 - HKLM\..\RunServices: [Microsoft FixUp] vpiqurle.exe O4 - HKLM\..\RunServices: [Windows Update] update32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MSN Messenger] msnmrigr.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: windows kernel 386 (windows kernel) - Unknown owner - C:\WINDOWS\krnl386.exe (file missing) Le rapport DiagHelp C:\WINDOWS\System32/drivers\fwdrv.err -->04/05/2007 15:03:43 C:\WINDOWS\System32/drivers\aswmon.sys -->18/04/2007 18:12:31 C:\WINDOWS\System32/drivers\aswmon2.sys -->18/04/2007 18:12:12 C:\WINDOWS\System32/drivers\aswRdr.sys -->18/04/2007 18:10:01 C:\WINDOWS\System32/drivers\aswTdi.sys -->18/04/2007 18:09:10 C:\WINDOWS\System32/drivers\aavmker4.sys -->18/04/2007 18:07:49 C:\WINDOWS\System32/drivers\pcouffin.sys -->16/03/2007 00:01:10 C:\WINDOWS\System32\wpa.dbl -->04/05/2007 00:29:53 C:\WINDOWS\System32\perfh00C.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\perfh009.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\perfc00C.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\perfc009.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\CONFIG.NT -->26/04/2007 22:43:07 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->26/04/2007 22:34:42 C:\WINDOWS\System32\aswBoot.exe -->18/04/2007 18:16:59 C:\WINDOWS\System32\AVASTSS.scr -->18/04/2007 18:06:59 C:\WINDOWS\System32\PerfStringBackup.INI -->25/03/2007 17:26:39 C:\WINDOWS\System32\FNTCACHE.DAT -->16/03/2007 20:10:15 C:\WINDOWS\System32\javaws.exe -->14/03/2007 02:04:46 C:\WINDOWS\System32\javacpl.cpl -->14/03/2007 02:04:46 C:\WINDOWS\System32\javaw.exe -->14/03/2007 00:31:28 C:\WINDOWS\System32\java.exe -->14/03/2007 00:31:24 C:\WINDOWS\System32\jupdate-1.5.0_11-b03.log -->06/03/2007 00:58:57 C:\WINDOWS\System32\ff_vfw.dll -->21/02/2007 22:00:28 C:\WINDOWS\System32\wmv9vcm.dll -->20/01/2007 22:26:06 C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -->19/12/2006 12:08:25 C:\WINDOWS\System32\jupdate-1.5.0_09-b03.log -->19/12/2006 12:05:38 C:\WINDOWS\System32\xvidvfw.dll -->01/11/2006 15:54:30 C:\WINDOWS\System32\xvidcore.dll -->01/11/2006 15:52:38 C:\WINDOWS\System32\zllictbl.dat -->28/09/2006 11:21:45 C:\WINDOWS\System32\bacbda_s.ocx -->04/07/2006 21:31:41 C:\WINDOWS\System32\addcc3_s.dll -->04/07/2006 21:31:41 C:\WINDOWS.log -->04/05/2007 15:14:48 C:\WINDOWS\wiaservc.log -->04/05/2007 15:14:42 C:\WINDOWS\wiadebug.log -->04/05/2007 15:14:42 C:\WINDOWS\Sti_Trace.log -->04/05/2007 15:14:40 C:\WINDOWS\bootstat.dat -->04/05/2007 15:13:35 C:\WINDOWS\win.ini -->04/05/2007 15:12:24 C:\WINDOWS\system.ini -->04/05/2007 15:12:24 C:\WINDOWS\SchedLgU.Txt -->04/05/2007 15:03:10 C:\WINDOWS\QTFont.qfn -->13/04/2007 01:56:30 C:\WINDOWS\QTFont.for -->20/02/2007 21:59:29 C:\WINDOWS\mozver.dat -->19/12/2006 11:54:13 C:\WINDOWS\wininit.ini -->14/07/2006 16:08:53 C:\WINDOWS\msoffice.ini -->14/07/2006 16:08:43 C:\WINDOWS\adiras.ini -->30/06/2006 21:56:19 C:\WINDOWS\WMSysPr9.prx -->29/06/2006 23:13:19 C:\WINDOWS\aolback.exe |19/02/2006 21:41:42 C:\WINDOWS\Aolunins.exe |19/02/2006 21:41:22 C:\WINDOWS\Ctregrun.exe |12/07/2006 12:54:43 C:\WINDOWS\IsUn040c.exe |25/05/2006 17:39:49 C:\WINDOWS\IsUninst.exe |29/06/2006 19:53:58 C:\WINDOWS\twunk_16.exe |28/08/2001 14:00:00 C:\WINDOWS\twunk_32.exe |28/08/2001 14:00:00 C:\WINDOWS\iptit.dll |21/02/2006 20:21:22 C:\WINDOWS\twain.dll |28/08/2001 14:00:00 C:\WINDOWS\twain_32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\append.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\aswBoot.exe |10/03/2006 19:58:52 C:\WINDOWS\system32\debug.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |14/06/2006 19:49:07 C:\WINDOWS\system32\dosx.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34 C:\WINDOWS\system32\edlin.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\java.exe |26/04/2007 22:34:44 C:\WINDOWS\system32\javaw.exe |26/04/2007 22:34:44 C:\WINDOWS\system32\javaws.exe |26/04/2007 22:34:44 C:\WINDOWS\system32\mem.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\nw16.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\pxcpya64.exe |03/07/2006 15:29:41 C:\WINDOWS\system32\pxcpyi64.exe |08/07/2006 11:29:46 C:\WINDOWS\system32\pxhpinst.exe |03/07/2006 15:29:41 C:\WINDOWS\system32\pxinsa64.exe |03/07/2006 15:29:41 C:\WINDOWS\system32\pxinsi64.exe |08/07/2006 11:29:46 C:\WINDOWS\system32\redir.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\setver.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\ZyDelReg.exe |06/08/2006 13:04:24 C:\WINDOWS\system32\addcc3_s.dll |04/07/2006 21:31:41 C:\WINDOWS\system32\amstream.dll |12/07/2006 12:44:16 C:\WINDOWS\system32\atmfd.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\atmlib.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\BJBase_2-2-2_DDR.dll |29/06/2006 19:54:01 C:\WINDOWS\system32\CNCC170.DLL |04/08/2005 03:46:12 C:\WINDOWS\system32\CNCI170.DLL |04/08/2005 03:46:04 C:\WINDOWS\system32\cncisco.dll |04/08/2005 03:47:10 C:\WINDOWS\system32\CNCL170.DLL |30/05/2005 12:46:00 C:\WINDOWS\system32\CNMLM7J.DLL |25/05/2006 17:38:13 C:\WINDOWS\system32\CNMVS7J.DLL |25/05/2006 17:38:14 C:\WINDOWS\system32\compatUI.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\DC120V15_32.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\DC265.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\dgrpsetu.dll |18/02/2006 22:02:35 C:\WINDOWS\system32\dgsetup.dll |18/02/2006 22:02:35 C:\WINDOWS\system32\DRAGNKL1.dll |06/09/2006 18:33:14 C:\WINDOWS\system32\EqnClass.Dll |18/02/2006 22:02:34 C:\WINDOWS\system32\ff_vfw.dll |19/03/2007 00:54:26 C:\WINDOWS\system32\hticons.dll |18/02/2006 22:10:32 C:\WINDOWS\system32\hypertrm.dll |18/02/2006 22:10:32 C:\WINDOWS\system32\i81xdnt5.dll |18/02/2006 22:04:36 C:\WINDOWS\system32\iccvid.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\InsDrvZD.dll |06/08/2006 13:04:22 C:\WINDOWS\system32\InsDrvZD64.DLL |06/08/2006 13:04:22 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir41_qc.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir41_qcx.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir50_32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir50_qc.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir50_qcx.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\isrdbg32.dll |18/02/2006 22:12:56 C:\WINDOWS\system32\jgaw400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgdw400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgmd400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgpl400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgsd400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgsh400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\LFBMP12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lfbmp13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LFCMP12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lfcmp13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LFFAX12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lffax13n.dll |07/11/2006 01:48:39 C:\WINDOWS\system32\lfgif13n.dll |07/11/2006 01:48:02 C:\WINDOWS\system32\LFPCD12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPCT12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPCX12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPNG12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPSD12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFTIF12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lftif13n.dll |07/11/2006 01:48:39 C:\WINDOWS\system32\libeay32_1-1-0_DDR.dll |29/06/2006 19:54:02 C:\WINDOWS\system32\ltclr13n.dll |07/11/2006 01:48:39 C:\WINDOWS\system32\LTDIS12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltdis13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTEFX12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltefx13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTFIL12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltfil13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTIMG12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltimg13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTKRN12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltkrn13n.dll |07/11/2006 01:48:00 C:\WINDOWS\system32\MCC16.dll |29/06/2006 19:59:58 C:\WINDOWS\system32\MCCDevice.dll |29/06/2006 19:59:58 C:\WINDOWS\system32\mciqtz32.dll |12/07/2006 12:44:16 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 19:47:06 C:\WINDOWS\system32\msdmo.dll |12/07/2006 12:44:17 C:\WINDOWS\system32\msencode.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\NkNEFPlugin.dll |06/09/2006 18:33:23 C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 03:53:58 C:\WINDOWS\system32\picn1020.dll |06/09/2006 18:33:15 C:\WINDOWS\system32\picn1120.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\picn20.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\psisdecd.dll |12/07/2006 12:44:20 C:\WINDOWS\system32\px.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxdrv.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxmas.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxsfs.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxwave.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\qedwipes.dll |12/07/2006 12:44:18 C:\WINDOWS\system32\qt-dx331.dll |25/05/2006 00:47:11 C:\WINDOWS\system32\RCSigProc.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\RedEye.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\scriptpw.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\slbcsp.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\slbiop.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\slbrccsp.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\spnike.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\spxcoins.dll |18/02/2006 22:02:34 C:\WINDOWS\system32\ssleay32_1-1-0_DDR.dll |29/06/2006 19:54:02 C:\WINDOWS\system32\stlport_4_0_0_DDR.dll |29/06/2006 19:54:01 C:\WINDOWS\system32\Strato4.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\tsd32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\unzip32.dll |12/07/2006 12:48:18 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\vxblock.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\W32N50.DLL |29/06/2006 19:58:02 C:\WINDOWS\system32\win87em.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\wnaspi32.dll |01/03/2006 22:36:36 C:\WINDOWS\system32\xerces-c_1_40_0_DDR.dll |29/06/2006 19:54:01 C:\WINDOWS\system32\xvidcore.dll |19/03/2007 00:54:36 C:\WINDOWS\system32\xvidvfw.dll |19/03/2007 00:54:32 C:\WINDOWS\system32\yv12vfw.dll |19/03/2007 00:54:40 C:\WINDOWS\system32\ZDPN50.dll |06/08/2006 13:04:25 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\system 10/09/1999 13:06 4 672 Wowpost.exe 1 fichier(s) 4 672 octets 0 Rép(s) 969 932 800 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\system32 28/08/2001 14:00 4 096 csrss.exe 1 fichier(s) 4 096 octets 0 Rép(s) 969 932 800 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\Downloaded Program Files 11/12/2006 22:09 <REP> . 11/12/2006 22:09 <REP> .. 18/02/2006 22:14 65 desktop.ini 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 08/10/2004 17:01 372 736 MsnPUpld.dll 08/10/2004 17:13 587 MSNPupld.inf 22/09/2004 16:59 110 592 PURen-us.dll 15/10/2004 08:59 110 592 PURfr-xx.dll 09/11/2006 15:36 5 019 swflash.inf 7 fichier(s) 600 753 octets Total des fichiers listés : 7 fichier(s) 600 753 octets 2 Rép(s) 969 928 704 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes Ad-Aware SE Personal Adaptateur IEEE 802.11g Sans-Fil USB Adobe Acrobat 5.0 Adobe Flash Player 9 ActiveX Adobe Photoshop CS ArcSoft PhotoStudio 5.5 avast! Antivirus Barre d'outils MSN BroadJump Client Foundation Canon MP Navigator 2.0 Canon MP170 Canon Utilities Easy-PhotoPrint CCleaner (remove only) Club Internet Agent Wi-Fi V2.1 Codeur Windows Media Série 9 Codeur Windows Media Série 9 Configurateur Modem Easy-WebPrint EasyCleaner eMule HijackThis 1.99.1 Installation Adaptateur USB sans fil Club-Internet IrfanView (remove only) J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 Java SE Runtime Environment 6 Update 1 jv16 PowerTools 1.3 K-Lite Codec Pack 2.86 Full BETA2 LE COMPAGNON CLUB Lecteur Windows Media 10 Microsoft Office XP Professional avec FrontPage Mozilla Firefox (1.5.0.11) MSN Messenger 7.5 Music Manager MuVo Driver OmniPage SE 2.0 QuickTime QuickTime SAGEM F@st 800-840 Shareaza version 2.2.1.0 Spybot - Search & Destroy 1.4 SpywareGuard v2.2 Sunbelt Kerio Personal Firewall WebFldrs XP Windows Media Format Runtime Windows XP Hotfix (SP1) [see Q317181 for more information] WinRAR archiver Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files 04/05/2007 15:13 <REP> . 