[resolu]attaque en force dans le windows/system 32

doc charly · le 16 septembre 2008

Bonjour à Zebulon !

au secours !!!!!!!!

j'ai chopé un vilain tas de virus en decompressant un de programme. on me<dit que la mise à jour de windows est désactivé et qu'il faut telecharger un antivirus.... de nouvelles fenetres s'ouvrent à chaque connexion internet ...

j'ai essayé anti virus, scan en ligne et autres joyeusetés mais rien à faire pour me séparer des morpions...

je suis tombé sur votre site et j'ai (essayé) suivi la procédure indiquée et je vous joints le rapport hijack en esperant que vous pourrez m'aider

par avance, merci

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 07:39:30, on 16/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Documents and Settings\charly\Local Settings\Application Data\cstuff.exe

C:\Documents and Settings\charly\Local Settings\Application Data\JavaRuntime.00.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\00THotkey.exe

C:\WINDOWS\system32\TPWRTRAY.EXE

C:\Documents and Settings\charly\Local Settings\Application Data\JavaRuntime.00.exe

C:\Documents and Settings\charly\Local Settings\Application Data\cstuff.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

C:\WINDOWS\system32\TDispVol.exe

C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe

C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE

C:\Program Files\DNA\btdna.exe

C:\Program Files\wifi\WG511v210\Utility\WG511WLU.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\system32\TFNF5.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\TouchED\TouchED.Exe

C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\scan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\internet\DAP\DAPBHO.dll

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - D:\Dragon_Naturally_speaking_Preferred_XP_FR\Program\web_ie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\internet\DAP\DAPIEBar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [startupFaster] "C:\Program Files\Startup Faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: StartupFaster

O4 - Global Startup: StartupFaster

O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\internet\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\internet\DAP\dapextie2.htm

O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\internet\DAP\DAP.EXE

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: Yahoo! Backgammon - http://download2.games.yahoo.com/games/clients/y/at1_x.cab

O16 - DPF: Yahoo! Dominoes - http://download2.games.yahoo.com/games/clients/y/dot9_x.cab

O16 - DPF: Yahoo! Pyramids - http://download2.games.yahoo.com/games/clients/y/pyt1_x.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/importer/MypixUploader.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199619111384

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.photostation.fr/aurigma/ImageUploader4.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...383/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{02F7DEAF-AEFB-4EF2-9C17-16F592ABB12B}: NameServer = 217.19.48.80

O17 - HKLM\System\CS1\Services\Tcpip\..\{02F7DEAF-AEFB-4EF2-9C17-16F592ABB12B}: NameServer = 217.19.48.80

O20 - AppInit_DLLs: hqnlyu.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - D:\IPod\bin\iPodService.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe

--

End of file - 10178 bytes

Modifié le 25 septembre 2008 par doc charly

Le sioux · le 16 septembre 2008

Bonjour doc charly et bienvenuie chez Zébulon

Avast ne t'a pas protégé, on reparlera de son efficacité douteuse ensemble par la suite.

/ !\Avis aux lecteurs : Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil. Ne pas utiliser en dehors de ce cas de figure : dangereux! / !\

Tuto http://www.bleepingcomputer.com/combofix/f...iliser-combofix

1) Télécharge ComboFix.exe de sUBs

Télécharge ComboFix.exe de sUBs sur ton Bureau.

N'y touche pas pour le moment.

2) Création CFScript

/!\ Note: Le code ci-dessous a été intentionnellement rédigé pour CET utilisateur.

si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système./!\

Sélectionne le texte suivant en citation dans son intégralité :

KillAll::

Registry::

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000CC75-ACF3-4cac-A0A9-DD3868E06852}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{62999427-33FC-4baf-9C9C-BCE6BD127F08}"=-

[-HKEY_CLASSES_ROOT\clsid\{62999427-33FC-4baf-9C9C-BCE6BD127F08 }]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=””

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download with &DAP]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download &all with DAP]

File::

C:\Documents and Settings\charly\Local Settings\Application Data\JavaRuntime.00.exe

C:\Documents and Settings\charly\Local Settings\Application Data\cstuff.exe

C:\Program Files\internet\DAP\DAPBHO.dll

C:\Program Files\internet\DAP\DAPIEBar.dll

C:\WINDOWS\system32\hqnlyu.dll

Folder::

C:\Program Files\internet\DAP

Copie le texte sélectionné (CTRL+C).
Ouvre le Bloc-notes [/b](Démarrer / Tous les Programmes>Accessoires >bloc-notes).
Colle le texte copié dans ce Bloc-notes (CTRL+V).
Sauvegarde sur ton Bureau ce fichier sous le nom de CFScript.txt

/!\Déconnecte toi du net et désactive ton antivirus pour que ComboFix puisse s'exécuter normalement /!\

(Aide si besoin : http://forum.pcastuces.com/desactiver_les_...entes-f31s4.htm Merci Morgane )

Fais un Glisser/déposer de ce fichier CFScript.txt sur le fichier ComboFix (sur ton Bureau) comme ici :

Une fenêtre bleue va apparaître: au message qui apparaît Type 1 to continue, or 2 to abort , tape 1 puis valide.
Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu (si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt ) , ainsi qu’un nouveau rapport HijackThis.

/!\Ré-active la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à Internet. /!\.

@ suivre

Modifié le 16 septembre 2008 par Le sioux

doc charly · le 16 septembre 2008

merci de la rapidite de la réponse, j'essaie des que je rentre chez moi ce soir

je croise les doigts !!!

Le sioux · le 16 septembre 2008

Re

Ok, @ ce soir.

Salut.

doc charly · le 16 septembre 2008

les nouvelles du front :

quand j'allume, je n'ai plus l'icone rouge avec la demande de mise à jour windows, mais je n'ai plus non plus le petit bouclier jaune windows

j'ai toujours une fenetre d'erreur qui s'affiche RUNDLL avec erreur de chargement C: \windows\system32\svphawon.dll

si je coche ok, il m'en ouvre 4 ou 5 d'affilée et si je coche la croix en haut à droite il n'en apparait plus

j'ai les memes fdenetres en éteignant l'ordi.

rapport combofix :

ComboFix 08-09-15.02 - charly 2008-09-16 22:59:16.1 - FAT32x86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.293 [GMT 2:00]

Lancé depuis: C:\Documents and Settings\charly\Bureau\ComboFix.exe

Command switches used :: C:\Documents and Settings\charly\Bureau\CFScript.txt

* Un nouveau point de restauration a été créé

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\DOCUME~1\charly\LOCALS~1\Temp\tmp2.tmp

