shibani

salut thanos je t'envie un peu j'aimerai bien faire des bonnes actions comme toi un reconnaissant qui te dis mille merci

bonsoir j'ai suivi les instructions et voici le rapport Malwarebytes' Anti-Malware 1.41 Version de la base de données: 2930 Windows 6.1.7600 (Safe Mode) 09/10/2009 18:52:04 mbam-log-2009-10-09 (18-52-04).txt Type de recherche: Examen complet (K:\|) Eléments examinés: 165155 Temps écoulé: 15 minute(s), 30 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) j'ai pas cru mes yeux et j'ai refais une autre recherche tjs. en mode sans échec ca a donné ce rapport Malwarebytes' Anti-Malware 1.41 Version de la base de données: 2930 Windows 6.1.7600 (Safe Mode) 09/10/2009 19:12:32 mbam-log-2009-10-09 (19-12-32).txt Type de recherche: Examen complet (K:\|) Eléments examinés: 165186 Temps écoulé: 14 minute(s), 53 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) bonne nouvelle mais un petit doute quand même alors j'ai refais une dernière analyse en mode normal Malwarebytes' Anti-Malware 1.41 Version de la base de données: 2930 Windows 6.1.7600 09/10/2009 19:45:34 mbam-log-2009-10-09 (19-45-34).txt Type de recherche: Examen complet (K:\|) Eléments examinés: 166845 Temps écoulé: 26 minute(s), 34 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) comment ca se fait ?enfin je veux dire comment ils ont disparu comme ca ?

lors du lancement de RSIT il se bloque et HIjackthis aussi je n'ai eu que ce fichier Logfile of random's system information tool 1.06 (written by random/random) Run by BOSS at 2009-10-08 14:05:56 Microsoft Windows 7 Édition Intégrale System drive K: has 69 GB (57%) free of 120 GB Total RAM: 2046 MB (70% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:05:57, on 08/10/2009 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: K:\Windows\system32\Dwm.exe K:\Windows\Explorer.EXE K:\Program Files\Avira\AntiVir Desktop\avgnt.exe K:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe K:\Program Files\cFosSpeed\cfosspeed.exe K:\Program Files\Java\jre6\bin\jusched.exe K:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe K:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe K:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe K:\Program Files\Mozilla Firefox\firefox.exe K:\Users\BOSS\Desktop\RSIT.exe K:\Program Files\trend micro\BOSS.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer 8 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - K:\Program Files\free-downloads.net\tbfree.dll O1 - Hosts: --------------------------------- O1 - Hosts: | Hosts Optimisé par Hajdar pour | O1 - Hosts: | le bonheur des internautes | O1 - Hosts: | hTTp://AdZHosts.BlogSpot.Com | O1 - Hosts: | | O1 - Hosts: |Merci à tous pour votre soutiens | O1 - Hosts: | | O1 - Hosts: | kakudhajdar@gmail.com | O1 - Hosts: --------------------------------- O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - K:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - K:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - K:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - K:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - K:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - K:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [avgnt] "K:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [LXCFCATS] rundll32 K:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "K:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [cFosSpeed] K:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "K:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RtHDVCpl] K:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "K:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] k:\program files\uniblue\registrybooster\StartRegistryBooster.exe O4 - HKCU\..\Run: [{9B71D88C-C598-4935-C5D1-43AA4DB90836}] K:\Users\BOSS\AppData\Roaming\WinRAR\RarExtB.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] K:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] K:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Download Link Using Mega Manager... - K:\Program Files\Megaupload\Mega Manager\mm_file.htm O13 - Gopher Prefix: O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - K:\Program Files\cFosSpeed\spd.exe O23 - Service: Google Software Updater (gusvc) - Google - K:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: lxcf_device - - K:\Windows\system32\lxcfcoms.exe O23 - Service: MBAMService - Malwarebytes Corporation - K:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Performance Service (nTuneService) - NVIDIA - K:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - K:\Windows\system32\nvvsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - K:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - K:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - K:\Windows\System32\TuneUpDefragService.exe O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - K:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- End of file - 6846 bytes ======Scheduled tasks folder====== K:\Windows\tasks\Maintenance en 1 clic.job K:\Windows\tasks\Malwarebytes' Scheduled Scan for BOSS.job K:\Windows\tasks\Malwarebytes' Scheduled Update for BOSS.job K:\Windows\tasks\SLOW-PCfighter.