04/05/2007 15:13 <REP> .. 03/12/2006 16:41 <REP> Adobe 14/02/2007 19:07 <REP> Alwil Software 06/09/2006 18:30 <REP> ArcSoft 29/06/2006 19:53 <REP> BroadJump 25/05/2006 17:40 <REP> Canon 29/06/2006 22:43 <REP> CCleaner 08/02/2007 17:12 <REP> Club-Internet 29/06/2006 19:57 <REP> Common Files 26/04/2007 22:42 <REP> Creative 16/03/2007 22:57 <REP> DIKO 19/03/2007 00:38 <REP> DivX 15/03/2007 19:24 <REP> DLA 02/05/2007 11:56 <REP> eMule 04/05/2007 00:25 <REP> Fichiers communs 04/05/2007 00:24 <REP> Hijackthis 18/02/2006 22:14 <REP> Internet Explorer 30/03/2007 01:30 <REP> IrfanView 26/04/2007 22:34 <REP> Java 06/03/2007 14:14 <REP> jv16 PowerTools 19/03/2007 00:54 <REP> K-Lite Codec Pack 29/06/2006 22:47 <REP> Lavasoft 26/05/2006 21:11 <REP> Messenger 18/02/2006 22:17 <REP> microsoft frontpage 18/02/2006 22:18 <REP> Microsoft Office 08/02/2007 17:09 <REP> Motive 18/02/2006 22:13 <REP> Movie Maker 04/05/2007 15:53 <REP> Mozilla Firefox 18/02/2006 22:11 <REP> MSN 30/06/2006 00:18 <REP> MSN Apps 18/02/2006 22:10 <REP> MSN Gaming Zone 02/07/2006 12:44 <REP> MSN Messenger 12/07/2006 12:48 <REP> Music Manager 18/02/2006 22:12 <REP> NetMeeting 06/09/2006 19:08 <REP> Nikon 18/02/2006 22:12 <REP> Outlook Express 20/01/2007 14:45 <REP> QuickTime 25/05/2006 17:41 <REP> ScanSoft 18/02/2006 22:14 <REP> Services en ligne 01/07/2006 23:35 <REP> Shareaza 04/05/2007 15:18 <REP> Spybot - Search & Destroy 20/01/2007 14:45 <REP> Spybott - Search & Destroy 12/07/2006 12:53 <REP> SpywareGuard 14/02/2007 19:16 <REP> Sunbelt Software 14/07/2006 16:01 <REP> ToniArts 16/03/2007 00:34 <REP> VSO 04/07/2006 20:35 <REP> Windows Media Components 20/01/2007 14:45 <REP> Windows Media Player 18/02/2006 22:10 <REP> Windows NT 19/03/2007 14:51 <REP> WinISO 04/05/2007 00:24 <REP> WinRAR 08/02/2007 16:59 <REP> WLAN 18/02/2006 22:17 <REP> xerox 26/04/2007 22:33 <REP> Yahoo! 0 fichier(s) 0 octets 55 Rép(s) 969 662 464 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\fichiers communs 04/05/2007 00:25 <REP> . 04/05/2007 00:25 <REP> .. 03/12/2006 16:47 <REP> Adobe 03/12/2006 16:50 <REP> Adobe Systems Shared 18/02/2006 22:19 <REP> Designer 12/07/2006 12:29 <REP> InstallShield 19/12/2006 12:03 <REP> Java 29/06/2006 23:53 <REP> Microsoft Shared 08/02/2007 16:50 <REP> Motive 18/02/2006 22:12 <REP> MSSoap 08/09/2006 21:00 <REP> muvee Technologies 08/09/2006 21:00 <REP> Nikon 11/07/2006 21:16 <REP> ScanSoft Shared 18/02/2006 22:12 <REP> Services 18/02/2006 22:02 <REP> SpeechEngines 18/02/2006 22:18 <REP> System 0 fichier(s) 0 octets 16 Rép(s) 969 662 464 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 18/02/2006 22:19 <REP> . 18/02/2006 22:19 <REP> .. 18/02/2006 22:19 <REP> 1033 18/02/2006 22:18 <REP> 1036 15/02/2001 06:45 1 318 912 MSONSEXT.DLL 13/02/2001 09:23 58 784 MSOSV.DLL 03/06/1999 15:09 122 937 MSOWS409.DLL 07/03/2001 10:00 127 033 MSOWS40c.DLL 06/08/2000 10:04 401 462 MSVCP60.DLL 22/01/2001 04:25 69 632 PKMAXCTL.DLL 22/01/2001 04:25 872 448 PKMCDO.DLL 22/01/2001 04:25 159 744 PKMCORE.DLL 07/02/2001 10:59 106 496 PKMFORMS.DLL 12/02/2001 05:03 684 032 PKMRES.DLL 22/01/2001 04:25 28 672 PKMSSTLB.DLL 22/01/2001 04:25 40 960 PKMTEMPL.DLL 22/01/2001 04:25 24 576 PKMTRACE.DLL 22/01/2001 04:25 86 016 PKMWS.DLL 22/01/2001 04:25 237 568 PROMDEMO.DLL 22/01/2001 04:25 184 320 SECMGR.DLL 22/01/2001 04:25 323 584 VAIDDMGR.DLL 22/01/2001 04:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 969 662 464 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\common files 29/06/2006 19:57 <REP> . 29/06/2006 19:57 <REP> .. 08/02/2007 17:12 <REP> Motive 0 fichier(s) 0 octets 3 Rép(s) 969 662 464 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 21/02/2006 20:22 7 249 Installer.exe 3 fichier(s) 178 769 octets 0 Rép(s) 969 662 464 octets libres c:\Documents and Settings\NEO\Application Data\ezpinst.exe c:\Documents and Settings\NEO\Application Data\Nikon\Message Center\DOWNLOAD_LOG\11914\S-P2____-161WU-EURFR.exe c:\Documents and Settings\NEO\Bureau\BrancheMoi.exe c:\Documents and Settings\NEO\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe c:\Documents and Settings\NEO\Bureau\klcodec286fbeta2.exe c:\Documents and Settings\NEO\Bureau\VirtualDub_Traduction_francais_pour_v1.5.4.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\DivXInstaller.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\kerio-personal-firewall_kerio_personal_firewall_4.3.268_francais_11071.exe c:\Documents and Settings\NEO\Bureau\WinISO\WinISO v5.3.exe c:\Documents and Settings\NEO\Bureau\WinISO\WinISO_crk.exe c:\Documents and Settings\NEO\Mes documents\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\blindman.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\SpybotSD.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\TeaTimer.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\unins000.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\Update.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\USMT\iconlib.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll c:\Documents and Settings\NEO\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll Liste des drivers... < Microsoft ® Windows ® version 5.1 (num'ro 2600). < 5 4 2007 16:10:29.500 < Pilote charg' \WINDOWS\system32\ntoskrnl.exe < Pilote charg' \WINDOWS\system32\hal.dll < Pilote charg' \WINDOWS\system32\KDCOM.DLL < Pilote charg' \WINDOWS\system32\BOOTVID.dll < Pilote charg' ACPI.sys < Pilote charg' \WINDOWS\System32\DRIVERS\WMILIB.SYS < Pilote charg' pci.sys < Pilote charg' isapnp.sys < Pilote charg' intelide.sys < Pilote charg' \WINDOWS\System32\DRIVERS\PCIIDEX.SYS < Pilote charg' MountMgr.sys < Pilote charg' ftdisk.sys < Pilote charg' dmload.sys < Pilote charg' dmio.sys < Pilote charg' PartMgr.sys < Pilote charg' VolSnap.sys < Pilote charg' atapi.sys < Pilote charg' disk.sys < Pilote charg' \WINDOWS\System32\DRIVERS\CLASSPNP.SYS < Pilote charg' sr.sys < Pilote charg' PxHelp20.sys < Pilote charg' KSecDD.sys < Pilote charg' Ntfs.sys < Pilote charg' NDIS.sys < Pilote charg' Mup.sys < Pilote charg' \SystemRoot\System32\DRIVERS\i81xnt5.sys < Pilote charg' \SystemRoot\System32\DRIVERS\e100b325.sys < Pilote charg' \SystemRoot\System32\DRIVERS\i8042prt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\mouclass.sys < Pilote charg' \SystemRoot\System32\DRIVERS\kbdclass.sys < Pilote charg' \SystemRoot\System32\DRIVERS\parport.sys < Pilote charg' \SystemRoot\System32\DRIVERS\serial.sys < Pilote charg' \SystemRoot\System32\DRIVERS\serenum.sys < Pilote charg' \SystemRoot\System32\DRIVERS\fdc.sys < Pilote charg' \SystemRoot\System32\DRIVERS\cdrom.sys < Pilote charg' \SystemRoot\System32\DRIVERS\redbook.sys < Pilote charg' \SystemRoot\System32\DRIVERS\usbuhci.sys < Pilote charg' \SystemRoot\system32\drivers\ac97intc.sys < Pilote charg' \SystemRoot\System32\DRIVERS\p3.sys < Pilote charg' \SystemRoot\System32\DRIVERS\audstub.sys < Pilote charg' \SystemRoot\System32\DRIVERS\rasl2tp.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ndistapi.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ndiswan.sys < Pilote charg' \SystemRoot\System32\DRIVERS\raspppoe.sys < Pilote charg' \SystemRoot\System32\DRIVERS\raspptp.sys < Pilote charg' \SystemRoot\System32\DRIVERS\msgpc.sys < Pilote charg' \SystemRoot\System32\DRIVERS\psched.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ptilink.sys < Pilote charg' \SystemRoot\System32\DRIVERS\raspti.sys < Pilote charg' \SystemRoot\System32\DRIVERS\rdpdr.sys < Pilote charg' \SystemRoot\System32\DRIVERS\termdd.sys < Pilote charg' \SystemRoot\System32\DRIVERS\swenum.sys < Pilote charg' \SystemRoot\System32\DRIVERS\update.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wCh7xxNT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV04nt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV03nt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV02NT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV01nt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wVchNTxx.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wSiINTxx.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wADV05NT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wADV02NT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wADV01nt.sys < Pilote charg' \SystemRoot\System32\Drivers\NDProxy.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\NDProxy.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\flpydisk.sys < Pilote charg' \SystemRoot\System32\DRIVERS\usbhub.sys < Pilote charg' \SystemRoot\System32\DRIVERS\zd1211Bu.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\lbrtfdc.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Sfloppy.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\i2omgmt.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Changer.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Cdaudio.SYS < Pilote charg' \SystemRoot\System32\Drivers\Fs_Rec.SYS < Pilote charg' \SystemRoot\System32\Drivers\Null.SYS < Pilote charg' \SystemRoot\System32\Drivers\Beep.SYS < Pilote charg' \SystemRoot\System32\drivers\vga.sys < Pilote charg' \SystemRoot\System32\Drivers\mnmdd.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\RDPCDD.sys < Pilote charg' \SystemRoot\system32\drivers\fwdrv.sys < Pilote charg' \SystemRoot\System32\Drivers\Msfs.SYS < Pilote charg' \SystemRoot\System32\Drivers\Npfs.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\rasacd.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ipsec.sys < Pilote charg' \SystemRoot\System32\DRIVERS\tcpip.sys < Pilote charg' \SystemRoot\System32\Drivers\aswTdi.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\netbt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\netbios.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\PCIDump.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\rdbss.sys < Pilote charg' \SystemRoot\System32\DRIVERS\mrxsmb.sys < Pilote charg' \SystemRoot\system32\drivers\khips.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Imapi.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\wanarp.sys < Pilote charg' \SystemRoot\System32\Drivers\Fips.SYS < Pilote charg' \SystemRoot\System32\Drivers\Aavmker4.SYS < Pilote charg' \SystemRoot\System32\Drivers\Cdfs.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\adildr.sys < Pilote charg' \SystemRoot\System32\drivers\afd.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ndisuio.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\drivers\afd.sys < Pilote charg' \SystemRoot\System32\Drivers\aswMon2.SYS Voilou
  8. cayli
    Ok bon alors je n'ai pas de Clé USB et le problème c'est que le PC ne grave pas les CD Rom. lol Au fait lorsque j'essaye de lancer Firefox, j'ai un message de Kerio qui me signale: "Cannot connect to service" Edit: Je viens de restaurer le système parceque là je ne pouvais plus rien faire En fait je viens de remarquer que Kerio était en "simple mode". En désinstallant puis en réinstallant Kerio j'avais choisi le mode avancé. Est ce que j'avais bien fait ? Ou j'aurais dû choisir le mode simple sans pop ups ?
  9. cayli
    Salut salut Ben non je n'arrive toujours pas à me connecter à internet. Je suis désespérée. Et le problème c'est que je suis obligée de te parler via mon ordinateur portable. Je ne peux donc pas te poster un nouveau rapport Hijackthis. :'( Je vais essayer de désinstaller et réinstaller Kerio une seconde fois.
  10. cayli
    Ca marche, j'ai réussi à désinstaller Kerio. Merci! Le problème c'est que je n'arrive plus à me connecter à internet
  11. cayli
    Salut Je n'ai jamais rencontré de problèmle avec mon pare feu, mais là j'ai un problème lol , je n'arrive pas à désinstaller Kerio de l'ordinateur. Il est mentionné: "Error 1921 Service KPF4 could not be stopped. Veify that you have sufficient privileges to stop system services " Retry or cancel ?