C:\Documents and Settings\charly\Cookies\charly@www.pixmania[2].txt

C:\Documents and Settings\charly\Local Settings\Application Data\cstuff.exe

C:\Documents and Settings\charly\Local Settings\Application Data\JavaRuntime.00.exe

C:\Program Files\internet\DAP

C:\Program Files\internet\DAP\Ads\colorize_full.gif

C:\Program Files\internet\DAP\Ads\emoticons full.gif

C:\Program Files\internet\DAP\Ads\FeedBack-Banner.gif

C:\Program Files\internet\DAP\Ads\notifiers_full.gif

C:\Program Files\internet\DAP\Ads\Thumbs.db

C:\Program Files\internet\DAP\cabex.dll

C:\Program Files\internet\DAP\DAP.exe

C:\Program Files\internet\DAP\dap.gif

C:\Program Files\internet\DAP\DAP_REPORT.LOG

C:\Program Files\internet\DAP\dap7.exe

C:\Program Files\internet\DAP\DAPBHO.dll

C:\Program Files\internet\DAP\dapextie.htm

C:\Program Files\internet\DAP\dapextie2.htm

C:\Program Files\internet\DAP\dapie.dll

C:\Program Files\internet\DAP\DAPIEBar.dll

C:\Program Files\internet\DAP\dapm_amdc.dll

C:\Program Files\internet\DAP\dapm_Context_games.dll

C:\Program Files\internet\DAP\dapmm.dll

C:\Program Files\internet\DAP\dapns.dll

C:\Program Files\internet\DAP\dapop.dll

C:\Program Files\internet\DAP\dapres.dll

C:\Program Files\internet\DAP\dapres32.dll

C:\Program Files\internet\DAP\dapupd.exe

C:\Program Files\internet\DAP\INSTALL.LOG

C:\Program Files\internet\DAP\license.txt

C:\Program Files\internet\DAP\mfc42.dll

C:\Program Files\internet\DAP\mmc.xml

C:\Program Files\internet\DAP\msvcrt.dll

C:\Program Files\internet\DAP\screen.dat

C:\Program Files\internet\DAP\Skins\dap\arrows.bmp

C:\Program Files\internet\DAP\Skins\dap\bms.bmp

C:\Program Files\internet\DAP\Skins\dap\bmstool.bmp

C:\Program Files\internet\DAP\Skins\dap\C-Close.bmp

C:\Program Files\internet\DAP\Skins\dap\C-end.bmp

C:\Program Files\internet\DAP\Skins\dap\C-Max.bmp

C:\Program Files\internet\DAP\Skins\dap\C-Min.bmp

C:\Program Files\internet\DAP\Skins\dap\C-Restore.bmp

C:\Program Files\internet\DAP\Skins\dap\checkbox.bmp

C:\Program Files\internet\DAP\Skins\dap\ComboButton.bmp

C:\Program Files\internet\DAP\Skins\dap\combobuttonextra.bmp

C:\Program Files\internet\DAP\Skins\dap\DAP.uis

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_Buttons.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_ComboButton.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_ExtraImages.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_GroupBox.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_GroupBoxEdge.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_HeaderBar.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_HorzScroll.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_HorzScrollThumb.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_MenuBackground.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_MenuItem.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_Progress.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_Scrollbar.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_StatusBarEdges.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_SunkEdge.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_Tabs.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_Toolbars.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_VertScroll.WBD