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-21 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - K:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-21 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}] IeMonitorBho Class - K:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2009-06-29 110592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - K:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-21 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - K:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-26 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}] free-downloads.net Toolbar - K:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-21 256112] {ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - K:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=K:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "LXCFCATS"=rundll32 K:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16 [] "Malwarebytes' Anti-Malware"=K:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176] "cFosSpeed"=K:\Program Files\cFosSpeed\cFosSpeed.exe [2009-03-17 881368] "SunJavaUpdateSched"=K:\Program Files\Java\jre6\bin\jusched.exe [2009-09-26 149280] "RtHDVCpl"=K:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-22 7739936] "Malwarebytes Anti-Malware (reboot)"=K:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Uniblue RegistryBooster 2009"=k:\program files\uniblue\registrybooster\StartRegistryBooster.exe [2008-08-26 99624] "{9B71D88C-C598-4935-C5D1-43AA4DB90836}"=K:\Users\BOSS\AppData\Roaming\WinRAR\RarExtB.exe [2009-10-02 69794] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "AddSearchInternetLinkInStartMenu"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoResolveSearch"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - K:\Windows\System32\Notepad.exe %1 .js - open - K:\Windows\System32\WScript.exe "%1" %* .txt - open - ======List of files/folders created in the last 1 months====== 2009-10-08 14:05:24 ----D---- K:\Program Files\trend micro 2009-10-08 14:05:23 ----D---- K:\rsit 2009-10-07 10:49:06 ----D---- K:\Program Files\Uniblue 2009-10-07 10:48:48 ----HDC---- K:\ProgramData\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151} 2009-10-07 10:28:40 ----D---- K:\Users\BOSS\AppData\Roaming\Uniblue 2009-10-07 09:48:23 ----D---- K:\Program Files\AGEIA Technologies 2009-10-07 09:48:14 ----D---- K:\Program Files\Common Files\Wise Installation Wizard 2009-10-05 23:36:23 ----D---- K:\Windows\system32\RTCOM 2009-10-05 23:36:09 ----A---- K:\Windows\system32\WavesLib.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\SRSWOW.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\SRSTSXT.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\SRSTSHD.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\SRSHP360.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\RtkPgExt.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\RtkCoInst.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\RtkApoApi.dll 2009-10-05 23:36:09 ----A---- K:\Windows\system32\RtkAPO.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\RTEEP32A.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\RTEEL32A.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\RTEEG32A.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\RTEED32A.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\RP3DHT32.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\RP3DAA32.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\MaxxAudioEQ.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\MaxxAudioAPO20.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\MaxxAudioAPO.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\FMAPO.