  12. cayli
    Bonsoir! En fait ce n'est pas mon ordinateur personnel, je l'utilise rarement. Mais je pensais que ses utilisateurs principaux faisaient attention mais il s'avère que non. Je ne savais même pas que Windows n'était pas à jour Sinon voici les rapports: Le rappprt de SDfix SDFix: Version 1.81 Run by NEO - 30/04/2007 - 16:48:07,96 Microsoft Windows XP [version 5.1.2600] "CSDVersion" does not exist! Running From: C:\SDFix Safe Mode: Checking Services: Name: Windows Kernel ImagePath: "C:\WINDOWS\krnl386.exe" Windows Kernel - Deleted Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\WINDOWS\odbc.INI - Deleted C:\WINDOWS\system32\i - Deleted C:\WINDOWS\system32\TFTP148 - Deleted C:\WINDOWS\system32\TFTP360 - Deleted C:\WINDOWS\system32\TFTP604 - Deleted C:\WINDOWS\system32\TFTP652 - Deleted Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Checking For Files with Hidden Attributes: C:\Program Files\Canon\MP Navigator 2.0\uinstrsc.dll C:\WINDOWS\system32\addcc3_s.dll C:\Program Files\Canon\MP Navigator 2.0\Maint.exe C:\Documents and Settings\NEO\Mes documents\~WRL0002.tmp C:\Documents and Settings\NEO\Mes documents\~WRL0004.tmp C:\Documents and Settings\NEO\Mes documents\~WRL0979.tmp C:\Documents and Settings\NEO\Mes documents\~WRL2360.tmp C:\Documents and Settings\NEO\Mes documents\~WRL3452.tmp C:\Documents and Settings\NEO\Mes documents\~WRL3877.tmp C:\WINDOWS\LastGood.Tmp\INF\oem1.inf C:\WINDOWS\LastGood.Tmp\INF\oem1.PNF Finished Le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 17:10:53, on 30/04/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SpywareGuard\sgmain.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hijackthis\hijackthis_hijackthis_1.99.1_anglais_17891.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Workflow] D:\install\Workflow.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\RunServices: [Laord service] awsdelf.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe Le rapport DiagHelp C:\WINDOWS\System32/drivers\fwdrv.err -->30/04/2007 16:51:17 C:\WINDOWS\System32/drivers\aswmon.sys -->18/04/2007 18:12:31 C:\WINDOWS\System32/drivers\aswmon2.sys -->18/04/2007 18:12:12 C:\WINDOWS\System32/drivers\aswRdr.sys -->18/04/2007 18:10:01 C:\WINDOWS\System32/drivers\aswTdi.sys -->18/04/2007 18:09:10 C:\WINDOWS\System32/drivers\aavmker4.sys -->18/04/2007 18:07:49 C:\WINDOWS\System32/drivers\pcouffin.sys -->16/03/2007 00:01:10 C:\WINDOWS\System32\perfh00C.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\perfh009.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\perfc00C.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\perfc009.dat -->30/04/2007 17:04:04 C:\WINDOWS\System32\PerfStringBackup.INI -->30/04/2007 17:04:03 C:\WINDOWS\System32\wpa.dbl -->29/04/2007 12:07:45 C:\WINDOWS\System32\CONFIG.NT -->26/04/2007 22:43:07 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->26/04/2007 22:34:42 C:\WINDOWS\System32\aswBoot.exe -->18/04/2007 18:16:59 C:\WINDOWS\System32\AVASTSS.scr -->18/04/2007 18:06:59 C:\WINDOWS\System32\FNTCACHE.DAT -->16/03/2007 20:10:15 C:\WINDOWS\System32\javaws.exe -->14/03/2007 02:04:46 C:\WINDOWS\System32\javacpl.cpl -->14/03/2007 02:04:46 C:\WINDOWS\System32\javaw.exe -->14/03/2007 00:31:28 C:\WINDOWS\System32\java.exe -->14/03/2007 00:31:24 C:\WINDOWS\System32\jupdate-1.5.0_11-b03.log -->06/03/2007 00:58:57 C:\WINDOWS\System32\ff_vfw.dll -->21/02/2007 22:00:28 C:\WINDOWS\System32\wmv9vcm.dll -->20/01/2007 22:26:06 C:\WINDOWS\System32\jupdate-1.5.0_10-b03.log -->19/12/2006 12:08:25 C:\WINDOWS\System32\jupdate-1.5.0_09-b03.log -->19/12/2006 12:05:38 C:\WINDOWS\System32\xvidvfw.dll -->01/11/2006 15:54:30 C:\WINDOWS\System32\xvidcore.dll -->01/11/2006 15:52:38 C:\WINDOWS\System32\zllictbl.dat -->28/09/2006 11:21:45 C:\WINDOWS\System32\bacbda_s.ocx -->04/07/2006 21:31:41 C:\WINDOWS\System32\addcc3_s.dll -->04/07/2006 21:31:41 C:\WINDOWS\wiadebug.log -->30/04/2007 16:55:49 C:\WINDOWS\wiaservc.log -->30/04/2007 16:55:45 C:\WINDOWS\SchedLgU.Txt -->30/04/2007 16:55:36 C:\WINDOWS\bootstat.dat -->30/04/2007 16:55:22 C:\WINDOWS\win.ini -->30/04/2007 16:54:22 C:\WINDOWS\system.ini -->30/04/2007 16:54:22 C:\WINDOWS\Sti_Trace.log -->30/04/2007 16:26:31 C:\WINDOWS\QTFont.qfn -->13/04/2007 01:56:30 C:\WINDOWS\QTFont.for -->20/02/2007 21:59:29 C:\WINDOWS\mozver.dat -->19/12/2006 11:54:13 C:\WINDOWS\wininit.ini -->14/07/2006 16:08:53 C:\WINDOWS\msoffice.ini -->14/07/2006 16:08:43 C:\WINDOWS\adiras.ini -->30/06/2006 21:56:19 C:\WINDOWS\WMSysPr9.prx -->29/06/2006 23:13:19 C:\WINDOWS\nsreg.dat -->29/06/2006 22:41:22 C:\WINDOWS\aolback.exe |19/02/2006 21:41:42 C:\WINDOWS\Aolunins.exe |19/02/2006 21:41:22 C:\WINDOWS\Ctregrun.exe |12/07/2006 12:54:43 C:\WINDOWS\IsUn040c.exe |25/05/2006 17:39:49 C:\WINDOWS\IsUninst.exe |29/06/2006 19:53:58 C:\WINDOWS\twunk_16.exe |28/08/2001 14:00:00 C:\WINDOWS\twunk_32.exe |28/08/2001 14:00:00 C:\WINDOWS\iptit.dll |21/02/2006 20:21:22 C:\WINDOWS\twain.dll |28/08/2001 14:00:00 C:\WINDOWS\twain_32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\append.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\aswBoot.exe |10/03/2006 19:58:52 C:\WINDOWS\system32\debug.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\DivXCodecUpdateChecker.exe |14/06/2006 19:49:07 C:\WINDOWS\system32\dosx.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 19:47:34 C:\WINDOWS\system32\edlin.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\exe2bin.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\fastopen.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\java.exe |26/04/2007 22:34:44 C:\WINDOWS\system32\javaw.exe |26/04/2007 22:34:44 C:\WINDOWS\system32\javaws.exe |26/04/2007 22:34:44 C:\WINDOWS\system32\mem.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\mscdexnt.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\nlsfunc.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\nw16.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\pxcpya64.exe |03/07/2006 15:29:41 C:\WINDOWS\system32\pxcpyi64.exe |08/07/2006 11:29:46 C:\WINDOWS\system32\pxhpinst.exe |03/07/2006 15:29:41 C:\WINDOWS\system32\pxinsa64.exe |03/07/2006 15:29:41 C:\WINDOWS\system32\pxinsi64.exe |08/07/2006 11:29:46 C:\WINDOWS\system32\redir.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\setver.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\share.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 19:47:48 C:\WINDOWS\system32\vwipxspx.exe |28/08/2001 14:00:00 C:\WINDOWS\system32\ZyDelReg.exe |06/08/2006 13:04:24 C:\WINDOWS\system32\addcc3_s.dll |04/07/2006 21:31:41 C:\WINDOWS\system32\amstream.dll |12/07/2006 12:44:16 C:\WINDOWS\system32\atmfd.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\atmlib.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\BJBase_2-2-2_DDR.dll |29/06/2006 19:54:01 C:\WINDOWS\system32\CNCC170.DLL |04/08/2005 03:46:12 C:\WINDOWS\system32\CNCI170.DLL |04/08/2005 03:46:04 C:\WINDOWS\system32\cncisco.dll |04/08/2005 03:47:10 C:\WINDOWS\system32\CNCL170.DLL |30/05/2005 12:46:00 C:\WINDOWS\system32\CNMLM7J.DLL |25/05/2006 17:38:13 C:\WINDOWS\system32\CNMVS7J.DLL |25/05/2006 17:38:14 C:\WINDOWS\system32\compatUI.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\DC120V15_32.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\DC265.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\dgrpsetu.dll |18/02/2006 22:02:35 C:\WINDOWS\system32\dgsetup.dll |18/02/2006 22:02:35 C:\WINDOWS\system32\DRAGNKL1.dll |06/09/2006 18:33:14 C:\WINDOWS\system32\EqnClass.Dll |18/02/2006 22:02:34 C:\WINDOWS\system32\ff_vfw.dll |19/03/2007 00:54:26 C:\WINDOWS\system32\hticons.dll |18/02/2006 22:10:32 C:\WINDOWS\system32\hypertrm.dll |18/02/2006 22:10:32 C:\WINDOWS\system32\i81xdnt5.dll |18/02/2006 22:04:36 C:\WINDOWS\system32\iccvid.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\InsDrvZD.dll |06/08/2006 13:04:22 C:\WINDOWS\system32\InsDrvZD64.DLL |06/08/2006 13:04:22 C:\WINDOWS\system32\ir32_32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir41_qc.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir41_qcx.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir50_32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir50_qc.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\ir50_qcx.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\isrdbg32.dll |18/02/2006 22:12:56 C:\WINDOWS\system32\jgaw400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgdw400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgmd400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgpl400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgsd400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\jgsh400.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\LFBMP12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lfbmp13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LFCMP12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lfcmp13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LFFAX12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lffax13n.dll |07/11/2006 01:48:39 C:\WINDOWS\system32\lfgif13n.dll |07/11/2006 01:48:02 C:\WINDOWS\system32\LFPCD12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPCT12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPCX12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPNG12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFPSD12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\LFTIF12N.DLL |06/09/2006 18:32:22 C:\WINDOWS\system32\lftif13n.dll |07/11/2006 01:48:39 C:\WINDOWS\system32\libeay32_1-1-0_DDR.dll |29/06/2006 19:54:02 C:\WINDOWS\system32\ltclr13n.dll |07/11/2006 01:48:39 C:\WINDOWS\system32\LTDIS12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltdis13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTEFX12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltefx13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTFIL12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltfil13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTIMG12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltimg13n.dll |07/11/2006 01:48:01 C:\WINDOWS\system32\LTKRN12N.DLL |06/09/2006 18:32:21 C:\WINDOWS\system32\ltkrn13n.dll |07/11/2006 01:48:00 C:\WINDOWS\system32\MCC16.dll |29/06/2006 19:59:58 C:\WINDOWS\system32\MCCDevice.dll |29/06/2006 19:59:58 C:\WINDOWS\system32\mciqtz32.dll |12/07/2006 12:44:16 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 19:47:06 C:\WINDOWS\system32\msdmo.dll |12/07/2006 12:44:17 C:\WINDOWS\system32\msencode.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\NkNEFPlugin.dll |06/09/2006 18:33:23 C:\WINDOWS\system32\paqsp.dll |23/08/2001 19:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |09/12/1998 03:53:58 C:\WINDOWS\system32\picn1020.dll |06/09/2006 18:33:15 C:\WINDOWS\system32\picn1120.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\picn20.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\psisdecd.dll |12/07/2006 12:44:20 C:\WINDOWS\system32\px.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxdrv.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxmas.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxsfs.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\pxwave.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\qedwipes.dll |12/07/2006 12:44:18 C:\WINDOWS\system32\qt-dx331.dll |25/05/2006 00:47:11 C:\WINDOWS\system32\RCSigProc.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\RedEye.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\scriptpw.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\slbcsp.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\slbiop.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\slbrccsp.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\spnike.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 19:47:18 C:\WINDOWS\system32\spxcoins.dll |18/02/2006 22:02:34 C:\WINDOWS\system32\ssleay32_1-1-0_DDR.dll |29/06/2006 19:54:02 C:\WINDOWS\system32\stlport_4_0_0_DDR.dll |29/06/2006 19:54:01 C:\WINDOWS\system32\Strato4.dll |06/09/2006 18:33:16 C:\WINDOWS\system32\tsd32.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\unzip32.dll |12/07/2006 12:48:18 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 19:47:20 C:\WINDOWS\system32\vxblock.dll |03/07/2006 15:29:41 C:\WINDOWS\system32\W32N50.DLL |29/06/2006 19:58:02 C:\WINDOWS\system32\win87em.dll |28/08/2001 14:00:00 C:\WINDOWS\system32\wnaspi32.dll |01/03/2006 22:36:36 C:\WINDOWS\system32\xerces-c_1_40_0_DDR.dll |29/06/2006 19:54:01 C:\WINDOWS\system32\xvidcore.dll |19/03/2007 00:54:36 C:\WINDOWS\system32\xvidvfw.dll |19/03/2007 00:54:32 C:\WINDOWS\system32\yv12vfw.dll |19/03/2007 00:54:40 C:\WINDOWS\system32\ZDPN50.dll |06/08/2006 13:04:25 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\system 10/09/1999 13:06 4 672 Wowpost.exe 1 fichier(s) 4 672 octets 0 Rép(s) 926 191 616 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\system32 28/08/2001 14:00 4 096 csrss.exe 1 fichier(s) 4 096 octets 0 Rép(s) 926 191 616 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\WINDOWS\Downloaded Program Files 11/12/2006 22:09 <REP> . 11/12/2006 22:09 <REP> .. 18/02/2006 22:14 65 desktop.ini 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 08/10/2004 17:01 372 736 MsnPUpld.dll 08/10/2004 17:13 587 MSNPupld.inf 22/09/2004 16:59 110 592 PURen-us.dll 15/10/2004 08:59 110 592 PURfr-xx.dll 09/11/2006 15:36 5 019 swflash.inf 7 fichier(s) 600 753 octets Total des fichiers listés : 7 fichier(s) 600 753 octets 2 Rép(s) 926 187 520 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes Ad-Aware SE Personal Adaptateur IEEE 802.11g Sans-Fil USB Adobe Acrobat 5.0 Adobe Flash Player 9 ActiveX Adobe Photoshop CS ArcSoft PhotoStudio 5.5 avast! Antivirus Barre d'outils MSN BroadJump Client Foundation Canon MP Navigator 2.0 Canon MP170 Canon Utilities Easy-PhotoPrint CCleaner (remove only) Club Internet Agent Wi-Fi V2.1 Codeur Windows Media Série 9 Codeur Windows Media Série 9 Configurateur Modem Easy-WebPrint EasyCleaner eMule HijackThis 1.99.1 Installation Adaptateur USB sans fil Club-Internet IrfanView (remove only) J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 Java SE Runtime Environment 6 Update 1 jv16 PowerTools 1.3 K-Lite Codec Pack 2.86 Full BETA2 LE COMPAGNON CLUB Lecteur Windows Media 10 Microsoft Office XP Professional avec FrontPage Mozilla Firefox (1.5.0.11) MSN Messenger 7.5 Music Manager MuVo Driver OmniPage SE 2.0 QuickTime QuickTime SAGEM F@st 800-840 Shareaza version 2.2.1.0 Spybot - Search & Destroy 1.4 SpywareGuard v2.2 Sunbelt Kerio Personal Firewall WebFldrs XP Windows Media Format Runtime Windows XP Hotfix (SP1) [see Q317181 for more information] Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files 30/04/2007 17:07 <REP> . 