C:\Program Files\internet\DAP\Skins\dap\DAP.uis_VertScrollThumb.WBD

C:\Program Files\internet\DAP\Skins\dap\Dialog.bmp

C:\Program Files\internet\DAP\Skins\dap\Explorer.bmp

C:\Program Files\internet\DAP\Skins\dap\F-Bottom.bmp

C:\Program Files\internet\DAP\Skins\dap\F-Left.bmp

C:\Program Files\internet\DAP\Skins\dap\F-Right.bmp

C:\Program Files\internet\DAP\Skins\dap\F-Top.bmp

C:\Program Files\internet\DAP\Skins\dap\grip.bmp

C:\Program Files\internet\DAP\Skins\dap\GroupBox.bmp

C:\Program Files\internet\DAP\Skins\dap\GroupBoxTitle.bmp

C:\Program Files\internet\DAP\Skins\dap\Header.bmp

C:\Program Files\internet\DAP\Skins\dap\hscroll.bmp

C:\Program Files\internet\DAP\Skins\dap\hscroll2.bmp

C:\Program Files\internet\DAP\Skins\dap\mdi-button.bmp

C:\Program Files\internet\DAP\Skins\dap\Mdi.bmp

C:\Program Files\internet\DAP\Skins\dap\Menu-Border.bmp

C:\Program Files\internet\DAP\Skins\dap\MenuBar.bmp

C:\Program Files\internet\DAP\Skins\dap\menuborder.bmp

C:\Program Files\internet\DAP\Skins\dap\menutool.bmp

C:\Program Files\internet\DAP\Skins\dap\ProgressBar.bmp

C:\Program Files\internet\DAP\Skins\dap\radiobutton.bmp

C:\Program Files\internet\DAP\Skins\dap\shade.bmp

C:\Program Files\internet\DAP\Skins\dap\Status.bmp

C:\Program Files\internet\DAP\Skins\dap\SunkenEdge.bmp

C:\Program Files\internet\DAP\Skins\dap\tabborders.bmp

C:\Program Files\internet\DAP\Skins\dap\tabs.bmp

C:\Program Files\internet\DAP\Skins\dap\vscroll.bmp

C:\Program Files\internet\DAP\Skins\dap\vscroll2.bmp

C:\Program Files\internet\DAP\Skins\skins.url

C:\Program Files\internet\DAP\Temp\ADS1.tmp

C:\Program Files\internet\DAP\Temp\ADS10.tmp

C:\Program Files\internet\DAP\Temp\ADS100.tmp

C:\Program Files\internet\DAP\Temp\ADS102.tmp

C:\Program Files\internet\DAP\Temp\ADS103.tmp

C:\Program Files\internet\DAP\Temp\ADS109.tmp

C:\Program Files\internet\DAP\Temp\ADS11.tmp

C:\Program Files\internet\DAP\Temp\ADS113.tmp

C:\Program Files\internet\DAP\Temp\ADS114.tmp

C:\Program Files\internet\DAP\Temp\ADS11A.tmp

C:\Program Files\internet\DAP\Temp\ADS11B.tmp

C:\Program Files\internet\DAP\Temp\ADS11C.tmp

C:\Program Files\internet\DAP\Temp\ADS11E.tmp

C:\Program Files\internet\DAP\Temp\ADS12.tmp

C:\Program Files\internet\DAP\Temp\ADS120.tmp

C:\Program Files\internet\DAP\Temp\ADS12A.tmp

C:\Program Files\internet\DAP\Temp\ADS13.tmp

C:\Program Files\internet\DAP\Temp\ADS1338.tmp

C:\Program Files\internet\DAP\Temp\ADS13D.tmp

C:\Program Files\internet\DAP\Temp\ADS13E6.tmp

C:\Program Files\internet\DAP\Temp\ADS13F.tmp

C:\Program Files\internet\DAP\Temp\ADS14.tmp

C:\Program Files\internet\DAP\Temp\ADS1434.tmp

C:\Program Files\internet\DAP\Temp\ADS144.tmp

C:\Program Files\internet\DAP\Temp\ADS14F.tmp

C:\Program Files\internet\DAP\Temp\ADS15.tmp

C:\Program Files\internet\DAP\Temp\ADS154.tmp

C:\Program Files\internet\DAP\Temp\ADS155.tmp

C:\Program Files\internet\DAP\Temp\ADS157.tmp

C:\Program Files\internet\DAP\Temp\ADS15B.tmp

C:\Program Files\internet\DAP\Temp\ADS15E.tmp

C:\Program Files\internet\DAP\Temp\ADS16.tmp

C:\Program Files\internet\DAP\Temp\ADS160.tmp

C:\Program Files\internet\DAP\Temp\ADS161.tmp

C:\Program Files\internet\DAP\Temp\ADS163.tmp

C:\Program Files\internet\DAP\Temp\ADS164.tmp

C:\Program Files\internet\DAP\Temp\ADS16A.tmp

C:\Program Files\internet\DAP\Temp\ADS16D.tmp

C:\Program Files\internet\DAP\Temp\ADS16E.tmp

C:\Program Files\internet\DAP\Temp\ADS17.tmp

C:\Program Files\internet\DAP\Temp\ADS179.tmp

C:\Program Files\internet\DAP\Temp\ADS17A.tmp

C:\Program Files\internet\DAP\Temp\ADS17C.tmp

C:\Program Files\internet\DAP\Temp\ADS17E.tmp

C:\Program Files\internet\DAP\Temp\ADS18.tmp

C:\Program Files\internet\DAP\Temp\ADS180.tmp

C:\Program Files\internet\DAP\Temp\ADS182.tmp

C:\Program Files\internet\DAP\Temp\ADS184.tmp

C:\Program Files\internet\DAP\Temp\ADS186.tmp

C:\Program Files\internet\DAP\Temp\ADS187.tmp

C:\Program Files\internet\DAP\Temp\ADS18A.tmp

C:\Program Files\internet\DAP\Temp\ADS18C.tmp

C:\Program Files\internet\DAP\Temp\ADS18E.tmp

C:\Program Files\internet\DAP\Temp\ADS19.tmp

C:\Program Files\internet\DAP\Temp\ADS190.tmp

C:\Program Files\internet\DAP\Temp\ADS192.tmp

C:\Program Files\internet\DAP\Temp\ADS194.tmp

C:\Program Files\internet\DAP\Temp\ADS196.tmp

C:\Program Files\internet\DAP\Temp\ADS198.tmp

C:\Program Files\internet\DAP\Temp\ADS19A.tmp

C:\Program Files\internet\DAP\Temp\ADS19B.tmp

C:\Program Files\internet\DAP\Temp\ADS19D.tmp

C:\Program Files\internet\DAP\Temp\ADS19F.tmp

C:\Program Files\internet\DAP\Temp\ADS1A.tmp

C:\Program Files\internet\DAP\Temp\ADS1A0.tmp

C:\Program Files\internet\DAP\Temp\ADS1A3.tmp

C:\Program Files\internet\DAP\Temp\ADS1A7.tmp

C:\Program Files\internet\DAP\Temp\ADS1AA.tmp

C:\Program Files\internet\DAP\Temp\ADS1B.tmp

C:\Program Files\internet\DAP\Temp\ADS1B8.tmp