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\AERTARen.dll 2009-10-05 23:36:08 ----A---- K:\Windows\system32\AERTACap.dll 2009-10-05 23:36:04 ----A---- K:\Windows\RtlExUpd.dll 2009-10-05 23:14:28 ----A---- K:\Windows\system32\RtNicProp32.dll 2009-10-05 22:28:52 ----D---- K:\Program Files\Driver-Soft 2009-10-04 16:05:10 ----D---- K:\Program Files\Aspyr 2009-10-04 11:56:40 ----D---- K:\Users\BOSS\AppData\Roaming\WinRAR 2009-10-04 11:56:05 ----D---- K:\Program Files\WinRAR 2009-10-03 10:03:29 ----N---- K:\Windows\system32\MpSigStub.exe 2009-10-03 04:38:12 ----A---- K:\Windows\system32\XAudio2_3.dll 2009-10-03 04:38:12 ----A---- K:\Windows\system32\XAPOFX1_2.dll 2009-10-03 04:38:12 ----A---- K:\Windows\system32\xactengine3_3.dll 2009-10-03 04:38:12 ----A---- K:\Windows\system32\X3DAudio1_5.dll 2009-10-02 13:48:05 ----A---- K:\Windows\system32\wmp.dll 2009-10-02 13:48:03 ----A---- K:\Windows\system32\wmploc.DLL 2009-10-02 13:47:31 ----A---- K:\Windows\system32\winresume.exe 2009-10-02 13:47:31 ----A---- K:\Windows\system32\winload.exe 2009-10-02 13:47:00 ----A---- K:\Windows\system32\CertEnroll.dll 2009-10-02 13:46:28 ----A---- K:\Windows\system32\ntoskrnl.exe 2009-10-02 13:46:28 ----A---- K:\Windows\system32\ntkrnlpa.exe 2009-10-02 13:45:59 ----A---- K:\Windows\system32\msasn1.dll 2009-10-02 13:44:56 ----A---- K:\Windows\system32\mshtml.dll 2009-10-02 13:41:29 ----A---- K:\Windows\explorer.exe 2009-10-02 13:40:53 ----A---- K:\Windows\system32\tzres.dll 2009-10-02 13:39:48 ----A---- K:\Windows\system32\iedkcs32.dll 2009-10-02 13:36:19 ----A---- K:\Windows\system32\rsatclient.dll 2009-10-02 13:34:57 ----A---- K:\Windows\system32\PresentationHostProxy.dll 2009-10-02 13:34:57 ----A---- K:\Windows\system32\PresentationHost.exe 2009-10-02 13:34:57 ----A---- K:\Windows\system32\netfxperf.dll 2009-10-02 13:34:57 ----A---- K:\Windows\system32\mscoree.dll 2009-10-02 13:34:57 ----A---- K:\Windows\system32\dfshim.dll 2009-10-02 13:33:54 ----A---- K:\Windows\system32\halmacpi.dll 2009-10-02 13:33:54 ----A---- K:\Windows\system32\halacpi.dll 2009-10-02 13:33:54 ----A---- K:\Windows\system32\hal.dll 2009-10-02 13:32:48 ----A---- K:\Windows\system32\poqexec.exe 2009-10-02 13:23:35 ----A---- K:\Windows\system32\t2embed.dll 2009-10-02 13:23:35 ----A---- K:\Windows\system32\fontsub.dll 2009-10-02 13:23:35 ----A---- K:\Windows\system32\atmfd.dll 2009-10-02 13:23:06 ----A---- K:\Windows\system32\tquery.dll 2009-10-02 13:23:06 ----A---- K:\Windows\system32\SearchProtocolHost.exe 2009-10-02 13:23:06 ----A---- K:\Windows\system32\SearchIndexer.exe 2009-10-02 13:23:06 ----A---- K:\Windows\system32\SearchFilterHost.exe 2009-10-02 13:23:06 ----A---- K:\Windows\system32\mssvp.dll 2009-10-02 13:23:06 ----A---- K:\Windows\system32\mssrch.dll 2009-10-02 13:23:06 ----A---- K:\Windows\system32\mssphtb.dll 2009-10-02 13:23:06 ----A---- K:\Windows\system32\mssph.dll 2009-10-02 13:23:06 ----A---- K:\Windows\system32\msscntrs.dll 2009-10-02 13:22:39 ----A---- K:\Windows\system32\uxlibres.dll 2009-10-02 13:22:39 ----A---- K:\Windows\system32\spwizres.dll 2009-10-02 13:22:39 ----A---- K:\Windows\system32\spwizimg.dll 2009-10-02 13:22:38 ----A---- K:\Windows\system32\uxlib.dll 2009-10-02 13:22:38 ----A---- K:\Windows\system32\spwizeng.dll 2009-10-02 13:21:17 ----A---- K:\Windows\system32\sxstrace.exe 2009-10-02 13:21:17 ----A---- K:\Windows\system32\sxs.dll 2009-10-02 13:21:17 ----A---- K:\Windows\system32\gdi32.dll 2009-10-02 13:21:17 ----A---- K:\Windows\system32\cdosys.dll 2009-10-02 13:21:16 ----A---- K:\Windows\system32\user32.dll 2009-10-02 13:21:16 ----A---- K:\Windows\system32\comctl32.dll 2009-10-02 13:20:46 ----A---- K:\Windows\system32\notepad.exe 2009-10-02 13:20:46 ----A---- K:\Windows\notepad.exe 2009-10-02 13:09:12 ----D---- K:\ProgramData\DFX 2009-10-02 13:09:10 ----D---- K:\Program Files\DFX 2009-10-02 13:09:10 ----D---- K:\Program Files\Common Files\DFX 2009-10-02 12:04:55 ----D---- K:\Program Files\free-downloads.net 2009-10-02 12:04:55 ----D---- K:\Program Files\Conduit 2009-10-02 12:04:48 ----D---- K:\Program Files\Alcohol Soft 2009-10-02 00:06:52 ----A---- K:\Windows\cFosSpeed_Setup_Log.txt 2009-09-30 14:02:38 ----D---- K:\Program Files\GameGain 2009-09-29 10:06:28 ----D---- K:\Program Files\Common Files\DivX Shared 2009-09-28 07:06:08 ----A---- K:\Windows\system32\d3dx10_41.dll 2009-09-28 07:06:08 ----A---- K:\Windows\system32\D3DCompiler_41.dll 2009-09-28 07:06:06 ----A---- K:\Windows\system32\D3DX9_41.dll 2009-09-28 07:06:04 ----A---- K:\Windows\system32\XAudio2_4.dll 2009-09-28 07:06:04 ----A---- K:\Windows\system32\XAPOFX1_3.dll 2009-09-28 07:06:03 ----A---- K:\Windows\system32\xactengine3_4.dll 2009-09-28 07:06:03 ----A---- K:\Windows\system32\X3DAudio1_6.dll 2009-09-28 07:06:03 ----A---- K:\Windows\system32\d3dx10_40.dll 2009-09-28 07:06:03 ----A---- K:\Windows\system32\D3DCompiler_40.dll 2009-09-28 07:06:02 ----A---- K:\Windows\system32\D3DX9_40.dll 2009-09-28 07:06:01 ----A---- K:\Windows\system32\XAudio2_2.dll 2009-09-28 07:06:01 ----A---- K:\Windows\system32\XAPOFX1_1.dll 2009-09-28 07:06:00 ----A---- K:\Windows\system32\xactengine3_2.dll 2009-09-28 07:06:00 ----A---- K:\Windows\system32\D3DX9_39.dll 2009-09-28 07:06:00 ----A---- K:\Windows\system32\d3dx10_39.dll 2009-09-28 07:06:00 ----A---- K:\Windows\system32\D3DCompiler_39.dll 2009-09-28 07:05:59 ----A---- K:\Windows\system32\XAudio2_1.dll 2009-09-28 07:05:59 ----A---- K:\Windows\system32\XAPOFX1_0.dll 2009-09-28 07:05:59 ----A---- K:\Windows\system32\xactengine3_1.dll 2009-09-28 07:05:59 ----A---- K:\Windows\system32\X3DAudio1_4.dll 2009-09-28 07:05:59 ----A---- K:\Windows\system32\d3dx10_38.dll 2009-09-28 07:05:59 ----A---- K:\Windows\system32\D3DCompiler_38.dll 2009-09-28 07:05:58 ----A---- K:\Windows\system32\D3DX9_38.dll 2009-09-28 07:05:57 ----A---- K:\Windows\system32\XAudio2_0.dll 2009-09-28 07:05:56 ----A---- K:\Windows\system32\xactengine3_0.dll 2009-09-28 07:05:56 ----A---- K:\Windows\system32\X3DAudio1_3.dll 2009-09-28 07:05:55 ----A---- K:\Windows\system32\xactengine2_10.dll 2009-09-28 07:05:53 ----A---- K:\Windows\system32\d3dx9_36.dll 2009-09-28 07:05:53 ----A---- K:\Windows\system32\d3dx10_36.dll 2009-09-28 07:05:53 ----A---- K:\Windows\system32\D3DCompiler_36.dll 2009-09-28 07:05:52 ----A---- K:\Windows\system32\xactengine2_9.dll 2009-09-28 07:05:52 ----A---- K:\Windows\system32\d3dx10_35.dll 2009-09-28 07:05:52 ----A---- K:\Windows\system32\D3DCompiler_35.dll 2009-09-28 07:05:51 ----A---- K:\Windows\system32\xactengine2_8.dll 2009-09-28 07:05:51 ----A---- K:\Windows\system32\X3DAudio1_2.dll 2009-09-28 07:05:51 ----A---- K:\Windows\system32\d3dx9_35.dll 2009-09-28 07:05:50 ----A---- K:\Windows\system32\d3dx9_34.dll 2009-09-28 07:05:50 ----A---- K:\Windows\system32\d3dx10_34.dll 2009-09-28 07:05:50 ----A---- K:\Windows\system32\D3DCompiler_34.dll 2009-09-28 07:05:49 ----A---- K:\Windows\system32\xactengine2_7.dll 2009-09-28 07:05:49 ----A---- K:\Windows\system32\d3dx9_33.dll 2009-09-28 07:05:49 ----A---- K:\Windows\system32\d3dx10_33.dll 2009-09-28 07:05:49 ----A---- K:\Windows\system32\D3DCompiler_33.dll 2009-09-28 07:05:48 ----A---- K:\Windows\system32\xactengine2_6.dll 2009-09-28 07:05:47 ----A---- K:\Windows\system32\xactengine2_5.dll 2009-09-28 07:05:47 ----A---- K:\Windows\system32\d3dx9_32.dll 2009-09-28 07:05:47 ----A---- K:\Windows\system32\d3dx10.dll 2009-09-28 07:05:46 ----A---- K:\Windows\system32\xactengine2_4.dll 2009-09-28 07:05:46 ----A---- K:\Windows\system32\x3daudio1_1.dll 2009-09-28 07:05:46 ----A---- K:\Windows\system32\d3dx9_31.dll 2009-09-28 07:05:43 ----A---- K:\Windows\system32\xinput1_2.dll 2009-09-28 07:05:43 ----A---- K:\Windows\system32\xinput1_1.dll 2009-09-28 07:05:43 ----A---- K:\Windows\system32\xactengine2_3.dll 2009-09-28 07:05:43 ----A---- K:\Windows\system32\xactengine2_2.dll 2009-09-28 07:05:42 ----A---- K:\Windows\system32\xactengine2_1.dll 2009-09-28 07:05:34 ----A---- K:\Windows\system32\d3dx9_30.dll 2009-09-28 07:05:33 ----A---- K:\Windows\system32\xactengine2_0.dll 2009-09-28 07:05:33 ----A---- K:\Windows\system32\x3daudio1_0.dll 2009-09-28 07:05:33 ----A---- K:\Windows\system32\d3dx9_29.dll 2009-09-28 07:05:33 ----A---- K:\Windows\system32\d3dx9_28.dll 2009-09-28 07:05:33 ----A---- K:\Windows\system32\d3dx9_27.dll 2009-09-28 07:05:33 ----A---- K:\Windows\system32\d3dx9_26.dll 2009-09-28 07:05:32 ----A---- K:\Windows\system32\d3dx9_25.dll 2009-09-28 07:05:32 ----A---- K:\Windows\system32\d3dx9_24.dll 2009-09-28 07:05:22 ----D---- K:\Program Files\CAPCOM 2009-09-28 07:05:06 ----A---- K:\Windows\system32\xinput1_3.dll 2009-09-28 07:05:06 ----A---- K:\Windows\system32\D3DX9_37.dll 2009-09-28 07:05:06 ----A---- K:\Windows\system32\d3dx10_37.dll 2009-09-28 07:05:06 ----A---- K:\Windows\system32\D3DCompiler_37.dll 2009-09-28 07:04:30 ----D---- K:\Windows\system32\xlive 2009-09-28 07:04:30 ----D---- K:\Program Files\Microsoft Games for Windows - LIVE 2009-09-28 05:30:18 ----A---- K:\Windows\system32\termsrv.dll.backup 2009-09-28 05:27:07 ----A---- K:\Windows\system32\uxtheme.dll.backup 2009-09-28 05:27:00 ----A---- K:\Windows\system32\themeui.dll.backup 2009-09-28 05:26:56 ----A---- K:\Windows\system32\themeservice.dll.backup 2009-09-28 05:15:54 ----D---- K:\Windows\pss 2009-09-28 01:38:05 ----A---- K:\Windows\system32\TuneUpDefragService.exe 2009-09-26 12:20:49 ----D---- K:\Program Files\cFosSpeed 2009-09-26 12:20:49 ----A---- K:\Windows\system32\cfosspeed.dll 2009-09-26 08:30:04 ----D---- K:\Users\BOSS\AppData\Roaming\VitySoft 2009-09-26 08:29:47 ----A---- K:\Windows\system32\javaws.exe 2009-09-26 08:29:47 ----A---- K:\Windows\system32\javaw.exe 2009-09-26 08:29:47 ----A---- K:\Windows\system32\java.exe 2009-09-26 08:29:47 ----A---- K:\Windows\system32\deploytk.dll 2009-09-26 08:29:39 ----D---- K:\Program Files\Java 2009-09-25 13:42:08 ----D---- K:\ProgramData\Megaupload 