30/04/2007 17:07 <REP> .. 03/12/2006 16:41 <REP> Adobe 14/02/2007 19:07 <REP> Alwil Software 06/09/2006 18:30 <REP> ArcSoft 29/06/2006 19:53 <REP> BroadJump 25/05/2006 17:40 <REP> Canon 29/06/2006 22:43 <REP> CCleaner 08/02/2007 17:12 <REP> Club-Internet 29/06/2006 19:57 <REP> Common Files 26/04/2007 22:42 <REP> Creative 16/03/2007 22:57 <REP> DIKO 19/03/2007 00:38 <REP> DivX 15/03/2007 19:24 <REP> DLA 29/04/2007 21:11 <REP> eMule 30/04/2007 17:04 <REP> Fichiers communs 30/04/2007 17:11 <REP> Hijackthis 18/02/2006 22:14 <REP> Internet Explorer 30/03/2007 01:30 <REP> IrfanView 26/04/2007 22:34 <REP> Java 06/03/2007 14:14 <REP> jv16 PowerTools 19/03/2007 00:54 <REP> K-Lite Codec Pack 29/06/2006 22:47 <REP> Lavasoft 26/05/2006 21:11 <REP> Messenger 18/02/2006 22:17 <REP> microsoft frontpage 18/02/2006 22:18 <REP> Microsoft Office 08/02/2007 17:09 <REP> Motive 18/02/2006 22:13 <REP> Movie Maker 30/04/2007 17:05 <REP> Mozilla Firefox 18/02/2006 22:11 <REP> MSN 30/06/2006 00:18 <REP> MSN Apps 18/02/2006 22:10 <REP> MSN Gaming Zone 02/07/2006 12:44 <REP> MSN Messenger 12/07/2006 12:48 <REP> Music Manager 18/02/2006 22:12 <REP> NetMeeting 06/09/2006 19:08 <REP> Nikon 18/02/2006 22:12 <REP> Outlook Express 20/01/2007 14:45 <REP> QuickTime 25/05/2006 17:41 <REP> ScanSoft 18/02/2006 22:14 <REP> Services en ligne 01/07/2006 23:35 <REP> Shareaza 30/04/2007 00:04 <REP> Spybot - Search & Destroy 20/01/2007 14:45 <REP> Spybott - Search & Destroy 12/07/2006 12:53 <REP> SpywareGuard 14/02/2007 19:16 <REP> Sunbelt Software 14/07/2006 16:01 <REP> ToniArts 16/03/2007 00:34 <REP> VSO 04/07/2006 20:35 <REP> Windows Media Components 20/01/2007 14:45 <REP> Windows Media Player 18/02/2006 22:10 <REP> Windows NT 19/03/2007 14:51 <REP> WinISO 08/02/2007 16:59 <REP> WLAN 18/02/2006 22:17 <REP> xerox 26/04/2007 22:33 <REP> Yahoo! 0 fichier(s) 0 octets 54 Rép(s) 925 999 104 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\fichiers communs 30/04/2007 17:04 <REP> . 30/04/2007 17:04 <REP> .. 03/12/2006 16:47 <REP> Adobe 03/12/2006 16:50 <REP> Adobe Systems Shared 18/02/2006 22:19 <REP> Designer 12/07/2006 12:29 <REP> InstallShield 19/12/2006 12:03 <REP> Java 29/06/2006 23:53 <REP> Microsoft Shared 08/02/2007 16:50 <REP> Motive 18/02/2006 22:12 <REP> MSSoap 08/09/2006 21:00 <REP> muvee Technologies 08/09/2006 21:00 <REP> Nikon 11/07/2006 21:16 <REP> ScanSoft Shared 18/02/2006 22:12 <REP> Services 18/02/2006 22:02 <REP> SpeechEngines 18/02/2006 22:18 <REP> System 0 fichier(s) 0 octets 16 Rép(s) 925 999 104 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 18/02/2006 22:19 <REP> . 18/02/2006 22:19 <REP> .. 18/02/2006 22:19 <REP> 1033 18/02/2006 22:18 <REP> 1036 15/02/2001 06:45 1 318 912 MSONSEXT.DLL 13/02/2001 09:23 58 784 MSOSV.DLL 03/06/1999 15:09 122 937 MSOWS409.DLL 07/03/2001 10:00 127 033 MSOWS40c.DLL 06/08/2000 10:04 401 462 MSVCP60.DLL 22/01/2001 04:25 69 632 PKMAXCTL.DLL 22/01/2001 04:25 872 448 PKMCDO.DLL 22/01/2001 04:25 159 744 PKMCORE.DLL 07/02/2001 10:59 106 496 PKMFORMS.DLL 12/02/2001 05:03 684 032 PKMRES.DLL 22/01/2001 04:25 28 672 PKMSSTLB.DLL 22/01/2001 04:25 40 960 PKMTEMPL.DLL 22/01/2001 04:25 24 576 PKMTRACE.DLL 22/01/2001 04:25 86 016 PKMWS.DLL 22/01/2001 04:25 237 568 PROMDEMO.DLL 22/01/2001 04:25 184 320 SECMGR.DLL 22/01/2001 04:25 323 584 VAIDDMGR.DLL 22/01/2001 04:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 925 999 104 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\Program Files\common files 29/06/2006 19:57 <REP> . 29/06/2006 19:57 <REP> .. 08/02/2007 17:12 <REP> Motive 0 fichier(s) 0 octets 3 Rép(s) 925 999 104 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 0431-D053 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 21/02/2006 20:22 7 249 Installer.exe 3 fichier(s) 178 769 octets 0 Rép(s) 925 999 104 octets libres c:\Documents and Settings\NEO\Application Data\ezpinst.exe c:\Documents and Settings\NEO\Application Data\Nikon\Message Center\DOWNLOAD_LOG\11914\S-P2____-161WU-EURFR.exe c:\Documents and Settings\NEO\Bureau\BrancheMoi.exe c:\Documents and Settings\NEO\Bureau\klcodec286fbeta2.exe c:\Documents and Settings\NEO\Bureau\SDFix.exe c:\Documents and Settings\NEO\Bureau\VirtualDub_Traduction_francais_pour_v1.5.4.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\NEO\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\DivXInstaller.exe c:\Documents and Settings\NEO\Bureau\Raccourcis Bureau non utilisés\kerio-personal-firewall_kerio_personal_firewall_4.3.268_francais_11071.exe c:\Documents and Settings\NEO\Bureau\WinISO\WinISO v5.3.exe c:\Documents and Settings\NEO\Bureau\WinISO\WinISO_crk.exe c:\Documents and Settings\NEO\Mes documents\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\blindman.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\SpybotSD.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\TeaTimer.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\unins000.exe c:\Documents and Settings\NEO\Mes documents\Spybot - Search & Destroy\Update.exe c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules407\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules409\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules40c\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules410\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules413\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules415\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules419\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModules816\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMlr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMsr7J.dll c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon MP170 Series Printer\LanguageModulesc0a\CNMur7J.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\USMT\iconlib.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll c:\Documents and Settings\NEO\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll c:\Documents and Settings\NEO\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll Liste des drivers... < Microsoft ® Windows ® version 5.1 (num'ro 2600). < 4 30 2007 17:25:43.500 < Pilote charg' \WINDOWS\system32\ntoskrnl.exe < Pilote charg' \WINDOWS\system32\hal.dll < Pilote charg' \WINDOWS\system32\KDCOM.DLL < Pilote charg' \WINDOWS\system32\BOOTVID.dll < Pilote charg' ACPI.sys < Pilote charg' \WINDOWS\System32\DRIVERS\WMILIB.SYS < Pilote charg' pci.sys < Pilote charg' isapnp.sys < Pilote charg' intelide.sys < Pilote charg' \WINDOWS\System32\DRIVERS\PCIIDEX.SYS < Pilote charg' MountMgr.sys < Pilote charg' ftdisk.sys < Pilote charg' dmload.sys < Pilote charg' dmio.sys < Pilote charg' PartMgr.sys < Pilote charg' VolSnap.sys < Pilote charg' atapi.sys < Pilote charg' disk.sys < Pilote charg' \WINDOWS\System32\DRIVERS\CLASSPNP.SYS < Pilote charg' sr.sys < Pilote charg' PxHelp20.sys < Pilote charg' KSecDD.sys < Pilote charg' Ntfs.sys < Pilote charg' NDIS.sys < Pilote charg' Mup.sys < Pilote charg' \SystemRoot\System32\DRIVERS\i81xnt5.sys < Pilote charg' \SystemRoot\System32\DRIVERS\e100b325.sys < Pilote charg' \SystemRoot\System32\DRIVERS\i8042prt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\mouclass.sys < Pilote charg' \SystemRoot\System32\DRIVERS\kbdclass.sys < Pilote charg' \SystemRoot\System32\DRIVERS\parport.sys < Pilote charg' \SystemRoot\System32\DRIVERS\serial.sys < Pilote charg' \SystemRoot\System32\DRIVERS\serenum.sys < Pilote charg' \SystemRoot\System32\DRIVERS\fdc.sys < Pilote charg' \SystemRoot\System32\DRIVERS\cdrom.sys < Pilote charg' \SystemRoot\System32\DRIVERS\redbook.sys < Pilote charg' \SystemRoot\System32\DRIVERS\usbuhci.sys < Pilote charg' \SystemRoot\system32\drivers\ac97intc.sys < Pilote charg' \SystemRoot\System32\DRIVERS\p3.sys < Pilote charg' \SystemRoot\System32\DRIVERS\audstub.sys < Pilote charg' \SystemRoot\System32\DRIVERS\rasl2tp.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ndistapi.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ndiswan.sys < Pilote charg' \SystemRoot\System32\DRIVERS\raspppoe.sys < Pilote charg' \SystemRoot\System32\DRIVERS\raspptp.sys < Pilote charg' \SystemRoot\System32\DRIVERS\msgpc.sys < Pilote charg' \SystemRoot\System32\DRIVERS\psched.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ptilink.sys < Pilote charg' \SystemRoot\System32\DRIVERS\raspti.sys < Pilote charg' \SystemRoot\System32\DRIVERS\rdpdr.sys < Pilote charg' \SystemRoot\System32\DRIVERS\termdd.sys < Pilote charg' \SystemRoot\System32\DRIVERS\swenum.sys < Pilote charg' \SystemRoot\System32\DRIVERS\update.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wCh7xxNT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV04nt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV03nt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV02NT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wATV01nt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wVchNTxx.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wSiINTxx.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wADV05NT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wADV02NT.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wADV01nt.sys < Pilote charg' \SystemRoot\System32\Drivers\NDProxy.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\NDProxy.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\flpydisk.sys < Pilote charg' \SystemRoot\System32\DRIVERS\usbhub.sys < Pilote charg' \SystemRoot\System32\DRIVERS\zd1211Bu.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\lbrtfdc.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Sfloppy.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\i2omgmt.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Changer.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Cdaudio.SYS < Pilote charg' \SystemRoot\System32\Drivers\Fs_Rec.SYS < Pilote charg' \SystemRoot\System32\Drivers\Null.SYS < Pilote charg' \SystemRoot\System32\Drivers\Beep.SYS < Pilote charg' \SystemRoot\System32\drivers\vga.sys < Pilote charg' \SystemRoot\System32\Drivers\mnmdd.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\RDPCDD.sys < Pilote charg' \SystemRoot\system32\drivers\fwdrv.sys < Pilote charg' \SystemRoot\System32\Drivers\Msfs.SYS < Pilote charg' \SystemRoot\System32\Drivers\Npfs.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\rasacd.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ipsec.sys < Pilote charg' \SystemRoot\System32\DRIVERS\tcpip.sys < Pilote charg' \SystemRoot\System32\Drivers\aswTdi.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\netbt.sys < Pilote charg' \SystemRoot\System32\DRIVERS\netbios.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\PCIDump.SYS < Pilote charg' \SystemRoot\System32\DRIVERS\rdbss.sys < Pilote charg' \SystemRoot\System32\DRIVERS\mrxsmb.sys < Pilote charg' \SystemRoot\System32\DRIVERS\wanarp.sys < Pilote charg' \SystemRoot\system32\drivers\khips.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\Imapi.SYS < Pilote charg' \SystemRoot\System32\Drivers\Fips.SYS < Pilote charg' \SystemRoot\System32\Drivers\Aavmker4.SYS < Pilote charg' \SystemRoot\System32\Drivers\Cdfs.SYS < Le pilote n'a pas 't' charg' \SystemRoot\System32\Drivers\adildr.sys < Pilote charg' \SystemRoot\System32\drivers\afd.sys < Pilote charg' \SystemRoot\System32\DRIVERS\ndisuio.sys < Le pilote n'a pas 't' charg' \SystemRoot\System32\drivers\afd.sys < Pilote charg' \SystemRoot\System32\Drivers\aswMon2.SYS MERCI POUR TON AIDE!
  13. cayli
    Bonsoir à toute l'équipe Je vais vous exposer mon problème. Depuis quelques temps, le PC familial plante, l'écran s'éteint tout seul, l'UC est à 100% la plupart du temps. J'ai utilisé à plusieurs reprises Spybot, Adware SE personal, mais rien n'y fait, le pc est toujours aussi mal en point. Même avast ne trouve rien. J'ai suivi la procédure péliminaire à toute demande d'analyse du rapport d'hijackthis. Antivir a trouvé un Trojan que j'ai supprimé. Le problème c'est que j'ai l'impression que rien n'a changé, quels fourbes ces malware. Pourriez vous m'aider svp. Merci Voici mon rapport Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 00:27:40, on 30/04/2007 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Hijackthis\hijackthis_hijackthis_1.99.1_anglais_17891.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [Microsoft FixUp] vpiqurle.exe O4 - HKLM\..\Run: [Windows Update] update32.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Workflow] D:\install\Workflow.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\RunServices: [MSN Messenger] msnmrigr.exe O4 - HKLM\..\RunServices: [Laord service] awsdelf.exe O4 - HKLM\..\RunServices: [Microsoft FixUp] vpiqurle.exe O4 - HKLM\..\RunServices: [Windows Update] update32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MSN Messenger] msnmrigr.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: windows kernel 386 (windows kernel) - Unknown owner - C:\WINDOWS\krnl386.exe (file missing) MERCI POUR VOTRE AIDE
  14. cayli
    Bon voilà ce sujet n'a rien de très intéressant mais je voulais tout simplement remercier l'équipe de zebulon.fr pour leur aide précieuse qu'ils nous fournissent lorsqu'on a des gros problèmes avec nos pc. Vous êtes géniaux et vous méritez un post en votre honneur! Moi et mon ordinateur voulons vous dire tout simplement merci! Et que la force soit avec vous
  15. cayli
    Bonsoir à toute l'équipe! J'ai voulu effectué l'entrtien de mon pc en suivant les instructions de Tesgaz sur le site speedweb. J'ai suivi toute la procédure et j'en suis désormais à la phase Disk CleanUp pour ensuite procéder à la défragmentation du PC avec le logiciel O&O Degrag. Etant novice en informatique, j'espère ne pas avoir fait de gaffe en suivant scrupuleusement à la lettre les instructions de Tesgaz. Bon voilà mon problème j'en suis à 99% avec Disk CleanUp que j'ai mis sur pause tellement j'ai peur du résultat. Il me reste à peu près 68.10M et windows ne cesse de me signaler qu'il ne me reste preque plus de place sur mon espace disque, ce qui n'a pas le don de me rassurer. en fait j'ai peur! D'autre part je tente désespérément de télécharger O&O Defrag mais je n'y arrive pas. Je suis vraiment désespérée. Merci pour vos réponse.