C:\Program Files\internet\DAP\Temp\ADS1BE.tmp

C:\Program Files\internet\DAP\Temp\ADS1BF.tmp

C:\Program Files\internet\DAP\Temp\ADS1C.tmp

C:\Program Files\internet\DAP\Temp\ADS1C7.tmp

C:\Program Files\internet\DAP\Temp\ADS1CE6.tmp

C:\Program Files\internet\DAP\Temp\ADS1D.tmp

C:\Program Files\internet\DAP\Temp\ADS1D0.tmp

C:\Program Files\internet\DAP\Temp\ADS1D1.tmp

C:\Program Files\internet\DAP\Temp\ADS1E.tmp

C:\Program Files\internet\DAP\Temp\ADS1E4.tmp

C:\Program Files\internet\DAP\Temp\ADS1ED.tmp

C:\Program Files\internet\DAP\Temp\ADS1F.tmp

C:\Program Files\internet\DAP\Temp\ADS1F5.tmp

C:\Program Files\internet\DAP\Temp\ADS2.tmp

C:\Program Files\internet\DAP\Temp\ADS20.tmp

C:\Program Files\internet\DAP\Temp\ADS202.tmp

C:\Program Files\internet\DAP\Temp\ADS206.tmp

C:\Program Files\internet\DAP\Temp\ADS209.tmp

C:\Program Files\internet\DAP\Temp\ADS20C.tmp

C:\Program Files\internet\DAP\Temp\ADS21.tmp

C:\Program Files\internet\DAP\Temp\ADS211.tmp

C:\Program Files\internet\DAP\Temp\ADS212.tmp

C:\Program Files\internet\DAP\Temp\ADS22.tmp

C:\Program Files\internet\DAP\Temp\ADS22B.tmp

C:\Program Files\internet\DAP\Temp\ADS23.tmp

C:\Program Files\internet\DAP\Temp\ADS23E.tmp

C:\Program Files\internet\DAP\Temp\ADS24.tmp

C:\Program Files\internet\DAP\Temp\ADS240.tmp

C:\Program Files\internet\DAP\Temp\ADS244.tmp

C:\Program Files\internet\DAP\Temp\ADS25.tmp

C:\Program Files\internet\DAP\Temp\ADS26.tmp

C:\Program Files\internet\DAP\Temp\ADS269.tmp

C:\Program Files\internet\DAP\Temp\ADS26B.tmp

C:\Program Files\internet\DAP\Temp\ADS27.tmp

C:\Program Files\internet\DAP\Temp\ADS27F.tmp

C:\Program Files\internet\DAP\Temp\ADS28.tmp

C:\Program Files\internet\DAP\Temp\ADS29.tmp

C:\Program Files\internet\DAP\Temp\ADS290.tmp

C:\Program Files\internet\DAP\Temp\ADS2A.tmp

C:\Program Files\internet\DAP\Temp\ADS2A9.tmp

C:\Program Files\internet\DAP\Temp\ADS2AF.tmp

C:\Program Files\internet\DAP\Temp\ADS2B.tmp

C:\Program Files\internet\DAP\Temp\ADS2B1.tmp

C:\Program Files\internet\DAP\Temp\ADS2B4.tmp

C:\Program Files\internet\DAP\Temp\ADS2C.tmp

C:\Program Files\internet\DAP\Temp\ADS2C5.tmp

C:\Program Files\internet\DAP\Temp\ADS2C7.tmp

C:\Program Files\internet\DAP\Temp\ADS2D.tmp

C:\Program Files\internet\DAP\Temp\ADS2D4.tmp

C:\Program Files\internet\DAP\Temp\ADS2D9.tmp

C:\Program Files\internet\DAP\Temp\ADS2DB.tmp

C:\Program Files\internet\DAP\Temp\ADS2E.tmp

C:\Program Files\internet\DAP\Temp\ADS2F.tmp

C:\Program Files\internet\DAP\Temp\ADS2F3.tmp

C:\Program Files\internet\DAP\Temp\ADS2F6.tmp

C:\Program Files\internet\DAP\Temp\ADS3.tmp

C:\Program Files\internet\DAP\Temp\ADS30.tmp

C:\Program Files\internet\DAP\Temp\ADS307.tmp

C:\Program Files\internet\DAP\Temp\ADS3094.tmp

C:\Program Files\internet\DAP\Temp\ADS31.tmp

C:\Program Files\internet\DAP\Temp\ADS315.tmp

C:\Program Files\internet\DAP\Temp\ADS32.tmp

C:\Program Files\internet\DAP\Temp\ADS320.tmp

C:\Program Files\internet\DAP\Temp\ADS324.tmp

C:\Program Files\internet\DAP\Temp\ADS32A.tmp

C:\Program Files\internet\DAP\Temp\ADS32D.tmp

C:\Program Files\internet\DAP\Temp\ADS33.tmp

C:\Program Files\internet\DAP\Temp\ADS34.tmp

C:\Program Files\internet\DAP\Temp\ADS347.tmp

C:\Program Files\internet\DAP\Temp\ADS348.tmp

C:\Program Files\internet\DAP\Temp\ADS35.tmp

C:\Program Files\internet\DAP\Temp\ADS353.tmp

C:\Program Files\internet\DAP\Temp\ADS355.tmp

C:\Program Files\internet\DAP\Temp\ADS36.tmp

C:\Program Files\internet\DAP\Temp\ADS37.tmp

C:\Program Files\internet\DAP\Temp\ADS38.tmp

C:\Program Files\internet\DAP\Temp\ADS39.tmp

C:\Program Files\internet\DAP\Temp\ADS3A.tmp

C:\Program Files\internet\DAP\Temp\ADS3B.tmp

C:\Program Files\internet\DAP\Temp\ADS3C.tmp

C:\Program Files\internet\DAP\Temp\ADS3D.tmp

C:\Program Files\internet\DAP\Temp\ADS3DD.tmp

C:\Program Files\internet\DAP\Temp\ADS3E.tmp

C:\Program Files\internet\DAP\Temp\ADS3E0.tmp

C:\Program Files\internet\DAP\Temp\ADS3E2.tmp

C:\Program Files\internet\DAP\Temp\ADS3EA.tmp

C:\Program Files\internet\DAP\Temp\ADS3F.tmp

C:\Program Files\internet\DAP\Temp\ADS3FA.tmp

C:\Program Files\internet\DAP\Temp\ADS3FC.tmp

C:\Program Files\internet\DAP\Temp\ADS4.tmp

C:\Program Files\internet\DAP\Temp\ADS40.tmp

C:\Program Files\internet\DAP\Temp\ADS41.tmp

C:\Program Files\internet\DAP\Temp\ADS42.tmp

C:\Program Files\internet\DAP\Temp\ADS42B.tmp

C:\Program Files\internet\DAP\Temp\ADS43.tmp

C:\Program Files\internet\DAP\Temp\ADS44.tmp

C:\Program Files\internet\DAP\Temp\ADS45.tmp

C:\Program Files\internet\DAP\Temp\ADS46.tmp

C:\Program Files\internet\DAP\Temp\ADS469.tmp

C:\Program Files\internet\DAP\Temp\ADS47.tmp

C:\Program Files\internet\DAP\Temp\ADS48.tmp

C:\Program Files\internet\DAP\Temp\ADS485.tmp

C:\Program Files\internet\DAP\Temp\ADS487.tmp

C:\Program Files\internet\DAP\Temp\ADS49.tmp

