

Aina
Membres-
Compteur de contenus
66 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Aina
-
[resolu]Generic.xpl.adodb veimpossible à enlever ...
Aina a répondu à un(e) sujet de Aina dans Analyses et éradication malwares
Hello, alors voici le rapport AVG et le rapport hijackthis: Rapport AVG: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 22:25:36 18/12/2006 + Résultat de l'analyse: C:\Documents and Settings\Diera\Application Data\ShopperReports -> Adware.HotBar : Nettoyé. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs -> Adware.HotBar : Nettoyé. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\db -> Adware.HotBar : Nettoyé. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Nettoyé. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\report -> Adware.HotBar : Nettoyé. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Nettoyé. C:\Documents and Settings\Hasina\Local Settings\Temporary Internet Files\Content.IE5\G85520T8\dsendofv[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé. Fin du rapport Rapport Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 12:28:25, on 19/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\WINDOWS\vphc600.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\upgrepl.exe C:\Documents and Settings\Hasina\Bureau\HijackThis.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [phc600] C:\WINDOWS\vphc600.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [PopUp Destroy] C:\Program Files\PopUp Destroy\Popup-Destroy.exe O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: TrayMin.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Sinon je voulais savoir si on pouvait télécharger AVG indéfiniment puisque il me semble que au bout d'un certain il est payant? Merci Bye -
[resolu]Generic.xpl.adodb veimpossible à enlever ...
Aina a posté un sujet dans Analyses et éradication malwares
Bonjour, après une analyse avec bitdefender un virus "generic.xpl.adodb", semble impossible à enlever. Je mets le rapports hijackthis avec ce poste: Logfile of HijackThis v1.99.1 Scan saved at 22:44:07, on 17/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\WINDOWS\vphc600.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\Softwin\BITDEF~1\bdlite.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Hasina\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [phc600] C:\WINDOWS\vphc600.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [PopUp Destroy] C:\Program Files\PopUp Destroy\Popup-Destroy.exe O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: TrayMin.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Merci d'avance à tous ce qui porront m'apporter leur aide. -
Ok, merci pour tout.
-
SALUT !! Bon alors c'est trop bizarre parce que mon ordi des fois tout va bien il se connecte normalement. Et des fois presque un jour sur 2 il met une heure au moins à entré ds la page de démarrage de explorer. Mais le soir vers 19h ça va qd même ms ça dépends, bref jcomprend rien. Pour ad-aware je l'ai enlever et remis alors pareil mon ordi rame pour aller sur internet mais je sais quand meme pas si c'est a cause de l'histoire que je viens de raconter ou le logiciel et sinon il scan plus vite mais bloque plutot vers les 6000 fichiers scan (alors qu'avant c'était vers 8000). Là je l'ai carrément enlever. je sais pas si tu pourrais m'en conseiller un autre. Enfin voila. M J'ai envoyé par erreur trop tôt le post. Je voulais rajouter que avec le scan de bitdefender il n'apparait aucun virus dc je ne comprend pas le "comportement" de l'ordi. Merci @+
-
La suite : <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SpeedTouch USB Diagnostics=>C:\PROGRAM FILES\ALCATEL\SPEEDTOUCH USB\DRAGDIAG.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\WOOWATCH=>C:\PROGRA~1\WANADOO\WATCH.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\WOOTASKBARICON=>C:\PROGRA~1\WANADOO\TASKBARICON.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\phc600=>C:\WINDOWS\VPHC600.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\MessengerPlus3=>C:\PROGRAM FILES\MESSENGERPLUS! 3\MSGPLUS.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\RealTray=>C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\BDSwitchAgent=>C:\PROGRA~1\SOFTWIN\BITDEF~1\BDSWITCH.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\BDMCon=>C:\PROGRA~1\SOFTWIN\BITDEF~1\BDMCON.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\BDOESRV=>C:\PROGRAM FILES\SOFTWIN\BITDEFENDER9\BDOESRV.EXE OK <System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\BDNewsAgent=>C:\PROGRA~1\SOFTWIN\BITDEF~1\BDNAGENT.EXE OK <System>=>HKEY_CLASSES_ROOT\SHELL\SHELL\EXPLORE\COMMAND\=>C:\WINDOWS\EXPLORER.EXE OK <System>=>HKEY_CLASSES_ROOT\SHELL\SHELL\OPEN\COMMAND\=>C:\WINDOWS\EXPLORER.EXE OK <System>=>C:\Documents and Settings\Hasina\Cookies\hasina@yourmedia[1].txt OK <System>=>C:\Documents and Settings\Hasina\Cookies\hasina@bitdefender[2].txt OK <System>=>C:\Documents and Settings\Hasina\Cookies\hasina@tp.msn[3].txt OK <System>=>C:\Documents and Settings\Hasina\Cookies\hasina@rad.msn[1].txt OK <System>=>C:\Documents and Settings\Hasina\Cookies\hasina@msn[2].txt OK <System>=>C:\Documents and Settings\Hasina\Cookies\hasina@zebulon[1].txt OK <System>=>C:\Documents and Settings\Hasina\Cookies\hasina@forum.zebulon[1].txt OK <System>=>C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe (memory dump) OK <System>=>C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe (disk) OK <System>=>C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe (full dump) OK <System>=>C:\WINDOWS\Explorer.EXE (memory dump) OK <System>=>C:\WINDOWS\Explorer.EXE (disk) OK <System>=>C:\WINDOWS\Explorer.EXE (full dump) OK <System>=>C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe (memory dump) OK <System>=>C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe (disk) OK <System>=>C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe (full dump) OK <System>=>C:\Program Files\Apoint\Apoint.exe (memory dump) OK <System>=>C:\Program Files\Apoint\Apoint.exe (disk) OK <System>=>C:\Program Files\Apoint\Apoint.exe (full dump) OK <System>=>C:\Program Files\Apoint\Apntex.exe (memory dump) OK <System>=>C:\Program Files\Apoint\Apntex.exe (disk) OK <System>=>C:\Program Files\Apoint\Apntex.exe (full dump) OK <System>=>C:\WINDOWS\system32\hkcmd.exe (memory dump) OK <System>=>C:\WINDOWS\system32\hkcmd.exe (disk) OK <System>=>C:\WINDOWS\system32\hkcmd.exe (full dump) OK <System>=>C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (memory dump) OK <System>=>C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (disk) OK <System>=>C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (full dump) OK <System>=>C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (memory dump) OK <System>=>C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (disk) OK <System>=>C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (full dump) OK <System>=>C:\Program Files\Dell\QuickSet\quickset.exe (memory dump) OK <System>=>C:\Program Files\Dell\QuickSet\quickset.exe (disk) OK <System>=>C:\Program Files\Dell\QuickSet\quickset.exe (full dump) OK <System>=>C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (memory dump) OK <System>=>C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (disk) OK <System>=>C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (full dump) OK <System>=>C:\WINDOWS\system32\dla\tfswctrl.exe (memory dump) OK <System>=>C:\WINDOWS\system32\dla\tfswctrl.exe (disk) OK <System>=>C:\WINDOWS\system32\dla\tfswctrl.exe (full dump) OK <System>=>C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (memory dump) OK <System>=>C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (disk) OK <System>=>C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (full dump) OK <System>=>C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe (memory dump) OK <System>=>C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe (disk) OK <System>=>C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe (full dump) OK <System>=>C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe (memory dump) OK <System>=>C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe (disk) OK <System>=>C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe (full dump) OK <System>=>C:\PROGRA~1\Wanadoo\TaskbarIcon.exe (memory dump) OK <System>=>C:\PROGRA~1\Wanadoo\TaskbarIcon.exe (disk) OK <System>=>C:\PROGRA~1\Wanadoo\TaskbarIcon.exe (full dump) OK <System>=>C:\WINDOWS\vphc600.exe (memory dump) OK <System>=>C:\WINDOWS\vphc600.exe (disk) OK <System>=>C:\WINDOWS\vphc600.exe (full dump) OK <System>=>C:\Program Files\MessengerPlus! 3\MsgPlus.exe (memory dump) OK <System>=>C:\Program Files\MessengerPlus! 3\MsgPlus.exe (disk) OK <System>=>C:\Program Files\MessengerPlus! 3\MsgPlus.exe (full dump) OK <System>=>C:\Program Files\Real\RealPlayer\RealPlay.exe (memory dump) OK <System>=>C:\Program Files\Real\RealPlayer\RealPlay.exe (disk) OK <System>=>C:\Program Files\Real\RealPlayer\RealPlay.exe (full dump) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdswitch.exe (memory dump) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdswitch.exe (disk) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdswitch.exe (full dump) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdoesrv.exe (memory dump) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdoesrv.exe (disk) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdoesrv.exe (full dump) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdnagent.exe (memory dump) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdnagent.exe (disk) OK <System>=>C:\Program Files\Softwin\BitDefender9\bdnagent.exe (full dump) OK <System>=>C:\WINDOWS\system32\ctfmon.exe (memory dump) OK <System>=>C:\WINDOWS\system32\ctfmon.exe (disk) OK <System>=>C:\WINDOWS\system32\ctfmon.exe (full dump) OK <System>=>C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe (memory dump) OK <System>=>C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe (disk) OK <System>=>C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe (full dump) OK <System>=>C:\Program Files\MSN Messenger\msnmsgr.exe (memory dump) OK <System>=>C:\Program Files\MSN Messenger\msnmsgr.exe (disk) OK <System>=>C:\Program Files\MSN Messenger\msnmsgr.exe (full dump) OK <System>=>C:\Program Files\Digital Line Detect\DLG.exe (memory dump) OK <System>=>C:\Program Files\Digital Line Detect\DLG.exe (disk) OK <System>=>C:\Program Files\Digital Line Detect\DLG.exe (full dump) OK <System>=>C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe (memory dump) OK <System>=>C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe (disk) OK <System>=>C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe (full dump) OK <System>=>C:\PROGRA~1\Softwin\BITDEF~1\bdlite.exe (memory dump) OK <System>=>C:\PROGRA~1\Softwin\BITDEF~1\bdlite.exe (disk) OK <System>=>C:\PROGRA~1\Softwin\BITDEF~1\bdlite.exe (full dump) OK <System>=>C:\PROGRA~1\Softwin\BITDEF~1\bdlite.exe (memory dump) OK <System>=>C:\PROGRA~1\Softwin\BITDEF~1\bdlite.exe (disk) OK <System>=>C:\PROGRA~1\Softwin\BITDEF~1\bdlite.exe (full dump) OK C:\=>Master Boot Record OK C:\=>Primary partition 1 OK C:\=>Primary partition 2 (Active) OK C:\=>Primary partition 3 OK Par contre je sais pas si je me trompe mais à chaque fois que je lance ad-aware mon ordi se bloque et recommence à ramer. Mais c'est peut etre pas à cause de ça. Sauf que j'arrive rarement au bout du scan avec ad-aw pcq a un moment vers 8000 fichiers scannés ils s'arrêtent et je suis obligée de tout refaire. Voilà Merci Bye !!