  16. cayli
    Bonjour tout le monde. Bon voilà, un autre problème est apparu, il s'appelle Error Safe. Et pourtnat j'ai laché IE pour Mozilla mais la saleté a réussi à déjoué les pièges. J'ai lu sur le forum qu'il était proche de winfixer. J'ai lancé en mode sans échec spybot puis ad-aware se personal mais ils n'ont rien trouvé. Voilci le rapport de Spybot: Windows Security Center.FirewallDisableNotify: Réglages (Modification du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0 Windows Security Center.AntiVirusDisableNotify: Réglages (Modification du registre, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0 --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2005-09-28 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) 2005-05-31 advcheck.dll (1.0.2.0) 2005-05-31 aports.dll (2.1.0.0) 2005-05-31 borlndmm.dll (7.0.4.453) 2005-05-31 delphimm.dll (7.0.4.453) 2005-05-31 SDHelper.dll (1.4.0.0) 2005-05-31 Tools.dll (2.0.0.2) 2005-05-31 UnzDll.dll (1.73.1.1) 2005-05-31 ZipDll.dll (1.73.2.0) 2006-01-20 Includes\Cookies.sbi (*) 2006-01-20 Includes\Dialer.sbi (*) 2006-01-20 Includes\Hijackers.sbi (*) 2006-01-20 Includes\Keyloggers.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2006-01-20 Includes\Malware.sbi (*) 2006-01-20 Includes\PUPS.sbi (*) 2006-01-20 Includes\Revision.sbi (*) 2006-01-20 Includes\Security.sbi (*) 2006-01-20 Includes\Spybots.sbi (*) 2005-02-17 Includes\Tracks.uti 2006-01-20 Includes\Trojans.sbi (*) Voici le rapport d'ad-aware SE personal: Ad-Aware SE Build 1.06r1 Logfile Created on:jeudi 2 février 2006 14:51:13 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R88 20.01.2006 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):11 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 02-02-2006 14:51:13 - Scan started. (Smart mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 140 ThreadCreationTime : 02-02-2006 13:28:40 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 188 ThreadCreationTime : 02-02-2006 13:28:54 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 212 ThreadCreationTime : 02-02-2006 13:28:58 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 256 ThreadCreationTime : 02-02-2006 13:29:05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Applications Services et Contrôleur InternalName : services.exe LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 268 ThreadCreationTime : 02-02-2006 13:29:05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 416 ThreadCreationTime : 02-02-2006 13:29:10 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 476 ThreadCreationTime : 02-02-2006 13:29:13 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 540 ThreadCreationTime : 02-02-2006 13:29:15 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 776 ThreadCreationTime : 02-02-2006 13:29:51 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Explorateur Windows InternalName : explorer LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : EXPLORER.EXE #:10 [spybotsd.exe] FilePath : C:\Program Files\Spybot - Search & Destroy\ ProcessID : 1444 ThreadCreationTime : 02-02-2006 13:46:37 BasePriority : Normal FileVersion : 1.4.0.3 ProductVersion : 1, 4, 0, 3 ProductName : SpyBot-S&D CompanyName : Safer Networking Limited FileDescription : Spybot - Search & Destroy InternalName : SpybotSD LegalCopyright : © 2000-2005 Patrick M. Kolla / Safer Networking Limited. Alle Rechte vorbehalten. LegalTrademarks : "Spybot" und "Spybot - Search & Destroy" sind registrierte Warenzeichen. OriginalFilename : SpyBotSD.exe Comments : Software zum Entfernen von Spyware und ähnlichen Bedrohungen. #:11 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 1512 ThreadCreationTime : 02-02-2006 13:50:59 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Deep scanning and examining files... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Disk Scan Result for C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Disk Scan Result for C:\DOCUME~1\ELNALA~1\LOCALS~1\Temp\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 906 entries scanned. New critical objects:0 Objects found so far: 0 MRU List Object Recognized! Location: : C:\Documents and Settings\Elna Laetitia\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\microsoft\mediaplayer\medialibraryui Description : last selected node in the microsoft windows media player media library MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\microsoft\mediaplayer\player\settings Description : last open directory used in jasc paint shop pro MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\microsoft\mediaplayer\preferences Description : last search path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start | run MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\realnetworks\realplayer\6.0\preferences Description : list of recent skins in realplayer MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\realnetworks\realplayer\6.0\preferences Description : list of recent clips in realplayer MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\realnetworks\realplayer\6.0\preferences Description : last login time in realplayer MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-3873525758-4162039217-3747042021-1006\software\microsoft\windows media\wmsdk\general Description : windows media sdk Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 11 14:54:03 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:02:49.854 Objects scanned:68436 Objects identified:0 Objects ignored:0 New critical objects:0 J'ai ensuite lancé hijackthis en mode sans échec , voici le rapport: Logfile of HijackThis v1.99.1 Scan saved at 14:59:32, on 02/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.aliceadsl.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [backgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunOnce: [delus] C:\DOCUME~1\ELNALA~1\LOCALS~1\Temp\delus.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\RTE\RTEGPRS.exe" tray O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - Global Startup: CD du logiciel supplémentaire.lnk = ? O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?daf30fb6bd954136bbd3476a74dedc1 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?daf30fb6bd954136bbd3476a74dedc1 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe Est-ce-que vous pourriez m'aider encore une fois à me débrasser ce cette bestiole. Merci. Faute de temps, je n'ai pas encore désinstallé Norton. Je le regrette maintenant. Vive l'inefficacité de ce truc
  17. cayli
    Hello Mister Ingals, j'ai encore une question par rapport à jv16. J'ai suivi la procédure mais c'est normal que la suppression dure si longtemps. Ca doit faire 15 bonnes minutes que la fenetre indique "occupé, veuillez patienter. C'est un bug de jv16? Sinon c'est clair vu les instructions de désinstallation de Norton 2005, il m'en faudra du courage
  18. cayli
    oui j'ai désactivé puis réactivé la restauration système je vais procéder à la désinstallation de norton. merci Euh avant de faire une betise, je ne devais pas nettoyer mon registre avec jv16?
  19. cayli
    En fait si j'ai bien compris j'efface les éléments de sauvegarde dans Norton Antivirus Quarantine? Euh et je ne connais pas la version de Norton. J'ai acheté mon pc l'année dernière je présume que c'est la dernière version. (ça se trouve je dis n'importequoi )
  20. cayli
    Au secours il me reste encore des trojans; En tout cas un grand MERCI pour ton aide. Voilà le rapport de kaspersky: ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER - RAPPORT samedi 28 janvier 2006 17:35:08 Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Version de Kaspersky On-line Scanner: 5.0.78.0 Dernière mise à jour de la base antivirus Kaspersky : 28/01/2006 Enregistrements dans la base antivirus Kaspersky : 163015 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: standard Analyser les archives: vrai Analyser les bases de messagerie.: vrai Cible de l'analyse - Poste de travail: C:\ D:\ Statistiques de l'analyse: Total d'objets analysés :: 79476 Nombre de virus trouvés: 4 Nombre d'objets infectés: 11 Nombre d'objets suspects: 0 Durée de l'analyse: 00:58:18 Nom de l'objet infecté / Nom du virus / Dernière action C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\13C4631C.fr4 Infecté: Trojan-Downloader.Win32.Dyfuca.dt ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\13C4631C.fr6 Infecté: Trojan-Downloader.Win32.Dyfuca.gen ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1CDE3AB4.dll Infecté: Trojan-Downloader.Win32.Dyfuca.gen ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\27734053.exe Infecté: Trojan.Win32.Dialer.eg ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2D8B5A89.exe Infecté: Trojan.Win32.Dialer.eg ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3CEB74E5.dll Infecté: Trojan-Downloader.Win32.Dyfuca.dt ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3CEB74E5.exe Infecté: Trojan.Win32.Small.cy ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\47F75DB4.exe Infecté: Trojan.Win32.Small.cy ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\52081340.dll Infecté: Trojan-Downloader.Win32.Dyfuca.dt ignoré C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6ED1750B.dll Infecté: Trojan-Downloader.Win32.Dyfuca.gen ignoré C:\System Volume Information\_restore{E92664F3-D946-4EF2-B89C-ACACA4457F7A}\RP276\A0036794.exe Infecté: Trojan.Win32.Small.cy ignoré Analyse terminée.
  21. cayli
    Ok merci. Voici le rapport de regsearch: REGEDIT4 ; Registry Search by Bobbi Flekman © 2005 ; Version: 1.0.2.4 ; Results at 28/01/2006 15:42:02 for strings: ; 'urllauncher.urllaunchercontrol' ; 'urlsearch.urlsearch' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log...
  22. cayli
    Euh où est ce que je dois faire des recherches pour URLLauncher.URLLauncherControl et URLSearch.URLSearch (j'ai un peu de mal moi )
  23. cayli
    Voici le rapport de registrysearch. Il est long quand même je trouve: REGEDIT4 ; Registry Search by Bobbi Flekman © 2005 ; Version: 1.0.2.4 ; Results at 28/01/2006 04:02:06 for strings: ; 'powerstrip' ; 'adrotator.application' ; 'kbbar.kbbarband' ; 'jawa32' ; 'lm' ; 'presentia' ; 'slmss' ; 'linkmaker.linkmakerfilter' ; '{6a6e50dc-bfa8-4b40-ab1b-59e03e829fd}' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\MultifunctionAdapter\0\RealModeIrqRoutingTable] [HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\MultifunctionAdapter\0\RealModeIrqRoutingTable\0] [HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\7.0\Installer] "ReinstallMode"="omus" [HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\Desktop\CPTemplate\20339] "GlobalMessages"=hex:01,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\Desktop\CPTemplate\20347] "GlobalMessages"=hex:01,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\Desktop\CPTemplate\20348] "GlobalMessages"=hex:01,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\Desktop\{549BA8DB-A841-4BD4-A123-F5B049069199}] "GlobalMessages"=hex:01,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\Desktop\{C81C67CA-B737-4C8B-A56C-64FB80F728F4}] "GlobalMessages"=hex:01,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.elm] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.elm] @="ELMFile" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rm] "Content Type"="application/vnd.rn-realmedia" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rms] "Content Type"="application/vnd.rn-realmedia-secure" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rmvb] "Content Type"="application/vnd.rn-realmedia-vbr" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\realmon.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\RealPlay.exe\SupportedTypes] ".lmsff"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager] @="CddbURLManager Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager\CurVer] @="CDDBControl.CddbURLManager.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager.1] @="CddbURLManager Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControl.CddbURLManager.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager] @="CddbURLManager Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager\CurVer] @="CDDBControlApple.CddbURLManager.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager.1] @="CddbURLManager Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDDBControlApple.CddbURLManager.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{027713F2-5FA8-11d2-875B-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{027713F2-5FA8-11d2-875B-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06B81C12-A5DA-340D-AFF7-FA1453FBC29A}] @="System.Security.Policy.AllMembershipCondition" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06B81C12-A5DA-340D-AFF7-FA1453FBC29A}\InprocServer32] "Class"="System.Security.Policy.AllMembershipCondition" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06B81C12-A5DA-340D-AFF7-FA1453FBC29A}\InprocServer32\1.0.5000.0] "Class"="System.Security.Policy.AllMembershipCondition" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06B81C12-A5DA-340D-AFF7-FA1453FBC29A}\ProgId] @="System.Security.Policy.AllMembershipCondition" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0968e258-16c7-4dba-aa86-462dd61e31a3}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{183C259A-0480-11d1-87EA-00C04FC29D46}] @="LM Runtime Control" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{183C259A-0480-11d1-87EA-00C04FC29D46}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{183C259A-0480-11d1-87EA-00C04FC29D46}\ProgID] @="LM.LMReader.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{183C259A-0480-11d1-87EA-00C04FC29D46}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{183C259A-0480-11d1-87EA-00C04FC29D46}\VersionIndependentProgID] @="LM.LMReader" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F9F18A3-EFC0-3913-84A5-90678A4A9A80}] @="System.Security.Cryptography.RijndaelManaged" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F9F18A3-EFC0-3913-84A5-90678A4A9A80}\InprocServer32] "Class"="System.Security.Cryptography.RijndaelManaged" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F9F18A3-EFC0-3913-84A5-90678A4A9A80}\InprocServer32\1.0.5000.0] "Class"="System.Security.Cryptography.RijndaelManaged" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F9F18A3-EFC0-3913-84A5-90678A4A9A80}\ProgId] @="System.Security.Cryptography.RijndaelManaged" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{294e25e0-e52a-43c1-8b95-22b55027ff16}] @="CAudioChannelMap Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{294e25e0-e52a-43c1-8b95-22b55027ff16}\ProgID] @="DMO.AudioChannelMap.