C:\Program Files\internet\DAP\Temp\ADS4A.tmp

C:\Program Files\internet\DAP\Temp\ADS4B.tmp

C:\Program Files\internet\DAP\Temp\ADS4C.tmp

C:\Program Files\internet\DAP\Temp\ADS4C4.tmp

C:\Program Files\internet\DAP\Temp\ADS4D.tmp

C:\Program Files\internet\DAP\Temp\ADS4E.tmp

C:\Program Files\internet\DAP\Temp\ADS4F.tmp

C:\Program Files\internet\DAP\Temp\ADS5.tmp

C:\Program Files\internet\DAP\Temp\ADS50.tmp

C:\Program Files\internet\DAP\Temp\ADS51.tmp

C:\Program Files\internet\DAP\Temp\ADS52.tmp

C:\Program Files\internet\DAP\Temp\ADS53.tmp

C:\Program Files\internet\DAP\Temp\ADS531.tmp

C:\Program Files\internet\DAP\Temp\ADS54.tmp

C:\Program Files\internet\DAP\Temp\ADS55.tmp

C:\Program Files\internet\DAP\Temp\ADS56.tmp

C:\Program Files\internet\DAP\Temp\ADS560.tmp

C:\Program Files\internet\DAP\Temp\ADS57.tmp

C:\Program Files\internet\DAP\Temp\ADS58.tmp

C:\Program Files\internet\DAP\Temp\ADS59.tmp

C:\Program Files\internet\DAP\Temp\ADS5A.tmp

C:\Program Files\internet\DAP\Temp\ADS5B.tmp

C:\Program Files\internet\DAP\Temp\ADS5C.tmp

C:\Program Files\internet\DAP\Temp\ADS5D.tmp

C:\Program Files\internet\DAP\Temp\ADS5E.tmp

C:\Program Files\internet\DAP\Temp\ADS5F.tmp

C:\Program Files\internet\DAP\Temp\ADS6.tmp

C:\Program Files\internet\DAP\Temp\ADS60.tmp

C:\Program Files\internet\DAP\Temp\ADS61.tmp

C:\Program Files\internet\DAP\Temp\ADS62.tmp

C:\Program Files\internet\DAP\Temp\ADS63.tmp

C:\Program Files\internet\DAP\Temp\ADS64.tmp

C:\Program Files\internet\DAP\Temp\ADS65.tmp

C:\Program Files\internet\DAP\Temp\ADS66.tmp

C:\Program Files\internet\DAP\Temp\ADS66C5.tmp

C:\Program Files\internet\DAP\Temp\ADS67.tmp

C:\Program Files\internet\DAP\Temp\ADS68.tmp

C:\Program Files\internet\DAP\Temp\ADS684B.tmp

C:\Program Files\internet\DAP\Temp\ADS69.tmp

C:\Program Files\internet\DAP\Temp\ADS6A.tmp

C:\Program Files\internet\DAP\Temp\ADS6B.tmp

C:\Program Files\internet\DAP\Temp\ADS6BF.tmp

C:\Program Files\internet\DAP\Temp\ADS6C.tmp

C:\Program Files\internet\DAP\Temp\ADS6D.tmp

C:\Program Files\internet\DAP\Temp\ADS6E.tmp

C:\Program Files\internet\DAP\Temp\ADS6EBF.tmp

C:\Program Files\internet\DAP\Temp\ADS6F.tmp

C:\Program Files\internet\DAP\Temp\ADS7.tmp

C:\Program Files\internet\DAP\Temp\ADS70.tmp

C:\Program Files\internet\DAP\Temp\ADS71.tmp

C:\Program Files\internet\DAP\Temp\ADS72.tmp

C:\Program Files\internet\DAP\Temp\ADS73.tmp

C:\Program Files\internet\DAP\Temp\ADS7342.tmp

C:\Program Files\internet\DAP\Temp\ADS74.tmp

C:\Program Files\internet\DAP\Temp\ADS74E.tmp

C:\Program Files\internet\DAP\Temp\ADS75.tmp

C:\Program Files\internet\DAP\Temp\ADS750.tmp

C:\Program Files\internet\DAP\Temp\ADS752.tmp

C:\Program Files\internet\DAP\Temp\ADS7596.tmp

C:\Program Files\internet\DAP\Temp\ADS7598.tmp

C:\Program Files\internet\DAP\Temp\ADS759A.tmp

C:\Program Files\internet\DAP\Temp\ADS759C.tmp

C:\Program Files\internet\DAP\Temp\ADS759E.tmp

C:\Program Files\internet\DAP\Temp\ADS75A0.tmp

C:\Program Files\internet\DAP\Temp\ADS75A2.tmp

C:\Program Files\internet\DAP\Temp\ADS75A4.tmp

C:\Program Files\internet\DAP\Temp\ADS75A6.tmp

C:\Program Files\internet\DAP\Temp\ADS75A8.tmp

C:\Program Files\internet\DAP\Temp\ADS75AA.tmp

C:\Program Files\internet\DAP\Temp\ADS75AC.tmp

C:\Program Files\internet\DAP\Temp\ADS75AE.tmp

C:\Program Files\internet\DAP\Temp\ADS75B0.tmp

C:\Program Files\internet\DAP\Temp\ADS75B2.tmp

C:\Program Files\internet\DAP\Temp\ADS75B4.tmp

C:\Program Files\internet\DAP\Temp\ADS75B6.tmp

C:\Program Files\internet\DAP\Temp\ADS75B8.tmp

C:\Program Files\internet\DAP\Temp\ADS75BA.tmp

C:\Program Files\internet\DAP\Temp\ADS75BC.tmp

C:\Program Files\internet\DAP\Temp\ADS76.tmp

C:\Program Files\internet\DAP\Temp\ADS77.tmp

C:\Program Files\internet\DAP\Temp\ADS78.tmp

C:\Program Files\internet\DAP\Temp\ADS79.tmp

C:\Program Files\internet\DAP\Temp\ADS7A.tmp

C:\Program Files\internet\DAP\Temp\ADS7B.tmp

C:\Program Files\internet\DAP\Temp\ADS7C.tmp

C:\Program Files\internet\DAP\Temp\ADS7D.tmp

C:\Program Files\internet\DAP\Temp\ADS7E.tmp

C:\Program Files\internet\DAP\Temp\ADS7F.tmp

C:\Program Files\internet\DAP\Temp\ADS8.tmp

C:\Program Files\internet\DAP\Temp\ADS80.tmp

C:\Program Files\internet\DAP\Temp\ADS81.tmp

C:\Program Files\internet\DAP\Temp\ADS82.tmp

C:\Program Files\internet\DAP\Temp\ADS83.tmp

C:\Program Files\internet\DAP\Temp\ADS84.tmp

C:\Program Files\internet\DAP\Temp\ADS85.tmp

C:\Program Files\internet\DAP\Temp\ADS86.tmp

C:\Program Files\internet\DAP\Temp\ADS87.tmp

C:\Program Files\internet\DAP\Temp\ADS88.tmp

C:\Program Files\internet\DAP\Temp\ADS89.tmp

C:\Program Files\internet\DAP\Temp\ADS8A.tmp

C:\Program Files\internet\DAP\Temp\ADS8B.tmp

C:\Program Files\internet\DAP\Temp\ADS8C.tmp

C:\Program Files\internet\DAP\Temp\ADS8D.tmp

C:\Program Files\internet\DAP\Temp\ADS8E.tmp