2009-09-25 13:42:08 ----D---- K:\ProgramData\EmailNotifier 2009-09-25 08:51:14 ----D---- K:\ProgramData\SymplisIT 2009-09-25 08:50:55 ----D---- K:\Windows\Downloaded Installations 2009-09-25 01:28:44 ----D---- K:\Program Files\Microsoft Silverlight 2009-09-24 03:07:52 ----D---- K:\Users\BOSS\AppData\Roaming\Mozilla 2009-09-24 03:07:45 ----D---- K:\Program Files\Mozilla Firefox 2009-09-24 02:16:06 ----A---- K:\Windows\system32\wrap_oal.dll 2009-09-24 02:16:06 ----A---- K:\Windows\system32\OpenAL32.dll 2009-09-24 02:12:11 ----D---- K:\ProgramData\CyberLink 2009-09-24 02:11:44 ----D---- K:\Users\BOSS\AppData\Roaming\CyberLink 2009-09-24 02:10:15 ----D---- K:\ProgramData\Apple 2009-09-24 02:01:17 ----D---- K:\Users\BOSS\AppData\Roaming\Pegasys Inc 2009-09-24 01:40:33 ----D---- K:\ProgramData\MotionDSP 2009-09-24 01:32:12 ----D---- K:\Program Files\NVIDIA Corporation 2009-09-24 01:19:22 ----A---- K:\Windows\system32\NVUNINST.EXE 2009-09-24 01:17:28 ----D---- K:\Windows\system32\AGEIA 2009-09-24 00:16:02 ----D---- K:\Driver Download 2009-09-24 00:11:24 ----D---- K:\Windows\system32\sda 2009-09-24 00:11:21 ----A---- K:\Windows\system32\RTSUSTORicon.dll 2009-09-24 00:11:21 ----A---- K:\Windows\system32\RtsUStor.dll 2009-09-23 23:41:10 ----D---- K:\NVIDIA 2009-09-23 20:06:40 ----D---- K:\Users\BOSS\AppData\Roaming\TuneUp Software 2009-09-23 20:06:26 ----D---- K:\ProgramData\TuneUp Software 2009-09-23 20:06:26 ----D---- K:\Program Files\TuneUp Utilities 2009 2009-09-23 20:06:08 ----SHD---- K:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357} 2009-09-23 06:54:17 ----D---- K:\Windows\lhsp 2009-09-23 03:42:01 ----D---- K:\Users\BOSS\AppData\Roaming\Malwarebytes 2009-09-23 03:41:57 ----D---- K:\ProgramData\Malwarebytes 2009-09-23 03:41:57 ----D---- K:\Program Files\Malwarebytes' Anti-Malware 2009-09-23 00:59:33 ----D---- K:\tempo 2009-09-22 06:57:29 ----D---- K:\Users\BOSS\AppData\Roaming\DivX 2009-09-22 03:37:32 ----AD---- K:\ProgramData\TEMP 2009-09-22 02:32:41 ----D---- K:\Users\BOSS\AppData\Roaming\Thinstall 2009-09-22 02:21:59 ----A---- K:\Windows\MegaManager.INI 2009-09-22 02:17:15 ----D---- K:\Users\BOSS\AppData\Roaming\Megaupload 2009-09-22 02:17:02 ----D---- K:\Program Files\Megaupload 2009-09-22 02:16:35 ----D---- K:\Users\BOSS\AppData\Roaming\InstallShield 2009-09-21 23:27:03 ----HD---- K:\Program Files\InstallShield Installation Information 2009-09-21 23:27:03 ----D---- K:\Program Files\Realtek 2009-09-21 23:26:59 ----D---- K:\Program Files\Common Files\InstallShield 2009-09-21 21:05:13 ----D---- K:\Users\BOSS\AppData\Roaming\Macromedia 2009-09-21 21:05:11 ----D---- K:\Users\BOSS\AppData\Roaming\Adobe 2009-09-21 21:05:09 ----D---- K:\Users\BOSS\AppData\Roaming\Google 2009-09-21 13:02:06 ----D---- K:\Windows\system32\Macromed 2009-09-21 13:02:00 ----D---- K:\ProgramData\Google 2009-09-21 13:02:00 ----D---- K:\Program Files\Google 2009-09-21 12:51:10 ----D---- K:\Program Files\Rico Software 2009-09-21 11:49:16 ----D---- K:\Program Files\Common Files\PX Storage Engine 2009-09-21 11:48:58 ----D---- K:\Program Files\DivX 2009-09-21 06:46:43 ----HD---- K:\Program Files\Temp 2009-09-21 06:34:17 ----A---- K:\Windows\system32\XceedZip.dll 2009-09-21 06:18:37 ----D---- K:\Program Files\Lx_cats 2009-09-21 06:18:11 ----D---- K:\Program Files\Lexmark 730 Series 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfutil.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfusb1.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfserv.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfprox.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfpplc.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfpmui.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcflmpm.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfjswr.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfinst.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfinsr.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfinsb.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfins.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfinpa.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfih.exe 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfiesc.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfhcp.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfhbn3.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfgf.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcur.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcub.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcu.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcoms.exe 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcomm.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcomc.dll 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcfg.exe 2009-09-21 06:18:04 ----A---- K:\Windows\system32\lxcfcfg.dll 2009-09-21 06:16:36 ----D---- K:\Users\BOSS\AppData\Roaming\PeaZip 2009-09-21 06:12:03 ----D---- K:\ProgramData\Avira 2009-09-21 06:12:03 ----D---- K:\Program Files\Avira 2009-09-21 06:05:04 ----D---- K:\Windows\Panther 2009-09-21 05:56:53 ----D---- K:\ProgramData\Fighters 2009-09-21 05:56:43 ----D---- K:\Program Files\Fighters 2009-09-21 05:46:33 ----A---- K:\Windows\system32\MRT.exe 2009-09-21 05:42:34 ----D---- K:\ProgramData\NVIDIA 2009-09-21 05:42:09 ----SHD---- K:\Windows\Installer 2009-09-21 05:24:33 ----A---- K:\Windows\system32\PerfStringBackup.INI 2009-09-21 05:23:46 ----D---- K:\Users\BOSS\AppData\Roaming\Identities 2009-09-21 05:23:39 ----SD---- K:\Users\BOSS\AppData\Roaming\Microsoft 2009-09-21 05:23:39 ----D---- K:\Users\BOSS\AppData\Roaming\Media Center Programs 2009-09-21 05:23:26 ----SHD---- K:\ProgramData\Modèles 2009-09-21 05:23:26 ----SHD---- K:\ProgramData\Menu Démarrer 2009-09-21 05:23:26 ----SHD---- K:\ProgramData\Favoris 2009-09-21 05:23:26 ----SHD---- K:\ProgramData\Bureau 2009-09-21 05:23:26 ----SHD---- K:\Program Files\Fichiers communs 2009-09-21 05:09:22 ----D---- K:\Windows\SoftwareDistribution 2009-09-21 05:06:47 ----D---- K:\Windows\Prefetch 2009-09-16 12:52:45 ----D---- K:\_OTM 2009-09-11 20:50:10 ----A---- K:\dfxbtn.dll 2009-09-11 20:50:06 ----A---- K:\dfxrealr.dll ======List of files/folders modified in the last 1 months====== 2009-10-08 14:05:56 ----D---- K:\Windows\Temp 2009-10-08 14:05:24 ----D---- K:\Program Files 2009-10-08 13:58:51 ----D---- K:\Windows\system32\config 2009-10-08 13:50:05 ----D---- K:\Windows\System32 2009-10-08 13:50:05 ----D---- K:\Windows\inf 2009-10-08 12:51:06 ----D---- K:\Windows\Tasks 2009-10-07 20:53:42 ----HD---- K:\ProgramData 2009-10-07 20:46:06 ----HD---- K:\Windows\system32\GroupPolicy 2009-10-07 10:57:46 ----D---- K:\Windows 2009-10-07 10:02:46 ----SHD---- K:\System Volume Information 2009-10-07 10:00:54 ----D---- K:\Windows\system32\DriverStore 2009-10-07 10:00:54 ----D---- K:\Windows\system32\drivers 2009-10-07 10:00:54 ----D---- K:\Windows\system32\catroot 2009-10-07 09:48:14 ----D---- K:\Program Files\Common Files 2009-10-07 06:09:52 ----RD---- K:\Users 2009-10-07 05:55:46 ----SHD---- K:\$Recycle.Bin 2009-10-06 11:41:08 ----D---- K:\Windows\system32\wdi 2009-10-05 23:45:48 ----RSD---- K:\Windows\assembly 2009-10-05 23:33:27 ----D---- K:\Windows\system32\catroot2 2009-10-05 21:43:09 ----SHD---- K:\Recovery 2009-10-05 21:39:24 ----D---- K:\Windows\system32\wbem 2009-10-05 21:38:09 ----D---- K:\Windows\system32\Tasks 2009-10-05 21:38:09 ----D---- K:\Windows\registration 2009-10-04 18:56:33 ----SD---- K:\ProgramData\Microsoft 2009-10-02 14:16:51 ----D---- K:\Windows\Microsoft.NET 2009-10-02 14:07:34 ----D---- K:\Windows\winsxs 2009-10-02 14:05:18 ----D---- K:\Windows\system32\Boot 2009-10-02 14:05:18 ----D---- K:\Windows\ehome 2009-10-02 14:05:18 ----D---- K:\Program Files\Windows Media Player 2009-10-02 14:05:17 ----D---- K:\Windows\system32\fr-FR 2009-10-02 14:05:17 ----D---- K:\Windows\system32\en-US 2009-10-02 14:05:16 ----RSD---- K:\Windows\Fonts 2009-10-02 13:25:06 ----D---- K:\Windows\system32\migration 2009-10-02 13:20:16 ----D---- K:\Program Files\Internet Explorer 2009-10-01 14:00:17 ----D---- K:\Windows\system32\LogFiles 2009-09-28 07:05:24 ----D---- K:\Windows\Logs 2009-09-28 05:31:25 ----D---- K:\Windows\rescache 2009-09-28 05:30:18 ----A---- K:\Windows\system32\termsrv.dll 2009-09-28 05:29:10 ----D---- K:\Windows\debug 2009-09-28 05:27:07 ----A---- K:\Windows\system32\uxtheme.dll 2009-09-28 05:27:00 ----A---- K:\Windows\system32\themeui.dll 2009-09-28 05:26:56 ----A---- K:\Windows\system32\themeservice.dll 2009-09-25 08:51:15 ----D---- K:\Windows\system 2009-09-24 01:31:52 ----D---- K:\Windows\Help 2009-09-23 22:01:35 ----D---- K:\Windows\system32\NDF 2009-09-23 06:54:15 ----D---- K:\Windows\Speech 2009-09-23 01:15:20 ----D---- K:\Windows\system32\oobe 2009-09-23 01:04:06 ----D---- K:\Windows\AppPatch 2009-09-21 20:34:47 ----D---- K:\Windows\Downloaded Program Files 2009-09-21 06:08:44 ----D---- K:\Program Files\Common Files\microsoft shared 2009-09-21 05:37:17 ----D---- K:\Windows\system32\restore 2009-09-21 05:33:28 ----D---- K:\Program Files\Microsoft Games 2009-09-21 05:25:59 ----D---- K:\Windows\system32\CodeIntegrity 2009-09-21 05:23:26 ----D---- K:\Windows\system32\Recovery 2009-09-21 05:23:26 ----D---- K:\Program Files\Windows NT 2009-09-21 05:11:01 ----D---- K:\Windows\system32\sysprep 2009-09-21 05:07:09 ----D---- K:\Windows\CSC 