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{294e25e0-e52a-43c1-8b95-22b55027ff16}\VersionIndependentProgID] @="DMO.AudioChannelMap" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3845A174-EB30-11D1-9A23-00A0C879FE5F}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3845A174-EB30-11D1-9A23-00A0C879FE5F}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A6069B2-1B69-11D2-A099-00A0C9B6359A}] @="FPXMIXFilter.EdgeCoolMaskProc" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A6069B2-1B69-11D2-A099-00A0C9B6359A}\ProgID] @="FPXMIXFilter.EdgeCoolMaskProc.3" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A6069B2-1B69-11D2-A099-00A0C9B6359A}\VersionIndependentProgID] @="FPXMIXFilter.EdgeCoolMaskProc" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3dd53d40-7b8b-11D0-b013-00aa0059ce02}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54274112-7A5E-11d2-875F-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54274112-7A5E-11d2-875F-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54c37cd0-d944-11d0-a9f4-006097942311}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58A2E406-8304-11D2-9533-0060b0C3C4F4}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58A2E406-8304-11D2-9533-0060b0C3C4F4}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60664caf-af0d-0005-a300-5c7d25ff22a0}\ProgID] @="Shell.LocalMachine.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60664caf-af0d-0005-a300-5c7d25ff22a0}\VersionIndependentProgID] @="Shell.LocalMachine" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE3061-736C-11D2-A5E8-00A0C967A25F}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE3061-736C-11D2-A5E8-00A0C967A25F}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7170F2E0-9BE3-11D0-A009-00AA00B605A4}\ProgID] @="termmgr.TerminalManager" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7170F2E0-9BE3-11D0-A009-00AA00B605A4}\VersionIndependentProgID] @="termmgr.TerminalManager" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7312c0a0-a397-4a19-b432-9ac90c4466af}] @="CddbURLManager Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7312c0a0-a397-4a19-b432-9ac90c4466af}\ProgID] @="CDDBControlApple.CddbURLManager.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7312c0a0-a397-4a19-b432-9ac90c4466af}\VersionIndependentProgID] @="CDDBControlApple.CddbURLManager" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{754FF233-5D4E-11d2-875B-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{754FF233-5D4E-11d2-875B-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e0-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e2-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e3-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e4-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e5-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e6-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9e7-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9f1-baf9-11ce-8c82-00aa004ba90b}] @="URLMoniker ProxyStub Factory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9f1-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79eac9f2-baf9-11ce-8c82-00aa004ba90b}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b8a2d95-0ac9-11d1-896c-00c04Fb6bfc4}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}\InprocServer32] @="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\OFFICE11\\MSOXMLMF.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80F49562-6A9A-11d2-875F-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80F49562-6A9A-11d2-875F-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8f6b0360-b80d-11d0-a9b3-006097942311}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1A9404-6CA9-11D3-B053-00C04F4C0826}] @="CddbURLManager Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1A9404-6CA9-11D3-B053-00C04F4C0826}\ProgID] @="CDDBControl.CddbURLManager.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF1A9404-6CA9-11D3-B053-00C04F4C0826}\VersionIndependentProgID] @="CDDBControl.CddbURLManager" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1549E58-3894-11D2-BB7F-00A0C999C4C1}] @="LM Behavior Factory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1549E58-3894-11D2-BB7F-00A0C999C4C1}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1549E58-3894-11D2-BB7F-00A0C999C4C1}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B15B8DC0-C7E1-11d0-8680-00AA00BDCB71}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA60F742-6F72-11d2-875F-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA60F742-6F72-11d2-875F-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB339A46-7C49-11d2-9BF3-00C04FA34789}] @="LM Auto Effect Behaivor" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB339A46-7C49-11d2-9BF3-00C04FA34789}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB339A46-7C49-11d2-9BF3-00C04FA34789}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C533ADF1-0C80-11D1-8C54-00A02468F316}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C533ADF1-0C80-11D1-8C54-00A02468F316}\ProgID] @="LiquidMotion.LMEngine.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C533ADF1-0C80-11D1-8C54-00A02468F316}\VersionIndependentProgID] @="LiquidMotion.LMEngine" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5B86F32-69EE-11d2-875F-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5B86F32-69EE-11d2-875F-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c733e4af-576e-11d0-b28c-00c04fd7cd22}\InprocServer32] @="C:\\WINDOWS\\system32\\urlmon.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E80353D3-677D-11d2-875E-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E80353D3-677D-11d2-875E-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecabafb5-7f19-11d2-978e-0000f8757e2a}] @="PoolMgr Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecabafb5-7f19-11d2-978e-0000f8757e2a}\ProgID] @="COMSVCS.PoolMgr.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecabafb5-7f19-11d2-978e-0000f8757e2a}\VersionIndependentProgID] @="COMSVCS.PoolMgr" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDB03D2-6E99-11d2-875F-00A0C93C09B3}\InprocServer32] @="C:\\WINDOWS\\system32\\lmrt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDB03D2-6E99-11d2-875F-00A0C93C09B3}\ToolboxBitmap32] @="C:\\WINDOWS\\system32\\lmrt.dll, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COMSVCS.PoolMgr] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COMSVCS.PoolMgr] @="PoolMgr Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COMSVCS.PoolMgr\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COMSVCS.PoolMgr\CurVer] @="COMSVCS.PoolMgr.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COMSVCS.PoolMgr.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COMSVCS.PoolMgr.1] @="PoolMgr Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\COMSVCS.PoolMgr.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap] @="CAudioChannelMap Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap\CurVer] @="DMO.AudioChannelMap.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap.1] @="CAudioChannelMap Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DMO.AudioChannelMap.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ELMFile] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ELMFile\DefaultIcon] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FPXMIXFilter.EdgeCoolMaskProc] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FPXMIXFilter.EdgeCoolMaskProc] @="FPXMIXFilter.EdgeCoolMaskProc" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FPXMIXFilter.EdgeCoolMaskProc\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FPXMIXFilter.EdgeCoolMaskProc.3] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FPXMIXFilter.EdgeCoolMaskProc.3] @="FPXMIXFilter.EdgeCoolMaskProc" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FPXMIXFilter.EdgeCoolMaskProc.3\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00000026-0000-0000-C000-000000000046}] @="IUrlMon" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{04B825B1-AC9A-4F7B-B5AD-C7168F1EE445}] @="ITfFnLMInternal" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{107045D0-06E0-11D2-8D6D-00C04F8EF8E0}] @="IDXTMetaBurnFilm" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{183C2599-0480-11D1-87EA-00C04FC29D46}] @="ILMReader" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{25C72EB0-E437-3F17-946D-3B72A3ACFF37}] @="ISymbolMethod" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F203-98B5-11CF-BB82-00AA00BDCE0B}] @="IHTMLMetaElement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F266-98B5-11CF-BB82-00AA00BDCE0B}] @="IHTMLMapElement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F2B5-98B5-11CF-BB82-00AA00BDCE0B}] @="IHTMLMarqueeElement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F2B8-98B5-11CF-BB82-00AA00BDCE0B}] @="HTMLMarqueeElementEvents" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F3BA-98B5-11CF-BB82-00AA00BDCE0B}] @="HTMLMapEvents" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F3FC-98B5-11CF-BB82-00AA00BDCE0B}] @="IHTMLMimeTypesCollection" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F517-98B5-11CF-BB82-00AA00BDCE0B}] @="DispHTMLMetaElement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F526-98B5-11CF-BB82-00AA00BDCE0B}] @="DispHTMLMapElement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F527-98B5-11CF-BB82-00AA00BDCE0B}] @="DispHTMLMarqueeElement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F5E4-98B5-11CF-BB82-00AA00BDCE0B}] @="IHTMLModelessInit" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F61E-98B5-11CF-BB82-00AA00BDCE0B}] @="HTMLMapEvents2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F61F-98B5-11CF-BB82-00AA00BDCE0B}] @="HTMLMarqueeElementEvents2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3050F81F-98B5-11CF-BB82-00AA00BDCE0B}] @="IHTMLMetaElement2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{427EA9D3-11D8-3E38-9E05-A4F7FA684183}] @="_RijndaelManaged" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{57CA332D-7BC2-44F1-A60C-936FE8D7CE73}] @="ITLegacyCallMediaControl2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{60664CAF-AF0D-1005-A300-5C7D25FF22A0}] @="ILocalMachine" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{686D9E60-FF11-11D1-BABD-00A0C999C4C0}] @="ILMEngine2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6EC88CF8-A41B-11D2-9349-0000F875AE17}] @="IInternalMemberObj" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7A6DE760-FF0E-11D1-BABD-00A0C999C4C0}] @="ILMReader2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7AFBF8E7-AC4B-4082-B058-890899D3A010}] @="ITfFnLMProcessor" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8E6E0954-33CE-4945-ACF7-6728D23B2067}] @="ISAFRemoteDesktopChannelMgr" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{99F01720-3CC2-366D-9AB9-50E36647617F}] @="_AllMembershipCondition" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF1A9403-6CA9-11D3-B053-00C04F4C0826}] @="ICddbURLManager" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B1549E57-3894-11D2-BB7F-00A0C999C4C1}] @="ILMBehaviorFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B2A46902-74E0-11D2-9BEE-00C04FA34789}] @="ILMAutoEffectBvr" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B90EFAA6-25E4-33D2-ACA3-94BF74DC4AB9}] @="IMethodCallMessage" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BB7A158D-DBD9-3E13-B137-8E61E87E1128}] @="_UrlMembershipCondition" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C533ADF0-0C80-11D1-8C54-00A02468F316}] @="ILMEngine" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C9614D78-10EA-3310-87EA-821B70632898}] @="_MethodCallMessageWrapper" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D4236675-A5BF-4570-9D42-5D6D7B02D59B}] @="ITfLMLattice" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D624582F-CC23-4436-B8A5-47C625C8045D}] @="ITLegacyCallMediaControl" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DFCB7ACE-E98B-11D0-B00C-00A0C90D6124}] @="ICalMonthCtrl" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EF926E1F-3EE7-32BC-8B01-C6E98C24BC19}] @="_InternalMessageWrapper" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA28E3AF-7D09-31D5-BEEB-7F2626497CDE}] @="IConstructionCallMessage" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF36B87F-EC3A-11D0-8EE4-00C04FB6809F}] @="ITCallMediaEvent" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LiquidMotion.LMEngine] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LiquidMotion.LMEngine\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LiquidMotion.LMEngine.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LiquidMotion.LMEngine.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.AutoEffectBvr] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.AutoEffectBvr] @="LM Auto Effect Behavior" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.AutoEffectBvr\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.AutoEffectBvr\CurVer] @="LM.AutoEffectBvr.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.AutoEffectBvr.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.AutoEffectBvr.1] @="LM Auto Effect Behavior" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.AutoEffectBvr.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMBehaviorFactory] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMBehaviorFactory] @="LM Behavior Factory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMBehaviorFactory\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMBehaviorFactory\CurVer] @="LM.LMBehaviorFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMBehaviorFactory.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMBehaviorFactory.1] @="LM Behavior Factory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMBehaviorFactory.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMReader] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMReader] @="LM Runtime Control" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMReader\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMReader\CurVer] @="LM.LMReader.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMReader.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMReader.1] @="LM Runtime Control" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LM.LMReader.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/vnd.rn-realmedia] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/vnd.rn-realmedia-secure] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/vnd.rn-realmedia-vbr] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RealPlayer.qt.6] @="Film QuickTime" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell.LocalMachine] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell.LocalMachine\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell.LocalMachine\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell.LocalMachine\CurVer] @="Shell.LocalMachine.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell.LocalMachine.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell.LocalMachine.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Multimedia\Components\Installed\DRM_DRM10\CriticalTo\Registry0] @="HKLM,Software\\Microsoft\\Multimedia\\Components\\DRM\\References" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\RealNetworks\Gemini\0.1\Preferences\PluginHandlerData\PluginInfo0] @="{PluginFilename~Sgct23201.dll~ComponentCLSID~XQH3lPnIR1BGVIwDQtxQWiQ==}{PluginFilename~Sgct23201.dll~ComponentCLSID~Xgny3XaugdkSObWS2WDj03w==}{PluginFilename~Sgct23201.dll~ComponentCLSID~XoAeOu/I5CUOG84VLTV44Yg==}{ComponentName~Shttp://ns.real.com/gemini.v1:pagecontrol~PluginFilename~Sgct23201.dll~ComponentCLSID~XANYTojxj1BGDDQDQt3LynQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:page~PluginFilename~Sgct23201.dll~ComponentCLSID~XxT03JF0MwUCgTffzxlBycg==}{ComponentName~Shttp://ns.real.com/gemini.v1:wizard~PluginFilename~Sgct23201.dll~ComponentCLSID~X5CIwrBdn4E2lcNBrl9O6Tg==}{ComponentName~Shttp://ns.real.com/gemini.v1:wizardpages~PluginFilename~Sgct23201.dll~ComponentCLSID~XUgZoyayvq0adJNmjbZzn3g==}{PluginFilename~Sgct23201.dll~ComponentCLSID~XxS3v8m4Xq0G3puw46Y9RJw==}{PluginFilename~Sgct23201.dll~ComponentCLSID~XbF7coL0ThEi9r552f7jDfA==}{PluginFilename~Sgct23201.dll~ComponentCLSID~XCCNMXSQkR0mmU2fzP5Mthw==}{ComponentName~Shttp://ns.real.com/gemini.v1:CloseActor~PluginFilename~Sgema3201.dll~ComponentCLSID~X7YY8kHra0xGU7gDQtxA1UA==}{ComponentName~Shttp://ns.real.com/gemini.v1:RCAMinimizeActor~PluginFilename~Sgema3201.dll~ComponentCLSID~XXVteWuLTNEmOVB+azVYRgg==}{ComponentName~Shttp://ns.real.com/gemini.v1:RCAMaximizeActor~PluginFilename~Sgema3201.dll~ComponentCLSID~Xu0zQkWdswUiuhZN/7bB/yg==}{ComponentName~Shttp://ns.real.com/gemini.v1:dragactor~PluginFilename~Sgema3201.dll~ComponentCLSID~Xa4O2GBSZik2uTXO+2tiWhw==}{PluginFilename~Sgema3201.dll~ComponentCLSID~XGHQWub3CeEOqDDSz+2pF3Q==}{ComponentName~Shttp://ns.real.com/gemini.v1:SkinSwitchActor~PluginFilename~Sgema3201.dll~ComponentCLSID~XAUHCcTdmG0uU1VbtemkgUA==}{PluginFilename~Sgema3201.dll~ComponentCLSID~XwGi80LkJ1BGVCwDQtxAxsg==}{ComponentName~Shttp://ns.real.com/gemini.v1:PageControlActor~PluginFilename~Sgema3201.dll~ComponentCLSID~XcMcGfXEt1BGC0gDQt3LynQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:PageControlManager~PluginFilename~Sgema3201.dll~ComponentCLSID~X0OoTsMgv1BGC0wDQt3LynQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:showhideactor~PluginFilename~Sgema3201.dll~ComponentCLSID~XsM4B9vhdpUWIM7qrpuoN5w==}{ComponentName~Shttp://ns.real.com/gemini.v1:contextmenuactor~PluginFilename~Sgema3201.dll~ComponentCLSID~X3I/dngvQu0ys6M00jnDZwA==}{PluginFilename~Sgema3201.dll~ComponentCLSID~XUF1EX0I71BGVdwCQJ2IV7g==}{ComponentName~Shttp://ns.real.com/gemini.v1:scrollablearea~PluginFilename~Sgemx3201.dll~ComponentCLSID~XVs/tO9p7K0qQ1OqPpX7wgA==}{ComponentName~Shttp://ns.real.com/gemini.v1:grid~PluginFilename~Sgemx3201.dll~ComponentCLSID~XKRgvm88PgkyAuBlUpOy6IA==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridcolumn~PluginFilename~Sgemx3201.dll~ComponentCLSID~XpDrAZtaPsUKOUWj0MUTbJg==}{ComponentName~Shttp://ns.real.com/gemini.v1:subgridcolumn~PluginFilename~Sgemx3201.dll~ComponentCLSID~X56UHkxGGH062d8JJ/Gv6gA==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridheaderbutton~PluginFilename~Sgemx3201.dll~ComponentCLSID~XMWh0Wp581RGTZQDQt0neQg==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridtextfieldchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~XqLWzZ1qFv0Cq3WgRLRrdhA==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridedittextfieldchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~X/5O9AeZCt0OwEZgawzwjyw==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridrangecontrolchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~XTSPiWKJtbESyHTHp+R7zeA==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridtextpercentchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~XaCDLBlA2nUuO4M9B7IpNow==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridtextenumchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~XFzPmp4k3aUyZRoWm10WY6w==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridimageenumchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~X/0NmWVflhEeOITFNHD9cKw==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridtextfilesizechannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~Xht3ywgVhyEmavIunK+DcCg==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridvisiblecondchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~XHw+GbtS5EkS+SKAHfX6DCg==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridenabledcondchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~XwyOprOlog0+QNOMUC8Ih1w==}{ComponentName~Shttp://ns.real.com/gemini.v1:gridtextcliplengthchannel~PluginFilename~Sgemx3201.dll~ComponentCLSID~Xx+hsMSGsQU6GIye6JKcQ/A==}{ComponentName~Shttp://ns.real.com/gemini.v1:toasterwindow~PluginFilename~Sgemx3201.dll~ComponentCLSID~XWiiinKIaH0KPCSD55Tm4KQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:listcontrol~PluginFilename~Sgemx3201.dll~ComponentCLSID~XUN8oX0ml1BGVyACQJ2IV7g==}{ComponentName~Shttp://ns.real.com/gemini.v1:listentry~PluginFilename~Sgemx3201.dll~ComponentCLSID~XYJ8mi0Sp1BGVzACQJ2IV7g==}{ComponentName~Shttp://ns.real.com/gemini.v1:listarea~PluginFilename~Sgemx3201.dll~ComponentCLSID~XUGQfUl2s1BGV0gCQJ2IV7g==}{ComponentName~Shttp://ns.real.com/gemini.v1:spinneredittext~PluginFilename~Sgemx3201.dll~ComponentCLSID~Xsuy/kd4pa0mpUJJXdwo+dA==}{ComponentName~Shttp://ns.real.com/gemini.v1:compositeslider~PluginFilename~Sgemx3201.dll~ComponentCLSID~XmCuH9KTPjE+VhlThDG9ZCA==}{ComponentName~Shttp://ns.real.com/gemini.v1:compositeslidertrack~PluginFilename~Sgemx3201.dll~ComponentCLSID~XqJmLAilcyUCUsKIBcuJkqw==}{ComponentName~Shttp://ns.real.com/gemini.v1:compositesliderthumb~PluginFilename~Sgemx3201.dll~ComponentCLSID~Xub0c2ISh30mMLOV/OCpW3w==}{ComponentName~Shttp://ns.real.com/gemini.v1:delegatingpushbutton~PluginFilename~Sgemx3201.dll~ComponentCLSID~Xltlbg+QTvEi2DLsRUgVpbg==}{ComponentName~Shttp://ns.real.com/gemini.v1:containerarea~PluginFilename~Sgemx3201.dll~ComponentCLSID~XEE2oFG0D1RGTKgACswfx4w==}{PluginFilename~Sgemx3201.dll~ComponentCLSID~XAuwsmEQg1BGt2wDQtwd23Q==}{ComponentName~Shttp://ns.real.com/gemini.v1:animationcontrol~PluginFilename~Sgemx3201.dll~ComponentCLSID~Xk4LfzGtrBUa8ar5L7vZIGA==}{ComponentName~Shttp://ns.real.com/gemini.v1:tabcontrolitem~PluginFilename~Sgemx3201.dll~ComponentCLSID~XrniTRfM1sUmzCzpMCve5vA==}{ComponentName~Shttp://ns.real.com/gemini.v1:nativechecklistbox~PluginFilename~Sgemx3201.dll~ComponentCLSID~XgSRJg90P1BGVIwDQtxQWiQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:nativetreecontrol~PluginFilename~Sgemx3201.dll~ComponentCLSID~XYEi7Q2/w0xGVDADQtxQWiQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:nativetabcontrol~PluginFilename~Sgemx3201.dll~ComponentCLSID~XYpDAWiRBWkeOe6/taqcFjw==}{ComponentName~Shttp://ns.real.com/gemini.v1:nativelistviewcontrol~PluginFilename~Sgemx3201.dll~ComponentCLSID~XycNsVrW5zkCLNndggh2G/w==}{ComponentName~Shttp://ns.real.com/gemini.v1:nativeheadercontrol~PluginFilename~Sgemx3201.dll~ComponentCLSID~XIIms6Xjx0xGVDQDQtxQWiQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:nativehtmlwindow~PluginFilename~Sgemx3201.dll~ComponentCLSID~XYOBjet350xGVDgDQtxQWiQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:nativeshellbrowser~PluginFilename~Sgemx3201.dll~ComponentCLSID~Xz54ogXNTE02NVMh0zJ9iSw==}{PluginFilename~Slocd3210.dll~ComponentCLSID~XOuo+6X5T70SIxZUtI+X6pg==}{PluginFilename~Slocd3210.dll~ComponentCLSID~XUtkdWG9Rlki+svUqznoyQw==}{PluginFilename~Slocd3210.dll~ComponentCLSID~XQcDz3NePE0GRtf/k7fE/NQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:popoutpage~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XyWhLl5RVlE6auBgX5XD0VQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:rppushbutton~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XyfnJ0Xt3x0CBrlsOpVqBFg==}{ComponentName~Shttp://ns.real.com/gemini.v1:navigatoractor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XgfkGr3rA1BG1fADQt0wtXA==}{ComponentName~Shttp://ns.real.com/gemini.v1:rplayoutmanageractor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~Xyd0ZUSdm/0iFq1K824phbA==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpverticallayout~PluginFilename~Srpcontrols1.dll~ComponentCLSID~X5KySQKHsNE+EgWbS27dJ1g==}{ComponentName~Shttp://ns.real.com/gemini.v1:rphorizontallayout~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XBs1Dh5j6qkG24meMU1ECPw==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpstateactor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XB4/ajQ2C7UmPrMgwTDkLQg==}{ComponentName~Shttp://ns.real.com/gemini.v1:variableexpression~PluginFilename~Srpcontrols1.dll~ComponentCLSID~Xxf5Fri03mEazhBWPAu9d6w==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpwindowactor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XM5JWOPloBU64elT3FaBC7g==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpboundscheckactor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XzzxFvJHlF0WbzY38golEcA==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpdockablewindowactor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XmDx9u/hH5kyT0QkP4rSyJw==}{ComponentName~Shttp://ns.real.com/gemini.v1:navigator~PluginFilename~Srpcontrols1.dll~ComponentCLSID~Xb3Vi3Xy8Z0uPamcOLSXpDg==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpdraghandle~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XxaAZfJPz9UO+FVOxkgRdfA==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpstatictext~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XFBqbhQsClU6VSvuSRQDJeQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpstaticimage~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XANACki/fbUq3jj1ygti7tg==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpspacer~PluginFilename~Srpcontrols1.dll~ComponentCLSID~X6KhzuJN0JkK8GhDdzbET/Q==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpbuttonbar~PluginFilename~Srpcontrols1.dll~ComponentCLSID~Xvwe3KKST9UywYSoxeGuNzQ==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpchevronactor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XtYa94WbHyUSsdGD84ITm7w==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpmenuactor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~Xr7BqnMhDlECvYSis0ztfHw==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpresizeactor~PluginFilename~Srpcontrols1.dll~ComponentCLSID~X7pAyXJiTrUO5GvM1O/olBA==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpwindow~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XUU83RnRasU6PpKf0GVTj1w==}{ComponentName~Shttp://ns.real.com/gemini.v1:rpdialog~PluginFilename~Srpcontrols1.dll~ComponentCLSID~XUU8" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\RealNetworks\MiniHelixSDK\6.0\Preferences\PluginHandlerData\FileInfo0] @="{3gppttrenderer.dll,32BA0388B05C6B9C2E828231A763A158,0,45125,1}{aacff.dll,943D467CE1EE0796F258D2958C777582,0,69689,1}{amrff.dll,7246593A18332464CDC6196A06F75DB5,0,36921,1}{audplin.dll,2BF3A5BDD16C25070732E050F086517A,1,86075,7}{authmgr.dll,980A0B66D8ED7136B54E97F54148970F,0,49207,1}{camtasf.dll,CBDE9E151565B3616C8702C6E6158085,0,49152,1}{camtasr.dll,71AA3C20C518FF4E93E1422097127F0C,0,65536,1}{cdda3260.dll,EEDC4A74CCD53A95DD1BA17C6DD0661E,1,36909,2}{clbascauth.dll,EEE9A009A9C86AF58588F878544639E9,0,41023,1}{clntxres.dll,F829322468EB3D927F7E831A8DCCB184,0,53296,1}{cont3260.dll,7DA95353D9CD2A04A8B0E0D517D2EDD1,0,69677,1}{CRFFPLIN.DLL,0D8984A8933E609B5F5E86C7762274CC,0,122880,1}{CRRENDER.DLL,246E1A995613F0896746BF6A2BB2F48E,0,262144,1}{fpsechnd.dll,78852D6C37F844C4CA7311D9DCD8C170,0,233472,1}{h261rend.dll,115268AAFE6D3B5D1DE192424D3DC01A,0,323646,1}{h263render.dll,D685E8576118C4CA7BDC79AE36FED1CB,0,110656,1}{httpfsys.dll,92A9A6D9D98616A7B0B47E18B6A42648,1,172084,2}{hxsdp.dll,034A22F14E1CC012336E87A039A9F291,0,41006,1}{hxxml.dll,313296140BF3B9BA1DF64FB224D9FC9D,0,86065,1}{imgrender.dll,7D7261E106B303AA8A944115177B0E2C,1,528445,16}{memfsys.dll,E5A7C3D2B133F5267D656596EB2F723C,0,77877,1}{mp3fformat.dll,4176A8D92F93B2B2C11E001712821444,0,45118,1}{mp3metaff.dll,5985B975BC3C895CA0B3F6CA9349BF67,0,65596,1}{mp3render.dll,2E7EEB557D0E479A2139BE9B6D6C234D,0,151614,1}{mp4arender.dll,93F0A67F087C722EEDC8C347E219A97E,0,127045,1}{mp4fformat.dll,66AF67B35F1A55B26E8347131396014A,0,73790,1}{mp4wrtr.dll,60114B615F0586D7B98D383C680CA9E2,0,98366,1}{mpgfformat.dll,EFEAD08CD0296AE75435637C9F1A56AE,0,69694,1}{mpgrender.dll,B25839AE8B50ADBAE22141046078F2D3,0,172094,1}{ntlmauth.dll,1CE2E7E70709E1BF02052A7C050C7BC6,0,45116,1}{pacplin.dll,B6C282A3EC7D5A5760813BB8F1B1D70C,0,360501,1}{pdgenxferfsys.dll,24E877F1BCD3F1CD89D668201BB27DF3,0,73783,1}{plusplin.dll,A2D167E006AA546F40886CD4B7780C7E,0,57398,1}{pxcb3210.dll,F40FC9FFE5C04D746F30A0273794A6D0,1,41003,2}{ramfformat.dll,87F0FD5A85CAA7EFCE1335AF44F966A3,0,45118,1}{ramrender.dll,CD2ACE72E598C94867754CC573179F26,0,57406,1}{rarender.dll,2F673E2339401E9A8CFDEA39931C2BFB,0,151618,1}{recf3260.dll,0D802F8E1B28C03BA91810AAE181A914,0,36909,1}{riffmt.dll,FC2ED159E929ED77B6C73794C67B6A87,0,40960,1}{riren.dll,7F14BBFA02B4F84D3379005E558ABB0A,0,126976,1}{rmfformat.dll,32F7014826C576AD0113F2D0618CC4B5,0,176191,1}{rmwrtr.dll,9901F01E4E046CF3441FF1E11BA3E80E,0,282684,1}{rmxfpln.dll,A5F1C7E641AA547A42DD617AE76A6A74,0,65579,1}{rmxrend.dll,8741B69D15353FFA6C15A1BEE2811889,0,106538,1}{rn5auth.dll,5FA1155922A072D8370E7E43C48ABFF1,0,45114,1}{rtfformat.dll,1107677C01C168B94C15651FBC48D394,0,110657,1}{rtrender.dll,D22F2CF40366D18819F9D42AEEF0AA65,0,122942,1}{rvrender.dll,03BD64A86006957E942B5D90C31B027A,1,172096,2}{scwatch.dll,33532AD73E24F91C0FE2259FCB303293,0,225366,1}{scwtchff.dll,EC2B76E2FEE3FF5782ABEB2476095956,0,172122,1}{sdpplin.dll,2A0B5B09ADBC26D70ABA030744B565E5,1,45111,2}{security.dll,B4800E46BEA7D60F2A9A7B9359180B3A,0,45103,1}{smlfformat.dll,599CD8C73D6596F6BE57F7C7FB441A87,0,61503,1}{smlrender.dll,B2D4124C43634B0DDC9B964694B8CBD6,1,528444,4}{smmrender.dll,15BE781B98C94A88ADC3390FC6B0D86B,0,57412,1}{smplfsys.dll,CB0103ED5BF4EC13A5F9313D2229802D,0,69685,1}{stubdrm.dll,B2B2B82B7BFB0D7C6009632FB771C714,1,32818,3}{swfformat.dll,1EF24DD63E26B1B735F0F51DB7FEAEF7,0,94274,1}{swfrender.dll,964190B923AFE2D147D84B3F5E2DA5B8,0,614464,1}{tfilesys.dll,E0FC8A03626EC14BA7E19ACC5D370697,0,57389,1}{vidplin.dll,D94932FC35470863D2A05E05550C4037,1,167995,3}{vidsite.dll,75E77B8889A6C694087DD681E706E711,0,376881,1}{vsrcplin.dll,CC15D0F77ED13420FF8CF22D417EFC51,1,135230,3}{vsrlocal.dll,6E848B65BF754F552FF017BEA00D8A90,0,94270,1}{wm9fformat.dll,5CEE4D235D1FC46A800B71BE243212A1,1,176128,2}{wm9writer.dll,A28C8587AA8CFC1A722498DDBEC0A9D9,0,28719,1}{wmsechnd.dll,53AC7897967718CB21733187333BEDB5,0,180224,1}{zipf3260.dll,649FBAB0326600B2F77715A36DE356A2,0,163883,1}3913" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\RealNetworks\MiniHelixSDK\6.0\Preferences\PluginHandlerData\PluginInfo1] @="x