C:\Program Files\internet\DAP\Temp\ADS8F.tmp

C:\Program Files\internet\DAP\Temp\ADS9.tmp

C:\Program Files\internet\DAP\Temp\ADS90.tmp

C:\Program Files\internet\DAP\Temp\ADS91.tmp

C:\Program Files\internet\DAP\Temp\ADS92.tmp

C:\Program Files\internet\DAP\Temp\ADS93.tmp

C:\Program Files\internet\DAP\Temp\ADS94.tmp

C:\Program Files\internet\DAP\Temp\ADS95.tmp

C:\Program Files\internet\DAP\Temp\ADS96.tmp

C:\Program Files\internet\DAP\Temp\ADS97.tmp

C:\Program Files\internet\DAP\Temp\ADS98.tmp

C:\Program Files\internet\DAP\Temp\ADS99.tmp

C:\Program Files\internet\DAP\Temp\ADS9A.tmp

C:\Program Files\internet\DAP\Temp\ADS9B.tmp

C:\Program Files\internet\DAP\Temp\ADS9C.tmp

C:\Program Files\internet\DAP\Temp\ADS9D.tmp

C:\Program Files\internet\DAP\Temp\ADS9E.tmp

C:\Program Files\internet\DAP\Temp\ADS9F.tmp

C:\Program Files\internet\DAP\Temp\ADSA.tmp

C:\Program Files\internet\DAP\Temp\ADSA0.tmp

C:\Program Files\internet\DAP\Temp\ADSA1.tmp

C:\Program Files\internet\DAP\Temp\ADSA2.tmp

C:\Program Files\internet\DAP\Temp\ADSA3.tmp

C:\Program Files\internet\DAP\Temp\ADSA4.tmp

C:\Program Files\internet\DAP\Temp\ADSA5.tmp

C:\Program Files\internet\DAP\Temp\ADSA6.tmp

C:\Program Files\internet\DAP\Temp\ADSA7.tmp

C:\Program Files\internet\DAP\Temp\ADSA8.tmp

C:\Program Files\internet\DAP\Temp\ADSA9.tmp

C:\Program Files\internet\DAP\Temp\ADSAA.tmp

C:\Program Files\internet\DAP\Temp\ADSAB.tmp

C:\Program Files\internet\DAP\Temp\ADSAC.tmp

C:\Program Files\internet\DAP\Temp\ADSAD.tmp

C:\Program Files\internet\DAP\Temp\ADSAE.tmp

C:\Program Files\internet\DAP\Temp\ADSAF.tmp

C:\Program Files\internet\DAP\Temp\ADSB.tmp

C:\Program Files\internet\DAP\Temp\ADSB0.tmp

C:\Program Files\internet\DAP\Temp\ADSB1.tmp

C:\Program Files\internet\DAP\Temp\ADSB2.tmp

C:\Program Files\internet\DAP\Temp\ADSB3.tmp

C:\Program Files\internet\DAP\Temp\ADSB4.tmp

C:\Program Files\internet\DAP\Temp\ADSB5.tmp

C:\Program Files\internet\DAP\Temp\ADSB6.tmp

C:\Program Files\internet\DAP\Temp\ADSB7.tmp

C:\Program Files\internet\DAP\Temp\ADSB8.tmp

C:\Program Files\internet\DAP\Temp\ADSB9.tmp

C:\Program Files\internet\DAP\Temp\ADSBA.tmp

C:\Program Files\internet\DAP\Temp\ADSBB.tmp

C:\Program Files\internet\DAP\Temp\ADSBC.tmp

C:\Program Files\internet\DAP\Temp\ADSBD.tmp

C:\Program Files\internet\DAP\Temp\ADSBE.tmp

C:\Program Files\internet\DAP\Temp\ADSBF.tmp

C:\Program Files\internet\DAP\Temp\ADSC.tmp

C:\Program Files\internet\DAP\Temp\ADSC0.tmp

C:\Program Files\internet\DAP\Temp\ADSC1.tmp

C:\Program Files\internet\DAP\Temp\ADSC2.tmp

C:\Program Files\internet\DAP\Temp\ADSC3.tmp

C:\Program Files\internet\DAP\Temp\ADSC4.tmp

C:\Program Files\internet\DAP\Temp\ADSC5.tmp

C:\Program Files\internet\DAP\Temp\ADSC6.tmp

C:\Program Files\internet\DAP\Temp\ADSC7.tmp

C:\Program Files\internet\DAP\Temp\ADSC8.tmp

C:\Program Files\internet\DAP\Temp\ADSC9.tmp

C:\Program Files\internet\DAP\Temp\ADSCA.tmp

C:\Program Files\internet\DAP\Temp\ADSCB.tmp

C:\Program Files\internet\DAP\Temp\ADSCC.tmp

C:\Program Files\internet\DAP\Temp\ADSCD.tmp

C:\Program Files\internet\DAP\Temp\ADSCE.tmp

C:\Program Files\internet\DAP\Temp\ADSCF.tmp

C:\Program Files\internet\DAP\Temp\ADSD.tmp

C:\Program Files\internet\DAP\Temp\ADSD0.tmp

C:\Program Files\internet\DAP\Temp\ADSD1.tmp

C:\Program Files\internet\DAP\Temp\ADSD2.tmp

C:\Program Files\internet\DAP\Temp\ADSD3.tmp

C:\Program Files\internet\DAP\Temp\ADSD4.tmp

C:\Program Files\internet\DAP\Temp\ADSD5.tmp

C:\Program Files\internet\DAP\Temp\ADSD6.tmp

C:\Program Files\internet\DAP\Temp\ADSD7.tmp

C:\Program Files\internet\DAP\Temp\ADSD8.tmp

C:\Program Files\internet\DAP\Temp\ADSD9.tmp

C:\Program Files\internet\DAP\Temp\ADSDA.tmp

C:\Program Files\internet\DAP\Temp\ADSDB.tmp

C:\Program Files\internet\DAP\Temp\ADSDC.tmp

C:\Program Files\internet\DAP\Temp\ADSDD.tmp

C:\Program Files\internet\DAP\Temp\ADSDE.tmp

C:\Program Files\internet\DAP\Temp\ADSDF.tmp

C:\Program Files\internet\DAP\Temp\ADSE.tmp

C:\Program Files\internet\DAP\Temp\ADSE0.tmp

C:\Program Files\internet\DAP\Temp\ADSE1.tmp

C:\Program Files\internet\DAP\Temp\ADSE2.tmp

C:\Program Files\internet\DAP\Temp\ADSE3.tmp

C:\Program Files\internet\DAP\Temp\ADSE4.tmp

C:\Program Files\internet\DAP\Temp\ADSE5.tmp

C:\Program Files\internet\DAP\Temp\ADSE6.tmp

C:\Program Files\internet\DAP\Temp\ADSE7.tmp

C:\Program Files\internet\DAP\Temp\ADSE8.tmp

C:\Program Files\internet\DAP\Temp\ADSE9.tmp

C:\Program Files\internet\DAP\Temp\ADSEA.tmp

C:\Program Files\internet\DAP\Temp\ADSEB.tmp

C:\Program Files\internet\DAP\Temp\ADSEC.tmp

C:\Program Files\internet\DAP\Temp\ADSED.tmp

C:\Program Files\internet\DAP\Temp\ADSEE.tmp

C:\Program Files\internet\DAP\Temp\ADSEF.tmp

C:\Program Files\internet\DAP\Temp\ADSF.tmp

C:\Program Files\internet\DAP\Temp\ADSF0.tmp