-
Hello, en fait je parlais du rapport kapersky mais je t'envois les 2 rapports bit defender: //----------------------------------------------------------------- // // Product: BitDefender 9 Internet Security // Version: 9.0 // // Créé le: 01/12/2006 17:29:51 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ Dossiers : 3929 Fichiers : 496739 Archives : 8592 Fichiers empaquetés : 64369 Virus trouvés : 0 Fichiers infectés : 0 Alertes : 0 Fichiers suspects : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers copiés : 0 Fichiers déplacés : 0 Fichiers renommés : 0 Erreurs I/O : 44 Temps d'analyse := 01:00:17 Fichiers/seconde :137 Définitions virus : 345782 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Analyser les archives [X] Analyser les fichiers en paquets [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Copier [ ] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [ ] Copier [X] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [ ] Afficher tous les fichiers dans le journal [X] Fichier journal : C:\Program Files\Softwin\BitDefender9\Logs\vscan_1164990590.log Le deuxième: //----------------------------------------------------------------- // // Product: BitDefender 9 Internet Security // Version: 9.0 // // Créé le: 01/12/2006 17:28:56 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ Dossiers : 0 Fichiers : 61 Archives : 3 Fichiers empaquetés : 0 Virus trouvés : 0 Fichiers infectés : 0 Alertes : 0 Fichiers suspects : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers copiés : 0 Fichiers déplacés : 0 Fichiers renommés : 0 Erreurs I/O : 0 Temps d'analyse := 00:06:37 Fichiers/seconde :0 Statistiques Spywares Processus Mémoire analysés : 28 Processus Mémoire infectés : 0 Clés de registres analysées : 1720 Clés de registres infectés : 0 Cookies analysés : 7 Cookies infectés : 0 Fichiers spyware infectés : 0 Menaces Spyware détectées : 0 Définitions virus : 345782 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Analyser les archives [X] Analyser les fichiers en paquets [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Copier [ ] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [ ] Copier [X] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [X] Afficher tous les fichiers dans le journal [X] Fichier journal : C:\Program Files\Softwin\BitDefender9\Logs\aspyscan_1164990535.log Options d'analyse Spyware [X] Processus mémoire [X] Clés de registres [X] Cookies Fichiers analysés <System> OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\.NET CLR DATA\PERFORMANCE\Library=>C:\WINDOWS\SYSTEM32\NETFXPERF.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\.NET CLR NETWORKING\PERFORMANCE\Library=>C:\WINDOWS\SYSTEM32\NETFXPERF.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\.NETFRAMEWORK\PERFORMANCE\Library=>C:\WINDOWS\SYSTEM32\MSCOREE.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ACPI\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AEC\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AEGISP\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\AEGISP.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ALCAN5WN\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\ALCAN5WN.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ALCAUDSL\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\ALCAUDSL.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ALERTER\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\ALRSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ALERTER\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ALG\ImagePath=>C:\WINDOWS\SYSTEM32\ALG.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\APFILTRSERVICE\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\APFILTR.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\APPMGMT\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ARP1394\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ASP.NET\PERFORMANCE\Library=>C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_ISAPI.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ASP.NET_1.1.4322\PERFORMANCE\Library=>C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_ISAPI.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ASPNET_STATE\ImagePath=>C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_STATE.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ASYNCMAC\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ATAPI\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ATMARPC\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\ATMARPC.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AUDIOSRV\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AUDIOSRV\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AUDSTUB\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AVG ANTI-SPYWARE GUARD\ImagePath=>C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\AVGASCLN\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\AVGASCLN.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BATTC\MofImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\BATTC.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BCM4SBXP\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\BCM4SBXP.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BDFNDISF\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\BDFNDISF.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BDFNDISF\logfile=>C:\PROGRAM FILES\FICHIERS COMMUNS\SOFTWIN\BITDEFENDER FIREWALL\BDFIREWALL.TXT OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BDSS\ImagePath=>C:\PROGRAM FILES\FICHIERS COMMUNS\SOFTWIN\BITDEFENDER SCAN SERVER\BDSS.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\QMGR.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BROWSER\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\BROWSER.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BROWSER\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CCDECODE\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CDROM\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CISVC\ImagePath=>C:\WINDOWS\SYSTEM32\CISVC.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CLIPSRV\ImagePath=>C:\WINDOWS\SYSTEM32\CLIPSRV.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CMBATT\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\COMPBATT\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\COMSYSAPP\ImagePath=>C:\WINDOWS\SYSTEM32\DLLHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENTFILTER\PERFORMANCE\Library=>C:\WINDOWS\SYSTEM32\QUERY.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CONTENTINDEX\PERFORMANCE\Library=>C:\WINDOWS\SYSTEM32\QUERY.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CRYPTSVC\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CRYPTSVC\DisplayName=>C:\WINDOWS\SYSTEM32\SERVICES.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\CRYPTSVC\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DCOMLAUNCH\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\RPCSS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DHCP\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\DHCPCSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DHCP\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DISK\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMADMIN\ImagePath=>C:\WINDOWS\SYSTEM32\DMADMIN.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMBOOT\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMIO\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMLOAD\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMSERVER\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\DMSERVER.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMSERVER\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DMUSIC\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DNSCACHE\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DRMKAUD\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DRVMCDB\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DRVMCDB.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\DRVNDDM\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\DRVNDDM.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\E100B\ImagePath=>C:\WINDOWS\SYSTEM32\DRIVERS\E100B325.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ERSVC\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\ERSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\ERSVC\ImagePath=>C:\WINDOWS\SYSTEM32\SVCHOST.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\.NET RUNTIME\EventMessageFile=>C:\WINDOWS\SYSTEM32\MSCOREE.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\APPLICATION\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\EVENTLOG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\APPLICATION HANG\EventMessageFile=>C:\WINDOWS\SYSTEM32\FAULTREP.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\APPLICATION MANAGEMENT\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ASP.NET 1.1.4322.0\EventMessageFile=>C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\FR\ASPNET_RC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ASP.NET 1.1.4322.0\CategoryMessageFile=>C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\FR\ASPNET_RC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\AUTOCHK\EventMessageFile=>C:\WINDOWS\SYSTEM32\WINLOGON.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\AUTOENROLLMENT\EventMessageFile=>C:\WINDOWS\SYSTEM32\PAUTOENR.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CHKDSK\EventMessageFile=>C:\WINDOWS\SYSTEM32\ULIB.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CI\EventMessageFile=>C:\WINDOWS\SYSTEM32\QUERY.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CI\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\QUERY.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\COM\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\COM+\EventMessageFile=>C:\WINDOWS\SYSTEM32\COMRES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\COM+\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\COMRES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\COM+\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\COMRES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\CRYPT32\EventMessageFile=>C:\WINDOWS\SYSTEM32\CRYPT32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\DISKQUOTA\EventMessageFile=>C:\WINDOWS\SYSTEM32\DSKQUOTA.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\DRWATSON\EventMessageFile=>C:\WINDOWS\SYSTEM32\DRWTSN32.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ESENT\EventMessageFile=>C:\WINDOWS\SYSTEM32\ESENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ESENT\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\ESENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\EVENTSYSTEM\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\COMRES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\EVENTSYSTEM\EventMessageFile=>C:\WINDOWS\SYSTEM32\COMRES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\FILE DEPLOYMENT\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\FOLDER REDIRECTION\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\HELPSVC\EventMessageFile=>C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\HCAPPRES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\LOADPERF\EventMessageFile=>C:\WINDOWS\SYSTEM32\LOADPERF.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MDM\EventMessageFile=>C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MICROSOFT FAX\EventMessageFile=>C:\WINDOWS\SYSTEM32\FXSEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MICROSOFT FAX\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\FXSEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MICROSOFT H.323 TELEPHONY SERVICE PROVIDER\EventMessageFile=>C:\WINDOWS\SYSTEM32\H323.TSP OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MICROSOFT OFFICE 11\EventMessageFile=>C:\PROGRA~1\FICHIE~1\MICROS~1\DW\DW20.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MICROSOFT OFFICE DOCUMENT IMAGING\CategoryMessageFile=>C:\PROGRA~1\FICHIE~1\MICROS~1\MODI\11.0\MSPFILT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MICROSOFT OFFICE DOCUMENT IMAGING\EventMessageFile=>C:\PROGRA~1\FICHIE~1\MICROS~1\MODI\11.0\MSPFILT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MNMSRVC\EventMessageFile=>C:\WINDOWS\SYSTEM32\NMEVTMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MSDMINE\EventMessageFile=>C:\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDMINE.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MSDMINE\CategoryMessageFile=>C:\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDMINE.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MSIINSTALLER\EventMessageFile=>C:\WINDOWS\SYSTEM32\MSI.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MSSOAP\EventMessageFile=>C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSSOAP30.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MSSOAP\CategoryMessageFile=>C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\OFFICE11\MSSOAP30.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\MSSQLSERVER/MSDE\EventMessageFile=>C:\WINDOWS\SYSTEM32\XPSP2RES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\OAKLEY\EventMessageFile=>C:\WINDOWS\SYSTEM32\OAKLEY.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\OFFLINE FILES\EventMessageFile=>C:\WINDOWS\SYSTEM32\CSCUI.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\OUTLOOK\EventMessageFile=>C:\PROGRA~1\FICHIE~1\SYSTEM\MSMAPI\1036\MAPIR.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\PERFCTRS\EventMessageFile=>C:\WINDOWS\SYSTEM32\PERFCTRS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\PERFDISK\EventMessageFile=>C:\WINDOWS\SYSTEM32\PERFDISK.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\PERFLIB\EventMessageFile=>C:\WINDOWS\SYSTEM32\PRFLBMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\PERFMON\EventMessageFile=>C:\WINDOWS\SYSTEM32\PERFMON.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\PERFNET\EventMessageFile=>C:\WINDOWS\SYSTEM32\PERFNET.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\PERFOS\EventMessageFile=>C:\WINDOWS\SYSTEM32\PERFOS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\PERFPROC\EventMessageFile=>C:\WINDOWS\SYSTEM32\PERFPROC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\REMOTE ASSISTANCE\EventMessageFile=>C:\WINDOWS\SYSTEM32\XPSP2RES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SAFRDMS\EventMessageFile=>C:\WINDOWS\SYSTEM32\SAFRDM.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SAFRSLV\EventMessageFile=>C:\WINDOWS\SYSTEM32\SAFRSLV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SCECLI\EventMessageFile=>C:\WINDOWS\SYSTEM32\SCECLI.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SCESRV\EventMessageFile=>C:\WINDOWS\SYSTEM32\SCESRV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SCLGNTFY\EventMessageFile=>C:\WINDOWS\SYSTEM32\SCLGNTFY.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SECURITYCENTER\EventMessageFile=>C:\WINDOWS\SYSTEM32\XPSP2RES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SOFTWARE RESTRICTION POLICIES\EventMessageFile=>C:\WINDOWS\SYSTEM32\NTDLL.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SPOOLERCTRS\EventMessageFile=>C:\WINDOWS\SYSTEM32\WINSPOOL.DRV OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\STARTER\EventMessageFile=>C:\WINDOWS\SYSTEM32\XPSP2RES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SYSMONLOG\EventMessageFile=>C:\WINDOWS\SYSTEM32\SMLOGSVC.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\USERINIT\EventMessageFile=>C:\WINDOWS\SYSTEM32\USERINIT.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\USNSVC\CategoryMessageFile=>C:\PROGRAM FILES\MSN MESSENGER\USNSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\USNSVC\EventMessageFile=>C:\PROGRAM FILES\MSN MESSENGER\USNSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\VBRUNTIME\EventMessageFile=>C:\WINDOWS\SYSTEM32\MSVBVM60.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\VSS\EventMessageFile=>C:\WINDOWS\SYSTEM32\VSSVC.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WEBCLIENT\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WINDOWS 3.1 MIGRATION\EventMessageFile=>C:\WINDOWS\SYSTEM32\ADVAPI32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WINDOWS PRODUCT ACTIVATION\EventMessageFile=>C:\WINDOWS\SYSTEM32\DPCDLL.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WINLOGON\EventMessageFile=>C:\WINDOWS\SYSTEM32\WINLOGON.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WLANKEEPER\EventMessageFile=>C:\PROGRAM FILES\INTEL\WIRELESS\BIN\WLKEEPER.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WMDMPMSN\EventMessageFile=>C:\WINDOWS\SYSTEM32\MSPMSNSV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WMIADAPTER\EventMessageFile=>C:\WINDOWS\SYSTEM32\WBEM\WMIAPRES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WSH\EventMessageFile=>C:\WINDOWS\SYSTEM32\WSHEXT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\DisplayNameFile=>C:\WINDOWS\SYSTEM32\ELS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\File=>C:\WINDOWS\SYSTEM32\CONFIG\APPEVENT.EVT OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\=>C:\WINDOWS\SYSTEM32\MNMSRVC.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\DS\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\MSOBJS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\LSA\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\MSOBJS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\NETDDE OBJECT\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\MSOBJS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\SC MANAGER\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\MSOBJS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\SECURITY\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\MSAUDITE.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\SECURITY\GuidMessageFile=>C:\WINDOWS\SYSTEM32\NTMARTA.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\SECURITY\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\MSOBJS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\SECURITY ACCOUNT MANAGER\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\MSOBJS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\SPOOLER\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\MSOBJS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\DisplayNameFile=>C:\WINDOWS\SYSTEM32\ELS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SECURITY\File=>C:\WINDOWS\SYSTEM32\CONFIG\SECEVENT.EVT OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ABIOSDSK\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ABP480N5\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ADPU160M\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\AHA154X\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\AIC78U2\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\AIC78XX\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ALERTER\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\AMI0NT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\AMSINT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\APPHELP\EventMessageFile=>C:\WINDOWS\SYSTEM32\APPHELP.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ASC\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ASC3350P\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ASC3550\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ASYNCMAC\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ATAPI\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ATDISK\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\BEEP\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\BITS\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\XPOB2RES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\BITS\EventMessageFile=>C:\WINDOWS\SYSTEM32\XPOB2RES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\BROWSER\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CBIDF\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CBIDF2K\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CD20XRNT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CDAUDIO\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CDFS\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CDROM\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CHANGER\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\CPQARRAY\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DAC2W2K\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DAC960NT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DCOM\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DFSDRIVER\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DFSSVC\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DHCP\EventMessageFile=>C:\WINDOWS\SYSTEM32\DHCPCSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DHCP\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DISK\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DISTRIBUTED LINK TRACKING CLIENT\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DMBOOT\EventMessageFile=>C:\WINDOWS\SYSTEM32\DRIVERS\DMBOOT.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DNSAPI\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DNSAPI\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\DPTI2O\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\EFS\EventMessageFile=>C:\WINDOWS\SYSTEM32\LSASRV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\EVENTLOG\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\FASTFAT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\FIPS\EventMessageFile=>C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\FS_REC\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\HPN\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\HTTP\EventMessageFile=>C:\WINDOWS\SYSTEM32\XPSP2RES.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\I2OMGMT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\I2OMP\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IALM\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\INI910U\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IPMGM\EventMessageFile=>C:\WINDOWS\SYSTEM32\RTM.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IPNATHLP\EventMessageFile=>C:\WINDOWS\SYSTEM32\IPNATHLP.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IPROUTERMANAGER\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IPXCP\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IPXRIP\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IPXROUTERMANAGER\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\IPXSAP\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\LDM\EventMessageFile=>C:\WINDOWS\SYSTEM32\DMADMIN.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\LDMS\EventMessageFile=>C:\WINDOWS\SYSTEM32\DMSERVER.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\LSASRV\EventMessageFile=>C:\WINDOWS\SYSTEM32\LSASRV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\LSASRV\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\LSASRV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\MRAID35X\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\MRXDAV\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\MRXSMB\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\MSADLIB\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\MSFS\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\MUP\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NDIS\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NDISIP\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NDISWAN\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NETBIOS\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NETDDE\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETDDE.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NETLOGON\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NETLOGON\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NIC1394\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NPFS\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NTFS\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NTSERVICEPACK\EventMessageFile=>C:\WINDOWS\SYSTEM32\SPMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\NULL\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\PARTMGR\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\PCMCIA\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\PERC2\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\PLUGPLAYMANAGER\EventMessageFile=>C:\WINDOWS\SYSTEM32\UMPNPMGR.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\PPTPMINIPORT\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\PSCHED\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\QL1080\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\QL10WNT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\QL12160\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\QL1240\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\QL1280\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\RASAUTO\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\RASMAN\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\RDBSS\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\REMOTEACCESS\EventMessageFile=>C:\WINDOWS\SYSTEM32\MPRMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\REMOTEACCESS\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\IASSVCS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\RSVP\EventMessageFile=>C:\WINDOWS\SYSTEM32\RSVPMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SAM\EventMessageFile=>C:\WINDOWS\SYSTEM32\SAMSRV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SAVE DUMP\EventMessageFile=>C:\WINDOWS\SYSTEM32\SAVEDUMP.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SCARDSVR\EventMessageFile=>C:\WINDOWS\SYSTEM32\SCARDSVR.EXE OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SCHANNEL\EventMessageFile=>C:\WINDOWS\SYSTEM32\LSASRV.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SCHEDULE\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SCHEDULE\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SCSIPORT\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SERVER\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SERVICE CONTROL MANAGER\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SERVICE CONTROL MANAGER\ParameterMessageFile=>C:\WINDOWS\SYSTEM32\KERNEL32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SERVICE DE STOCKAGE AMOVIBLE\EventMessageFile=>C:\WINDOWS\SYSTEM32\NTMSEVT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SETUP\EventMessageFile=>C:\WINDOWS\SYSTEM32\SYSSETUP.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SFLOPPY\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SIDEBYSIDE\EventMessageFile=>C:\WINDOWS\SYSTEM32\SXS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SIMBAD\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SNDBLST\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SPARROW\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SRSERVICE\EventMessageFile=>C:\WINDOWS\SYSTEM32\SRSVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SRV\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\STILLIMAGE\EventMessageFile=>C:\WINDOWS\SYSTEM32\WIASERVC.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SYMC810\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SYMC8XX\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SYM_HI\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SYM_U3\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SYSTEM\CategoryMessageFile=>C:\WINDOWS\SYSTEM32\EVENTLOG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\SYSTEM ERROR\EventMessageFile=>C:\WINDOWS\SYSTEM32\FAULTREP.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\TCPMON\EventMessageFile=>C:\WINDOWS\SYSTEM32\TCPMON.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\TDI\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\TERMDD\EventMessageFile=>C:\WINDOWS\SYSTEM32\NTDLL.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\TERMSERVDEVICES\EventMessageFile=>C:\WINDOWS\SYSTEM32\WLNOTIFY.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\UDFS\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\ULTRA\EventMessageFile=>C:\WINDOWS\SYSTEM32\IOLOGMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\UPS\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\USER32\EventMessageFile=>C:\WINDOWS\SYSTEM32\USER32.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\W32TIME\EventMessageFile=>C:\WINDOWS\SYSTEM32\W32TIME.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\WANATW\EventMessageFile=>C:\WINDOWS\SYSTEM32\NETEVENT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\WGANOTIFY\EventMessageFile=>C:\WINDOWS\SYSTEM32\SPMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\WIN32K\EventMessageFile=>C:\WINDOWS\SYSTEM32\WIN32K.SYS OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\WINDOWS FILE PROTECTION\EventMessageFile=>C:\WINDOWS\SYSTEM32\SFC_OS.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\WINDOWS INSTALLER 3.1\EventMessageFile=>C:\WINDOWS\SYSTEM32\SPMSG.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\WINDOWS SCRIPT HOST\EventMessageFile=>C:\WINDOWS\SYSTEM32\WSHEXT.DLL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\SYSTEM\WINDOWS UPDATE AGENT\EventMessageFile=>C:\WINDOWS\SYSTEM32\WUAUCPL.CPL OK <System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\
-
Salut, déja merci pour le lien (désinstallation de Norton) ça m'a bien servi et merci en général parce que mon ordi est bcp plus rapide !! Par contre j'arrive pas à envoyé le rapport parce que je tombe sur une page erreur quand j'envoie le poste. En tout cas encore merci pour toute ton aide. Bye
-
re, J'ai pas pu encore finir le scan avec kapersky c'est un peu long mais je le ferais. Par contre avec mon anti virus, j'ai trouvais un virus (trojan.pws.lineage.e) voici le rapport: //----------------------------------------------------------------- // // Product: BitDefender 9 Internet Security // Version: 9.0 // // Créé le: 28/11/2006 19:44:47 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ Dossiers : 4003 Fichiers : 505538 Archives : 8610 Fichiers empaquetés : 66079 Virus trouvés : 1 Fichiers infectés : 1 Alertes : 0 Fichiers suspects : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers copiés : 0 Fichiers déplacés : 1 Fichiers renommés : 0 Erreurs I/O : 37 Temps d'analyse := 01:25:15 Fichiers/seconde :98 Définitions virus : 346051 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Analyser les archives [X] Analyser les fichiers en paquets [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Copier [ ] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [ ] Copier [X] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [ ] Afficher tous les fichiers dans le journal [X] Fichier journal : C:\Program Files\Softwin\BitDefender9\Logs\vscan_1164739487.log Sommaire : C:\Program Files\Symantec\LiveUpdate\LUSETUP.EXE Infecté avec: Trojan.PWS.Lineage.E C:\Program Files\Symantec\LiveUpdate\LUSETUP.EXE Désinfection impossible C:\Program Files\Symantec\LiveUpdate\LUSETUP.EXE Déplacé merci Bye Aina
-
re, alors c'est écrit 248 Mo de RAM. Par contre si je suis obligé de formater est ce que XP restera ou pas. Et sinon j'ai penser acheter un disque dur externe mais jsais pas lequel .... bref sais plus quoi faire. Allez Bye
-
Salut, là je me connnecte d'un autre ordinateur et je peux pas encore poster le rapport de kapersky pcq il a pas fini de le faire. Mais je sais plus quoi faire parce que il est vraiment très très très lent et pas qu'au démarrage. est ce que je dois le formater ? On m'a dit que peut être il devait charger trop de programme au démarrage sauf que comme je l'ai dit ce n'est pas qu'au démarrage qu'il est lent. Si ça peut aider je vais le décrire un peu: C un ordi portable Dell inspiron 6000 pentium M 730 ( 1.60GHz, 2Mo L2 cache, 533MHz FSB) et carte graphique intégrée. Modem interne analogique V.92 56K. j'ai écrit ce que j'ai vu sur la facture. Merci
-
Slt Alors tout d'abord merci d'avoir pris le temps de me poster une procédure aussi détailler ! Je te poste comme tu me l'as demandé le rapport AVG et le nouveau rapport hijackthis: RAPPORT AVG: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 18:59:43 25/11/2006 + Résultat de l'analyse: C:\Documents and Settings\Diera\Application Data\ShopperReports -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Diera\Application Data\ShopperReports\cs -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\db -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\report -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Diera\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Diera\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Erreur lors du nettoyage. C:\Documents and Settings\Invité\Application Data\ShopperReports -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\aggr_storage.xml -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\report\send_storage.xml -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\res2 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\cs\res2\WhiteList.dbs -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1149004657.log -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Invité\Application Data\ShopperReports\shprrprt_1149006915.log -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP201\A0039722.exe -> Adware.Hotbar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbAx -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbAx.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbAx\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButton -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButton.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.IEButton\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HostOI -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HostOI\Mail -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HostOL -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HostOL\Mail -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\HostOL\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\Install\Icons -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\HbTools\Install\Links -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsWebTools -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Common -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Common\Time -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Common\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\EUI -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Install -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Local -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\PI -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg904 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg905 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg911 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg913 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\Weather -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\dynamicFail -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\init -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\links -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\mail -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\options -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HbTools\updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HostOI -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\HostOI\links -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostIE -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostIE\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostOE -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostOE\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostOI -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostOL -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\hostol -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\hostol\Mail -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\hostol\Updates -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\hostol\links -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-662879092-464942106-1309631327-1006\Software\HbTools\hostol\soho -> Adware.HotBar : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP201\A0039697.dll -> Adware.Shopper : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Hasina\Cookies\hasina@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Invité\Cookies\invité@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@ads13.bpath[1].txt -> TrackingCookie.Bpath : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@banner.clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@com[2].txt -> TrackingCookie.Com : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@c.enhance[1].txt -> TrackingCookie.Enhance : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@www.epilot[1].txt -> TrackingCookie.Epilot : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@data2.perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé. C:\Documents and Settings\Hasina\Cookies\hasina@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé. Fin du rapport RAPPORT HIJACKTHIS: Logfile of HijackThis v1.99.1 Scan saved at 19:12:32, on 25/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\WINDOWS\vphc600.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\Documents and Settings\Hasina\Bureau\HijackThis.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [phc600] C:\WINDOWS\vphc600.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [PopUp Destroy] C:\Program Files\PopUp Destroy\Popup-Destroy.exe O4 - HKLM\..\Run: [bDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe" O4 - HKLM\..\Run: [gtceqfdhsi] c:\windows\system32\gtceqfdhsi.exe gtceqfdhsi O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: TrayMin.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Par contre pour la procédure 9 je n'ai pas eu d'avertissement de fusion mais souci pour l'enregistrement dans le fichier C:/ Je sais pas ce que le rapport hijackthis à donner mais lorsuqe j'ai rescanner l'ordi pour les spyware il n'y en avait plus qu'un et par contre il n'y avait plus de virus. (J'ose même pas aller chercher le rapport antivirus parce que j'ai trop peur que ça bug et que j'arrive à poster que ds 1 mois Sauf que mon ordinateur rame toujours autant, rien que pour poster ce message j'ai mis sans exagerer 5h. Voilou Merci
-
Lorsque j'ai desactivé la restauration système de XP voici les rapports du scan (bitdefender) et celui de hijackthis: SCAN ANTIVIRUS: --------------------------------------------------------------- // // Product: BitDefender 9 Internet Security // Version: 9.0 // // Créé le: 24/11/2006 13:43:42 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ Dossiers : 3973 Fichiers : 513858 Archives : 8509 Fichiers empaquetés : 66543 Virus trouvés : 3 Fichiers infectés : 4 Alertes : 0 Fichiers suspects : 0 Fichiers désinfectés : 0 Fichiers effacés : 0 Fichiers copiés : 0 Fichiers déplacés : 0 Fichiers renommés : 0 Erreurs I/O : 42 Temps d'analyse := 02:08:43 Fichiers/seconde :66 Définitions virus : 340404 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Analyser les archives [X] Analyser les fichiers en paquets [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Copier [ ] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [ ] Copier [X] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [ ] Afficher tous les fichiers dans le journal [X] Fichier journal : C:\Program Files\Softwin\BitDefender9\Logs\vscan_1164372222.log Sommaire : C:\Documents and Settings\Invité\Application Data\HbTools\v3.0\HbTools\static\1\country.exe Détecté: Adware.Hotbar.CB C:\Documents and Settings\Invité\Application Data\HbTools\v3.0\HbTools\static\2\country.exe Détecté: Adware.Hotbar.CB C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll Détecté: Adware.Shopper.K C:\WINDOWS\system32\hsrthbqj.exe Détecté: Adware.Hotbar.AW SCAN ANTISPYWARE: //----------------------------------------------------------------- // // Product: BitDefender 9 Internet Security // Version: 9.0 // // Créé le: 24/11/2006 13:43:23 // //----------------------------------------------------------------- Statistiques Chemin cible: C:\ Dossiers : 0 Fichiers : 69 Archives : 3 Fichiers empaquetés : 0 Virus trouvés : 2 Fichiers infectés : 0 Alertes : 0 Fichiers suspects : 0 Fichiers désinfectés : 0 Fichiers effacés : 7 Fichiers copiés : 0 Fichiers déplacés : 0 Fichiers renommés : 0 Erreurs I/O : 0 Temps d'analyse := 00:17:50 Fichiers/seconde :0 Statistiques Spywares Processus Mémoire analysés : 32 Processus Mémoire infectés : 0 Clés de registres analysées : 1790 Clés de registres infectés : 7 Cookies analysés : 1106 Cookies infectés : 0 Fichiers spyware infectés : 0 Menaces Spyware détectées : 2 Définitions virus : 340404 Plugins d'analyse : 16 Plugins archives : 41 Plug-ins décompression : 6 Plug-ins messagerie : 6 Plug-ins système : 5 Options d'analyse Détection [X] Analyser le secteur de boot [X] Analyser les archives [X] Analyser les fichiers en paquets [X] Analyser la messagerie Masque fichiers [ ] Programmes [X] Tous les fichiers [ ] Extensions définies par l'utilisateur: [ ] Exclure les extensions: ; Action Objets infectés [ ] Ignorer [X] Désinfecter [ ] Effacer [ ] Copier [ ] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Seconde action [ ] Ignorer [ ] Effacer [ ] Copier [X] Déplacer dans le dossier infectés [ ] Renommer [ ] Demander l'action Options d'analyse [X] Activer les alertes [X] Activer l'heuristique [X] Afficher tous les fichiers dans le journal [X] Fichier journal : C:\Program Files\Softwin\BitDefender9\Logs\aspyscan_1164372203.log Options d'analyse Spyware [X] Processus mémoire [X] Clés de registres [X] Cookies Sommaire : <System>=>HKEY_CLASSES_ROOT\APPID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} Détecté: HotBar <System>=>HKEY_CLASSES_ROOT\APPID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} Détecté: Hotbar.ShoppingReports <System>=>HKEY_CLASSES_ROOT\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} Détecté: Hotbar.ShoppingReports <System>=>HKEY_CLASSES_ROOT\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} Détecté: HotBar <System>=>HKEY_CLASSES_ROOT\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} Détecté: Hotbar.ShoppingReports <System>=>HKEY_CLASSES_ROOT\CLSID\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} Détecté: HotBar <System>=>HKEY_CLASSES_ROOT\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} Détecté: HotBar <System>=>HKEY_CLASSES_ROOT\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} Effacé <System> Mise à jour impossible HIJACKTHIS: Logfile of HijackThis v1.99.1 Scan saved at 15:55:32, on 24/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Apoint\Apntex.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\WINDOWS\vphc600.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe c:\progra~1\softwin\bitdef~1\bdlite.exe c:\progra~1\softwin\bitdef~1\bdlite.exe c:\progra~1\softwin\bitdef~1\bdlite.exe c:\progra~1\softwin\bitdef~1\bdlite.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Hasina\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [phc600] C:\WINDOWS\vphc600.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [PopUp Destroy] C:\Program Files\PopUp Destroy\Popup-Destroy.exe O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: TrayMin.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Merci d'avance à la personne qui aura le courage de tout décrypter!!
-
Zonk ne fait pas attention à mon dernier poste j'avais oublié d'ouvrir le lien que tu m'a envoyé.
-
Bonjour, alors voici mon rapport: Logfile of HijackThis v1.99.1 Scan saved at 13:01:42, on 24/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Apoint\Apntex.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Wanadoo\TaskbarIcon.exe C:\WINDOWS\vphc600.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Hasina\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Sonic\Sonic Solutions Product CD\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [phc600] C:\WINDOWS\vphc600.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [PopUp Destroy] C:\Program Files\PopUp Destroy\Popup-Destroy.exe O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: TrayMin.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) MERCI!
-
Merci Zonk de ta reponse. Alors mon systm d'ex est bien xp. Mon logiciel est bitdefender (j'ai plus norton). :-?Par contre je ne sais pas comment désactiver la restauration de xp et ni aller en mode sans echec (je sais pas si c'est la meme chose). Bye
-
J'ai 2 problèmes: 1) Lorsque je fais le scan de mon ordi pour verifier les spyware il apparait 2 virus: <System>=>HKEY_CLASSES_ROOT\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} Détecté: Hotbar.ShoppingReports <System>=>HKEY_CLASSES_ROOT\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} Détecté: Hotbar.ShoppingReports <System>=>HKEY_CLASSES_ROOT\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} Détecté: HotBar <System>=>HKEY_CLASSES_ROOT\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} Détecté: Hotbar.ShoppingReports <System>=>HKEY_CLASSES_ROOT\CLSID\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} Détecté: HotBar <System>=>HKEY_CLASSES_ROOT\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} Effacé <System> Mise à jour impossible <System>=>HKEY_CLASSES_ROOT\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} Détecté: HotBar <System>=>HKEY_CLASSES_ROOT\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} Effacé <System> Mise à jour impossible Donc quand je sors l'annalyse de hijackthis effectivement il semble plus prudent que je l'efface Hotbar.ShoppingReports mais le problème c'est qu'il revient toujours et je sais pas pourquoi! 2) A chaque fois que j'ouvre internet ma page d'accueil qui est google mets très très longtps à s'ouvrir alors que si je vais directement à un autre site c'est assez rapide. Merci d'avance à celui/celle qui pourra m'aider