DNA XML Parser Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Shxxml.dll~PluginType~SPLUGIN_CLASS_FACT}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610611481~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA JPEG File Format Plugin~FileExtensions~Sjpg|jpeg|jpe|jfif~FileMime~Simage/jpeg~FileOpenNames~SJPEG Images (*.jpg)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N1~LoadMultiple~N1~Renderer_Granularity~N100~Version~N-1610611670~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA JPEG Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Sapplication/vnd.rn-jpegstream}{IndexNumber~N2~LoadMultiple~N1~Version~N-1610611466~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA GIF File Format Plugin~FileExtensions~Sgif~FileMime~Simage/gif~FileOpenNames~SGIF File Format (*.gif)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N3~LoadMultiple~N1~Renderer_Granularity~N1000~Version~N-1610611655~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA GIF Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Sapplication/vnd.rn-gifstream|application/vnd.rn-gifstream2|application/vnd.rn-gifstream3}{IndexNumber~N4~LoadMultiple~N1~Version~N-1610611483~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA PNG File Format Plugin~FileExtensions~Spng~FileMime~Simage/png~FileOpenNames~SPNG Images (*.png)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N5~LoadMultiple~N1~Renderer_Granularity~N200~Version~N-1610611674~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA PNG Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Sapplication/vnd.rn-pngstream}{IndexNumber~N6~LoadMultiple~N1~Version~N-1610611485~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix File Format Plugin~FileExtensions~Srp~FileMime~Sapplication/vnd.rn-realpix|image/vnd.rn-realpix~FileOpenNames~SRealPix (*.rp)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N7~LoadMultiple~N1~Renderer_Granularity~N33~Version~N-1610611676~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Sapplication/vnd.rn-realpixstream|application/vnd.rn-realpixstream2}{IndexNumber~N8~LoadMultiple~N1~Version~N-1610611485~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix JPEG File Format Codec Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll}{IndexNumber~N9~LoadMultiple~N1~Version~N-1610611485~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix JPEG Renderer Codec Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll}{IndexNumber~N10~LoadMultiple~N1~Version~N-1610611485~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix GIF File Format Codec Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll}{IndexNumber~N11~LoadMultiple~N1~Version~N-1610611485~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix GIF Renderer Codec Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll}{IndexNumber~N12~LoadMultiple~N1~Version~N-1610611485~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix PNG File Format Codec Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll}{IndexNumber~N13~LoadMultiple~N1~Version~N-1610611485~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealPix PNG Renderer Codec Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll}{IndexNumber~N14~LoadMultiple~N1~Version~N-1610612216~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA WBMP File Format Plugin~FileExtensions~Swbmp~FileMime~Simage/x-wap.wbmp~FileOpenNames~SWireless BMP Images (*.wbmp)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N15~LoadMultiple~N1~Renderer_Granularity~N200~Version~N-1610612227~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA Wireless BMP Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Simgrender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Sapplication/vnd.rn-wbmpstream}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610612063~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA Memory File System~FileProtocol~Smem~FileShort~Spn-memory~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smemfsys.dll~PluginType~SPLUGIN_FILE_SYSTEM}{IndexNumber~N0~LoadMultiple~N1~Version~N0~Copyright~SCopyright© RealNetworks, Inc. 1999-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA MP3 File Format Plugin~FileExtensions~Smp3|mp2|mpa|mp1|mpga|mpg|mpeg|mpv|dat~FileMime~Saudio/rn-mpeg|audio/mpeg|audio/mpg|audio/mp3|audio/x-mpeg|audio/x-mpg|audio/x-mp3~FileOpenNames~SMPEG Audio Files (.mp3;.mp2;.mpa;.mp1;.mpga)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smp3fformat.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610612065~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealMedia MP3 Playlist File Format Plugin~FileExtensions~Sm3u|pls|xpl~FileMime~Saudio/mpegurl|audio/x-mpegurl|audio/scpls|audio/x-scpls~FileOpenNames~SMP3 Playlist Files (*.m3u,*.pls,*.xpl)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smp3metaff.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N50~Version~N0~Copyright~SCopyright© 1999-2004 RealNetworks, Inc. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelixDNA MP3 Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smp3render.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Saudio/X-MP3-draft-00|audio/X-MP3-draft-00-RN|audio/MPEG-ELEMENTARY|audio/MPEG-ELEMENTARY-RN|audio/MPEG-ELEMENTARY-RAW|audio/rn-mpeg|audio/mpa-robust|audio/MPA|audio/mp1s|audio/mp2p|audio/vnd.rn-mp1s|audio/vnd.rn-mp2p}{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N100~Version~N-1610611798~Copyright~SCopyright© RealNetworks, Inc. 2003-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA MPEG-4 Audio Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smp4arender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Saudio/X-RN-3GPP-QCELP|audio/QCELP|audio/X-RN-MP4-RAWAU|audio/x-ralf-mpeg4-generic|audio/MP4A-LATM|audio/mpeg4-simple-A2|audio/mpeg4-generic|audio/X-HX-AAC-GENERIC|audio/X-RN-3GPP-AMR|audio/AMR|audio/X-RN-3GPP-AMR-WB|audio/AMR-WB}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610610331~Copyright~SCopyright© RealNetworks, Inc. 2003-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA Mpeg4 File Format Plugin~FileExtensions~Smov|qt|mp4|3gp|3g2|m4a~FileMime~Sapplication/x-pn-quicktime-stream|audio/3gpp|video/3gpp~FileOpenNames~SQuickTime Files (*.mov, *.qt)|MP4 Files (*.mp4)|3GPP-MP4 Files (*.3gp, *.3g2)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smp4fformat.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~V" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\RealNetworks\MiniHelixSDK\6.0\Preferences\PluginHandlerData\PluginInfo2] ~Description~SRealNetworks MP4 File Writer Plugin~FileExtensions~Sm4a|mp4|m4p~FileMime~Saudio/X-RN-MP4-RAWAU|audio/X-RN-M4P-encrypted~FileOpenNames~SMP4 Files (.mp4;.m4a;.m4p)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smp4wrtr.dll~PluginType~SPLUGIN_FILE_WRITER}{IndexNumber~N0~LoadMultiple~N1~Version~N0~Copyright~SCopyright© RealNetworks, Inc. 2003-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA MPEG File Format Plugin~FileExtensions~Smpa|mpg|mpeg|mpv|mps|m2v|m1v|mpe~FileMime~Svideo/mpeg|video/mpg|video/x-mpeg|video/x-mpg~FileOpenNames~SMPEG Files (.mpg;.mpeg;.mpv;.m2v;.mps;.m1v;.mpe)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smpgfformat.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N20~Version~N0~Copyright~SCopyright© RealNetworks, Inc. 2003-2004. All rights reserved.~Description~SRealNetworks MPEG Video Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Smpgrender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Svideo/MPV|video/mp1s|dummy|video/vnd.rn-mpv|video/vnd.rn-mp1s|dummy}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610612074~Copyright~SCopyright© RealNetworks, Inc. 1995-2004, All rights reserved.~Description~SRealNetworks NTLM Authenticator~PlgCopy~Shttp://www.real.com~PluginFilename~Sntlmauth.dll}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610612053~Copyright~SCopyright© RealNetworks, Inc. 1995-2004, All rights reserved.~Description~SRealNetworks PAC Plugin~PlgCopy~Shttp://www.real.com~PluginFilename~Spacplin.dll~PluginType~SPLUGIN_PAC}{IndexNumber~N0~LoadMultiple~N1~Version~N0~Copyright~S© 2003 RealNetworks, All rights reserved.~Description~SPD Genxfer API File System~FileProtocol~Spdfs~FileShort~Srn-pdfs~PlgCopy~Shttp://www.real.com~PluginFilename~Spdgenxferfsys.dll~PluginType~SPLUGIN_FILE_SYSTEM}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610612053~Copyright~SCopyright© RealNetworks, Inc. 1995-2004, All rights reserved.~Description~SRealNetworks PlusURL File Format Plugin~FileExtensions~S~FileMime~Sapplication/x-pn-plusurl~FileOpenNames~SPlus URL File Format~PlgCopy~Shttp://www.real.com~PluginFilename~Splusplin.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Version~N268439235~Copyright~S© 1995-2002 RealNetworks, Inc. All rights reserved.~Description~SRealNetworks RealPix BMP File Format Codec Plugin~PlgCopy~Shttp://www.real.com~PluginFilename~Spxcb3210.dll}{IndexNumber~N1~LoadMultiple~N1~Version~N268439235~Copyright~S© 1995-2002 RealNetworks, Inc. All rights reserved.~Description~SRealNetworks RealPix BMP Renderer Codec Plugin~PlgCopy~Shttp://www.real.com~PluginFilename~Spxcb3210.dll}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610610807~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealMedia Meta File Format Plugin~FileExtensions~Sram|rmm|mns~FileMime~Sapplication/ram|audio/x-musicnet-stream~FileOpenNames~SRAM Meta File (*.ram, *.rmm, *.mns)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Sramfformat.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N0~Version~N-1610610813~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RAM Driver Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Sramrender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Sapplication/ram}{Bandwidth.000~N100~Bandwidth.001~N50~Bandwidth.002~N40~Bandwidth.003~N25~Bandwidth.004~N20~Bandwidth.005~N20~Bandwidth.006~N36~Bandwidth.007~N15~Bandwidth.008~N10~Bandwidth.009~N10~Bandwidth.010~N8~Bandwidth.011~N6~Bandwidth.012~N18~Bandwidth.013~N7~CodecCount~N14~IndexNumber~N0~LoadMultiple~N1~Priority.000~N100~Priority.001~N50~Priority.002~N40~Priority.003~N25~Priority.004~N21~Priority.005~N20~Priority.006~N19~Priority.007~N15~Priority.008~N11~Priority.009~N10~Priority.010~N9~Priority.011~N8~Priority.012~N7~Priority.013~N6~Renderer_Granularity~N100~Version~N-1610611375~Copyright~SCopyright© 1995-2004 RealNetworks, Inc. All rights reserved. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\RealNetworks\MiniHelixSDK\6.0\Preferences\PluginHandlerData\PluginInfo2] ~Description~SRealNetworks RealAudio Renderer Plugin~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Srarender.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Saudio/x-pn-realaudio|audio/x-pn-multirate-realaudio|audio/x-pn-multirate-realaudio-live~Codec.000~Bdnet~Codec.001~Bdnet~Codec.002~Bdnet~Codec.003~Bdnet~Codec.004~Bsipr~Codec.005~Bdnet~Codec.006~B28_8~Codec.007~Bdnet~Codec.008~Bsipr~Codec.009~Bdnet~Codec.010~Bsipr~Codec.011~Bsipr~Codec.012~BlpcJ~Codec.013~B05_6}{IndexNumber~N0~LoadMultiple~N1~Version~N1610615383~Copyright~S© 1995,1996,1997 RealNetworks, All rights reserved.~Description~SRecord File Format Plugin~FileExtensions~Srec|r1m|r1p~FileMime~Sapplication/x-pn-recordfileformat~FileOpenNames~SRecord File Format (*.r1m,*.r1p)~PlgCopy~Shttp://www.real.com~PluginFilename~Srecf3260.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Version~N1610612961~Copyright~S© 2000 Virtual Ink Inc., All rights reserved.~Description~Smimio Boardcast file format plugin~FileExtensions~Smbc~FileMime~Sapplication/x-pn-virtualink~FileOpenNames~Smimio Boardcast (*.mbc)~PlgCopy~Shttp://www.mimio.com~PluginFilename~Sriffmt.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadMultiple~N1~Renderer_Granularity~N100~Version~N1610612961~Copyright~S© 2000 Virtual Ink Corperation, All rights reserved.~Description~Smimio Boardcast Plug-in~PlgCopy~Shttp://www.mimio.com~PluginFilename~Sriren.dll~PluginType~SPLUGIN_RENDERER~RendererMime~Sapplication/x-pn-virtualink}{IndexNumber~N0~LoadMultiple~N1~Version~N-1610612736~Copyright~SCopyright© RealNetworks, Inc. 1995-2004. All rights reserved. Source code for this program is available under the RealNetworks Public Source License.~Description~SHelix DNA RealMedia File Format Plugin~FileExtensions~Sra|rm|rmd|rmj|rms|mnd|rmc|rmvb|mns|mrc|rax|rvx|rv~FileMime~Saudio/x-pn-realaudio|application/x-pn-realmedia|video/x-pn-realvideo-encrypted|audio/x-pn-realaudio-encrypted|application/vnd.rn-realmedia-secure|application/x-musicnet-download|application/vnd.rn-realmedia-vbr|application/x-musicnet-stream~FileOpenNames~SRealMedia Files (*.ra, *.rm, *.rmj, *.rms, *.mnd, *.rmc, *.rmvb, *.mns, *.mrc, *.rax, *.rvx, *.rv)~PlgCopy~Shttp://www.helixcommunity.org~PluginFilename~Srmfformat.dll~PluginType~SPLUGIN_FILE_FORMAT}{IndexNumber~N0~LoadM
  24. cayli
    Oui il est apparu. Merci! Voilà je l'ai supprimé et vidé la corbeille
  25. cayli
    Le problème c'est que je ne trouve pas le dossier smdat32m.sys dans WINDOWS. J'ai tapé rechercher mais rien a été trouvé.
×
×
  • Créer...