C:\Program Files\internet\DAP\Temp\ADSF1.tmp

C:\Program Files\internet\DAP\Temp\ADSF2.tmp

C:\Program Files\internet\DAP\Temp\ADSF3.tmp

C:\Program Files\internet\DAP\Temp\ADSF4.tmp

C:\Program Files\internet\DAP\Temp\ADSFA.tmp

C:\Program Files\internet\DAP\Temp\ADSFC.tmp

C:\Program Files\internet\DAP\Temp\ADSFE.tmp

C:\Program Files\internet\DAP\Temp\LDN_PREV.TM1

C:\Program Files\internet\DAP\Temp\LDN12F.tmp

C:\Program Files\internet\DAP\Temp\LDN130.tmp

C:\Program Files\internet\DAP\Temp\LDN14.tmp

C:\Program Files\internet\DAP\Temp\LDN15.tmp

C:\Program Files\internet\DAP\Temp\LDN16.tmp

C:\Program Files\internet\DAP\Temp\LDN165.tmp

C:\Program Files\internet\DAP\Temp\LDN17.tmp

C:\Program Files\internet\DAP\Temp\LDN3A.tmp

C:\Program Files\internet\DAP\Temp\LDN3B.tmp

C:\Program Files\internet\DAP\Temp\LDN3E.tmp

C:\Program Files\internet\DAP\Temp\LDN43.tmp

C:\Program Files\internet\DAP\Temp\LDN45.tmp

C:\Program Files\internet\DAP\Temp\LDN52.tmp

C:\Program Files\internet\DAP\Temp\LDNCF.tmp

C:\Program Files\internet\DAP\Temp\LDND0.tmp

C:\Program Files\internet\DAP\Temp\LDND1.tmp

C:\Program Files\internet\DAP\Temp\LDND2.tmp

C:\Program Files\internet\DAP\Temp\LDNEF.tmp

C:\Program Files\internet\DAP\Temp\LDNF0.tmp

C:\Program Files\internet\DAP\Temp\LDNF1.tmp

C:\Program Files\internet\DAP\Temp\LDNF2.tmp

C:\Program Files\internet\DAP\UNWISE.EXE

C:\Program Files\internet\DAP\Updates\UpdateList.xml

C:\Program Files\internet\DAP\v_html.gif

C:\Program Files\internet\DAP\v_i.gif

C:\Program Files\internet\DAP\v_logo.gif

C:\Program Files\internet\DAP\v_noconn.gif

C:\Program Files\internet\DAP\v_notf.gif

C:\Program Files\internet\DAP\v_ok.gif

C:\Program Files\internet\DAP\v_pass.gif

C:\Program Files\internet\DAP\v_unk.gif

C:\Program Files\internet\DAP\v_working.gif

C:\Program Files\internet\DAP\website.url

C:\Program Files\internet\DAP\zlib.dll

C:\WINDOWS\system32\intranet.dll

C:\WINDOWS\system32\uwrpanmd.ini

.

((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-16 au 2008-09-16 ))))))))))))))))))))))))))))))))))))

.

2008-09-15 22:23 . 2008-09-15 22:23 <REP> d-------- C:\Program Files\Trend Micro

2008-09-15 21:49 . 2008-09-15 21:49 <REP> d-------- C:\Documents and Settings\charly\Application Data\Malwarebytes

2008-09-15 21:48 . 2008-09-15 21:48 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-09-15 21:48 . 2008-09-15 21:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-09-15 21:48 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2008-09-15 21:48 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-09-14 23:45 . 2008-09-14 23:45 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab

2008-09-14 21:43 . 2008-09-14 21:43 <REP> d-------- C:\WINDOWS\avxoscan

2008-09-14 21:17 . 2008-09-14 21:17 <REP> d-------- C:\WINDOWS\McAfee.com

2008-09-14 20:33 . 2008-09-14 20:33 <REP> d-------- C:\fsaua.data

2008-09-14 12:38 . 2008-09-14 12:38 <REP> d--hs---- C:\FOUND.014

2008-09-13 15:55 . 2008-09-13 15:55 <REP> d-------- C:\Program Files\Neat Image

2008-09-05 22:46 . 2008-09-05 22:46 <REP> d-------- C:\Program Files\MagicDisc

2008-09-05 22:46 . 2008-07-28 17:19 116,736 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys

2008-08-23 19:04 . 2008-08-23 19:04 <REP> d-------- C:\Program Files\SpamBayes

2008-08-23 19:04 . 2008-08-23 19:04 <REP> d-------- C:\Documents and Settings\charly\Application Data\SpamBayes

2008-08-23 00:24 . 2008-08-23 00:24 <REP> d-------- C:\WINDOWS\system32\fr

2008-08-23 00:24 . 2008-08-23 00:24 <REP> d-------- C:\WINDOWS\l2schemas

2008-08-21 21:16 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll

2008-08-21 21:16 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\dllcache\msxml6.dll

2008-08-21 21:16 . 2008-04-14 04:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll

2008-08-21 21:16 . 2008-04-14 04:33 651,264 --------- C:\WINDOWS\system32\dot3ui.dll

2008-08-21 21:16 . 2008-04-14 04:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll

2008-08-21 21:14 . 2008-04-14 04:33 7,168 --------- C:\WINDOWS\system32\bitsprx4.dll

2008-08-21 21:14 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdpash.dll

2008-08-21 21:14 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdnepr.dll

2008-08-21 21:14 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdiultn.dll

2008-08-21 21:14 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdbhc.dll

2008-08-21 21:13 . 2006-12-28 21:01 19,569 --a------ C:\WINDOWS\005576_.tmp

2008-08-21 21:13 . 2008-04-14 04:10 2,524 --------- C:\WINDOWS\system32\pid.inf

2008-08-17 21:02 . 2008-08-17 21:02 <REP> d-------- C:\Documents and Settings\charly\Application Data\URSoft

2008-08-17 21:02 . 2008-08-17 21:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP

2008-08-17 21:01 . 2008-08-17 21:01 <REP> d-------- C:\Program Files\Startup Faster