2009-09-19 23:32:05 ----D---- K:\Windows.old Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:13:21, on 08/10/2009 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: K:\Windows\system32\Dwm.exe K:\Program Files\Avira\AntiVir Desktop\avgnt.exe K:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe K:\Program Files\cFosSpeed\cfosspeed.exe K:\Program Files\Java\jre6\bin\jusched.exe K:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe K:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe K:\Program Files\Mozilla Firefox\firefox.exe K:\Windows\explorer.exe K:\Users\BOSS\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer 8 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - K:\Program Files\free-downloads.net\tbfree.dll O1 - Hosts: --------------------------------- O1 - Hosts: | Hosts Optimisé par Hajdar pour | O1 - Hosts: | le bonheur des internautes | O1 - Hosts: | hTTp://AdZHosts.BlogSpot.Com | O1 - Hosts: | | O1 - Hosts: |Merci à tous pour votre soutiens | O1 - Hosts: | | O1 - Hosts: | kakudhajdar@gmail.com | O1 - Hosts: --------------------------------- O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - K:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - K:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - K:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - K:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - K:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - K:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - K:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [avgnt] "K:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [LXCFCATS] rundll32 K:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "K:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [cFosSpeed] K:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "K:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RtHDVCpl] K:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "K:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] k:\program files\uniblue\registrybooster\StartRegistryBooster.exe O4 - HKCU\..\Run: [{9B71D88C-C598-4935-C5D1-43AA4DB90836}] K:\Users\BOSS\AppData\Roaming\WinRAR\RarExtB.exe O8 - Extra context menu item: Download Link Using Mega Manager... - K:\Program Files\Megaupload\Mega Manager\mm_file.htm O13 - Gopher Prefix: O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - K:\Program Files\cFosSpeed\spd.exe O23 - Service: Google Software Updater (gusvc) - Google - K:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: lxcf_device - - K:\Windows\system32\lxcfcoms.exe O23 - Service: MBAMService - Malwarebytes Corporation - K:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Performance Service (nTuneService) - NVIDIA - K:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - K:\Windows\system32\nvvsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - K:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - K:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - K:\Windows\System32\TuneUpDefragService.exe O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - K:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- End of file - 6325 bytes j'espere que c'est suffisant

merci pour ton aide oui exactement je les ai supprimer aussi manuellement et a chaque ils reviennent

bonjour voila j'ai un problème avec deux malwares que je n'arrive pas supprimer peut-on m'aider Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{9b71d88c-c598-4935-c5d1-43aa4db90836} (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): K:\Users\BOSS\AppData\Roaming\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.

Bonsoir Tibonhomme, megamachin est megavideo c'est un site qui te permet de regarder une video ou telecharger un fichier que des amis ont uplaoder sur se site en fait c'est un site de stackage les informations que j'ai donne a paybal(une banque en ligne) sont les 16 chiffres inscrit sur ma carte bancaire ainsi que la date d'expiration...ect Cordialement

bonsoir a tous dernièrement j'ai acheté un compte premium de megamachin par l'intermédiaire de paybal, j'ai du fournir des informations sur ma carte bancaire via le net alors j'ai 2 questions : ces informations chez paybal sont-ils en sécurité ? dois-je faire confiance a paybal pour les futures achats ?

bonsoir sur option je trouve V Suivre ce sujet V Envoyer ce sujet V Imprimer ce sujet V Télécharger ce sujet V S'abonner à ce forum Modes d'affichage V Passer au mode : Arborescent V Standard V Passer au mode : Linéaire+ je ne trouve pas : ne plus surveiller le sujet

bonsoir merci infiniment j'ai un petit souci : comment arreter les alertes email de zebulon sur ma messagerie puisque mon probleme a ete resolu?

bonsoir a tous j'ai besoin d'aide pour comprendre et configurer le logiciel proxomitron ? merci d'avance

bonsoir apparemment le problème est résolu merci infiniment donc si dans l'avenir j'ai le meme problème je n'ai qu'a appliquer votre solution? ou ca dépend d'autres paramètres? j'avais télécharger proxomitron naoko croyant qu'il allais résoudre ce problème si c'est un bon logiciel comment le configurer? je confirme le probleme des fenetre a ete résolu encore merci

merci pour votre aide taches demandé accomplie et voici les rapport : All processes killed ========== PROCESSES ========== ========== FILES ========== LoadLibrary failed for k:\program files\media access startup\2.0.0.1050\HPIEAddOn.dll k:\program files\media access startup\2.0.0.1050\HPIEAddOn.dll NOT unregistered. k:\program files\media access startup\2.0.0.1050\HPIEAddOn.dll moved successfully. LoadLibrary failed for k:\program files\internet saving optimizer\3.8.1.4690\NPIEAddOn.dll k:\program files\internet saving optimizer\3.8.1.4690\NPIEAddOn.dll NOT unregistered. k:\program files\internet saving optimizer\3.8.1.4690\NPIEAddOn.dll moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: BOSS ->Temp folder emptied: 82114588 bytes File delete failed. K:\Users\BOSS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 28955850 bytes ->FireFox cache emptied: 70479535 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes Windows Temp folder emptied: 1046910 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 174,14 mb OTM by OldTimer - Version 3.0.0.6 log created on 09162009_125245 Files moved on Reboot... Registry entries deleted on Reboot... Malwarebytes' Anti-Malware 1.41 Version de la base de données: 2809 Windows 6.1.7600 16/09/2009 13:57:03 mbam-log-2009-09-16 (13-57-03).txt Type de recherche: Examen complet (C:\|D:\|F:\|K:\|) Eléments examinés: 261349 Temps écoulé: 43 minute(s), 7 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 17 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 19 Fichier(s) infecté(s): 130 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): K:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Internet Saving Optimizer\3.8.1.4690 (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Media Access Startup (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Media Access Startup\2.0.0.1050 (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Media Access Startup\2.0.0.1050\Data (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\components (Adware.DoubleD) -> Delete on reboot. K:\Users\BOSS\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690 (Adware.DoubleD) -> Delete on reboot. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Delete on reboot. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050 (Adware.DoubleD) -> Delete on reboot. Fichier(s) infecté(s): C:\Program Files\Packard Bell\Smart Restore\mountlbl.exe (Spyware.Banker) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPCommon.dll (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\HPCommon.dll (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Media Access Startup\2.0.0.1050\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot. K:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Program Files\Media Access Startup\2.0.0.1050\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\config.md (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-093151.592.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-194312.087.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-194655.345.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-194655.954.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-200516.922.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-200617.389.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-200617.936.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-201238.764.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090914-201239.779.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-013433.243.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-013643.324.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-013929.779.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-022511.128.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-023515.306.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-025714.940.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-030856.447.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-031314.053.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-033916.850.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-051812.864.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-052608.699.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-052719.634.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-052721.226.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-055101.193.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-061239.007.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-063020.383.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-063634.256.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-063635.708.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-064532.272.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-075648.860.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-080118.654.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-201344.834.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-201356.364.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-201821.013.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-202707.523.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-203416.730.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-210421.620.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-210424.273.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090915-231706.511.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-004400.862.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-004511.839.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-005819.906.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-010100.198.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-010451.906.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-010453.950.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-020717.288.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-020719.037.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-031508.817.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\NP_20090916-125737.869.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Internet Saving Optimizer\3.8.1.4690\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\config.md (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-093043.698.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-093151.560.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-194312.071.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-194655.345.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-194655.954.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-200516.829.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-200617.373.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-200617.936.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-201238.764.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090914-201239.763.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-013433.243.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-013643.308.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-013929.779.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-022511.112.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-023515.306.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-025714.908.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-030856.400.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-031313.991.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-033916.850.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-051812.817.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-052608.637.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-052719.634.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-052721.226.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-055101.177.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-061239.007.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-063020.383.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-063634.256.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-063635.708.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-064532.272.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-075648.860.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-080118.654.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-201344.819.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-201356.348.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-201821.003.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-202707.523.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-203416.605.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-210421.620.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-210424.273.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090915-231706.511.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-004400.847.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-004511.823.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-005819.906.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-010100.198.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-010451.906.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-010453.935.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-020717.288.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-020719.021.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-031508.817.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\HJHP_20090916-125737.760.log (Adware.DoubleD) -> Quarantined and deleted successfully. K:\Users\BOSS\Local Settings\Application Data\Media Access Startup\2.0.0.1050\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.

bonjour a tous j'ai passe une nuit blanche pour résoudre un problème de fenetres intempestives qui s'ouvrent en arrière plan de la page principale (des pages de pub genre IQ Test, Traqueur, Hot Russian Brides, IMBooster,...ect) alors je lance un appel au secours ici malgré ma prudence lors du serf sur internet j'ai du télécharger une saloperie j'ai fait une analyse hijackthis dont le rapport va suivre je vous remercie d'avance pour l'aide que vous voulez bien m'apporter parce que je suis vraiment perdu Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:55:29, on 16/09/2009 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: K:\Windows\system32\taskhost.exe K:\Windows\system32\Dwm.exe K:\Windows\Explorer.EXE K:\Program Files\Avira\AntiVir Desktop\avgnt.exe K:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe K:\Program Files\Mozilla Firefox\firefox.exe K:\Program Files\Megaupload\Mega Manager\MegaManager.exe K:\Program Files\OrangeHSS\Launcher\Launcher.exe K:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe K:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe K:\Program Files\OrangeHSS\systray\systrayapp.exe K:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe K:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe K:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe K:\Users\BOSS\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - K:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - K:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - K:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - K:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: NitroPDFBHO Class - {CF070CB8-F02F-4af4-A7B7-8D45CAD4BB54} - K:\Program Files\Nitro PDF\PDF Download\NitroPDF.dll O4 - HKLM\..\Run: [avgnt] "K:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RtHDVCpl] K:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - K:\Program Files\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: Save Page As PDF ... - file://K:\Program Files\Nitro PDF\PDF Download\nitroweb.htm O9 - Extra button: (no name) - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - K:\Program Files\Nitro PDF\PDF Download\NitroPDF.dll O9 - Extra 'Tools' menuitem: PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - K:\Program Files\Nitro PDF\PDF Download\NitroPDF.dll O9 - Extra button: PDF Download - {F1C0FD6C-A6A0-49a7-A932-71A56461867F} - K:\Program Files\Nitro PDF\PDF Download\NitroPDF.dll (HKCU) O13 - Gopher Prefix: O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - K:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - K:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - K:\Windows\system32\nvvsvc.exe O23 - Service: Sukoku Service - Unknown owner - K:\ProgramData\Sukoku\sukoku117.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - K:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - K:\Windows\System32\TUProgSt.exe -- End of file - 4676 bytes