2008-08-17 10:36 . 2008-08-17 10:36 179 --a------ C:\Raccourci vers Disque local (D).lnk

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-22 22:42 2,396 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP

2008-07-29 00:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft

2008-07-29 00:01 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard

2008-07-20 08:51 --------- d-----w C:\Documents and Settings\charly\Application Data\SPAMfighter

2008-07-19 20:54 --------- d-----w C:\Program Files\Bonjour

2008-07-09 03:05 129,520 ------w C:\WINDOWS\system32\pxafs.dll

2008-07-09 03:05 120,568 ------w C:\WINDOWS\system32\pxcpyi64.exe

2008-07-09 03:05 118,256 ------w C:\WINDOWS\system32\pxinsi64.exe

2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll

2008-07-07 20:28 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll

2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll

2008-06-24 16:44 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll

2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll

2008-06-24 08:28 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll

2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe

2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe

2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe

2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll

2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll

2008-06-20 17:47 247,808 ------w C:\WINDOWS\system32\dllcache\mswsock.dll

2008-06-20 17:47 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys

2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys

2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys

2008-02-20 23:10 74,424 ----a-w C:\Documents and Settings\charly\Application Data\GDIPFONTCACHEV1.DAT

1998-04-27 22:00 570,128 ----a-w C:\Program Files\dao350.dll

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartupFaster"="C:\Program Files\Startup Faster\startuploader.exe" [2008-03-22 1393888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=hqnlyu.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"MSACM.CEGSM"= mobilev.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\Program Files\\RealVNC\\WinVNC\\winvnc.exe"=

"D:\\internet\\emule\\emule.exe"=

"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

"C:\\Program Files\\adslTV\\adslTV.exe"=

"C:\\Program Files\\adslTV\\vlc.exe"=

"C:\\Program Files\\Mozilla Firefox\\FIREFOX.EXE"=

"D:\\PSP\\UMD_DAX_DUMPER_v0.2_BETA_FR_By_Guilouz\\PC\\nethostfs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\TFPTools3_0\\TFPTools.exe"=

"C:\\Program Files\\HomePlayer1.5.1.2\\HomePlayer.exe"=

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"D:\\IPod\\iTunes\\iTunes.exe"=

"C:\\WINDOWS\\System32\\ftp.exe"=

"C:\\Program Files\\DNA\\btdna.exe"=

"C:\\Program Files\\internet\\BitTorrent\\bittorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"4662:TCP"= 4662:TCP:emule : TCP entrant

"4672:UDP"= 4672:UDP:UDP

R0 TVALDX;Toshiba ACPI-Based Value Added Logical Device Extension Driver;C:\WINDOWS\system32\DRIVERS\TVALDX.SYS [2001-08-17 6082]

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]

R1 UsbFltr;WayTechUSBFilterDriver;C:\WINDOWS\system32\drivers\UsbFltr.sys [2003-02-19 6144]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]

R2 Tmesbs;Tmesbs32;C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe [2002-08-09 57344]

R3 AWINDIS5;AWINDIS5 Protocol Driver;C:\WINDOWS\system32\AWINDIS5.SYS [2002-04-11 16194]

R3 axsaki;axsaki;C:\WINDOWS\system32\DRIVERS\axsaki.sys [2003-03-30 102624]

R3 axskbus;axskbus;C:\WINDOWS\system32\DRIVERS\axskbus.sys [2003-03-28 8640]

S0 WinIK;WinIK;C:\WINDOWS\system32\Drivers\WinIK.sys [ ]

S1 SpyEmrg;Spy Emergency Driver;C:\WINDOWS\system32\Drivers\spyemrg.sys [ ]

S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\DRIVERS\camdrv21.sys [ ]

S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]

S3 PRISM_ICB;NETGEAR WG511 Wireless LAN Driver;C:\WINDOWS\system32\DRIVERS\WG511ICB.sys [2003-12-05 379488]

S3 Spyder2;ColorVision Spyder2;C:\WINDOWS\system32\DRIVERS\Spyder2.sys [2007-01-17 12288]

S3 TIAcxubt;D-Link WLAN USB Boot Device;C:\WINDOWS\system32\Drivers\tiacxubt.sys [2003-03-18 17536]

S3 TIACXUSB;D-Link AirPlus DWL-120+ Wireless USB Adapter;C:\WINDOWS\system32\Drivers\tiacxusb.sys [2003-06-29 178048]

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-16 23:05:00

Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cach‚s ...

Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...

Recherche de fichiers cach‚s ...

Scan termin‚ avec succŠs

Fichiers cach‚s: 0

**************************************************************************

.

--------------------- DLLs charg‚es dans les processus actifs ---------------------

PROCESSUS: C:\WINDOWS\explorer.exe

-> C:\WINDOWS\system32\TDispVol.dll

.

------------------------ Autres processus actifs ------------------------

.

C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWSERVICE.EXE

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE

C:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE

C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE

C:\WINDOWS\SYSTEM32\DVDRAMSV.EXE

C:\WINDOWS\SYSTEM32\NVSVC32.EXE

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE

C:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP LIGHTROOM 1.1\APDPROXY.EXE

C:\WINDOWS\SYSTEM32\00THOTKEY.EXE

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHDISP.EXE

C:\WINDOWS\SYSTEM32\TPWRTRAY.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

C:\WINDOWS\system32\TDispVol.exe

C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe

C:\Program Files\DNA\btdna.exe

C:\Program Files\wifi\WG511v210\Utility\WG511WLU.exe

C:\Program Files\Startup Faster\sfAgent.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\system32\TFNF5.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\TouchED\TouchED.Exe

C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe

C:\Program Files\MagicDisc\MagicDisc.exe

.

**************************************************************************

.

Heure de fin: 2008-09-16 23:09:33 - La machine a red‚marr‚

ComboFix-quarantined-files.txt 2008-09-16 21:09:24

Avant-CF: 5,334,450,176 octets libres

AprŠs-CF: 5,557,895,168 octets libres

701 --- E O F --- 2008-09-10 19:19:29

rapport hijack :

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:14:51, on 16/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe

C:\WINDOWS\System32\00THotkey.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\TPWRTRAY.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe

C:\WINDOWS\system32\TDispVol.exe

C:\Program Files\Synaptics\SynTP\cPad\AlarmWatcher.exe

C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE

C:\Program Files\DNA\btdna.exe

C:\Program Files\wifi\WG511v210\Utility\WG511WLU.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\TFNF5.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\TouchED\TouchED.Exe

C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe

C:\Program Files\MagicDisc\MagicDisc.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe