Fichiers exe et microsoft's update - Sécurité - Virus
Ceci répond-il à votre question ? Oui | Non
Se connecter | Inscription
 

Ajouter une réponse



 Mot :   Pseudo :  
 
Bas de page
Auteur
 Sujet : Fichiers exe et microsoft's update
 
dylyo
Profil : IDNaute
Plus d'informations
n°265907
18-12-2007 à 12:42:30

Bonjour à ceux qui me lisent; double probleme en ce qui me concerne:  
- impossibilité de mettre à jour les fichier windows (je précise qu'il s'agit d'une version commerciale, non piratée)
- Au bout de quelques minutes, je ne peux plus lancer les programmes à application "exe"!...
Merci de me m'orienter!!
Ci-joint un rapport Hi-jack
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:13, on 18/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Wanadoo\taskbaricon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\dwwin.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 7926485312
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B62424E-159B-4B52-9438-36378A59A00F}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A93148BD-E02D-4B7E-B59F-A842FDA5DAE5}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6D2C45BA-776E-4765-AE29-6FA80097F6B0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Cyanide - C:\WINDOWS\system32\pr2akt6c.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
 
--
End of file - 18394 bytes

Liens

MaxGix
Hardware/Overclocking
Profil : IDNaute
Plus d'informations
n°265908
18-12-2007 à 13:35:02

Ce sujet a été déplacé de la catégorie Hardware vers la catégorie Sécurité - Virus par MaxGix


---------------
Un p'tit clic ma bonne dame mon bon monsieur  
http://www.hinsolite.com/

 
Angeldark
Profil : Helper
Plus d'informations
n°265936
18-12-2007 à 18:30:05

Bonjour,
 
C'est apparemment propre.
 
Télécharge Clean.zip (de Malekal),  
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.


---------------
Prévention & Protection|Les logiciels gratuits|L'homme  du FLCCF
dylyo
Profil : IDNaute
Plus d'informations
n°265970
18-12-2007 à 19:59:18

Bonsoir!Merci de votre concours;  
ci-joint rapport "Clean".
Bonne réception
 
C:\WINDOWS\System32\nvapps.xml -->18/12/2007 19:54:50
C:\WINDOWS\System32\nscompat.tlb -->18/12/2007 12:29:43
C:\WINDOWS\System32\amcompat.tlb -->18/12/2007 12:29:43
C:\WINDOWS\System32\wpa.dbl -->18/12/2007 12:13:15
C:\WINDOWS\System32\PerfStringBackup.INI -->18/12/2007 12:08:41
C:\WINDOWS\System32\perfh00C.dat -->18/12/2007 12:08:41
C:\WINDOWS\System32\perfh009.dat -->18/12/2007 12:08:41
C:\WINDOWS\System32\perfc00C.dat -->18/12/2007 12:08:41
C:\WINDOWS\System32\perfc009.dat -->18/12/2007 12:08:41
C:\WINDOWS\System32\logonui.exe.manifest -->15/12/2007 13:29:26
C:\WINDOWS\System32\cdplayer.exe.manifest -->15/12/2007 13:29:18
C:\WINDOWS\System32\FNTCACHE.DAT -->15/12/2007 12:34:47
C:\WINDOWS\System32\$winnt$.inf -->15/12/2007 12:32:59
C:\WINDOWS\System32\WindowsLogon.manifest -->15/12/2007 12:29:24
C:\WINDOWS\System32\wuaucpl.cpl.manifest -->15/12/2007 12:29:17
C:\WINDOWS\System32\sapi.cpl.manifest -->15/12/2007 12:29:17
C:\WINDOWS\System32\nwc.cpl.manifest -->15/12/2007 12:29:17
C:\WINDOWS\System32\ncpa.cpl.manifest -->15/12/2007 12:29:17
C:\WINDOWS\System32\emptyregdb.dat -->15/12/2007 12:28:27
C:\WINDOWS\System32\lvcoinst.log -->15/12/2007 12:22:05
C:\WINDOWS\System32\TZLog.log -->12/12/2007 03:02:03
C:\WINDOWS\System32\W32N50.dll -->05/12/2007 12:53:47
C:\WINDOWS\System32\PCANDIS5.sys -->05/12/2007 12:53:47
C:\WINDOWS\System32\MRT.exe -->03/12/2007 01:00:06
C:\WINDOWS\System32\tzchange.exe -->13/11/2007 13:31:12
 
C:\WINDOWS\win.ini -->18/12/2007 19:56:19
C:\WINDOWS\error.log -->18/12/2007 19:56:19
C:\WINDOWS\2-wlancfg.log -->18/12/2007 19:55:31
C:\WINDOWS\WindowsUpdate.log -->18/12/2007 19:55:17
C:\WINDOWS\0.log -->18/12/2007 19:54:41
C:\WINDOWS\wiaservc.log -->18/12/2007 19:54:22
C:\WINDOWS\wiadebug.log -->18/12/2007 19:54:21
C:\WINDOWS\bootstat.dat -->18/12/2007 19:53:41
C:\WINDOWS\errord.log -->18/12/2007 19:53:22
C:\WINDOWS\SchedLgU.Txt -->18/12/2007 19:52:11
C:\WINDOWS\KB899587.log -->18/12/2007 18:45:12
C:\WINDOWS\KB927779.log -->18/12/2007 18:45:00
C:\WINDOWS\KB927802.log -->18/12/2007 18:44:46
C:\WINDOWS\KB922819.log -->18/12/2007 18:44:25
C:\WINDOWS\KB885835.log -->18/12/2007 18:44:17
 
Angeldark
Profil : Helper
Plus d'informations
n°265974
18-12-2007 à 20:19:49

Le rapport : C:\rapport_clean.txt :)


---------------
Prévention & Protection|Les logiciels gratuits|L'homme  du FLCCF
dylyo
Profil : IDNaute
Plus d'informations
n°266034
18-12-2007 à 22:12:42

Autant pour moi...
ci-joint
 
 
 18/12/2007 a 19:56:12,90  
 
*** Recherche des fichiers dans C:  
 
*** Recherche des fichiers dans C:\WINDOWS\  
 
*** Recherche des fichiers dans C:\WINDOWS\system32  
 
*** Recherche des fichiers dans C:\Program Files  
*** Fin du rapport !  
Angeldark
Profil : Helper
Plus d'informations
n°266035
18-12-2007 à 22:14:43

Toujours rien.
 
Désactive tes protections résidentes (antivirus...) !
 

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.


NOTE : Le rapport se trouve également ici : C:\Combofix.txt


---------------
Prévention & Protection|Les logiciels gratuits|L'homme  du FLCCF
dylyo
Profil : IDNaute
Plus d'informations
n°266186
19-12-2007 à 18:22:15

Bonsoir!
ci-joint rapport combo
 
;ComboFix 07-12-19.2 - Fred 2007-12-20  2:17:51.4 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale  5.1.2600.2.1252.1.1036.18.794 [GMT 1:00]
Running from: C:\Documents and Settings\Fred\Bureau\ComboFix.exe
.
 
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
 
C:\WINDOWS\system32\f03WtR
 
.
(((((((((((((((((((((((((((((   Fichiers cr‚‚s 2007-11-20 to 2007-12-20  ))))))))))))))))))))))))))))))))))))
.
 
2007-12-20 02:28 . 2007-12-20 02:28 <REP> d-------- C:\WINDOWS\LastGood
2007-12-18 17:19 . 2007-04-16 16:53 1,049,600 -----c--- C:\WINDOWS\system32\dllcache\kernel32.dll
2007-12-18 13:42 . 2007-12-18 20:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-18 12:29 . 2007-12-20 02:27 <REP> d-------- C:\WINDOWS\system32\CatRoot2
2007-12-18 12:08 . 2007-12-18 12:08 <REP> d-------- C:\WINDOWS\system32\URTTEMP
2007-12-18 00:53 . 2007-12-18 00:53 <REP> d-------- C:\EA SPORTS(TM) Rugby 08
2007-12-18 00:00 . 2007-12-18 00:00 <REP> d-------- C:\Program Files\Dial-a-fix 0.57.7 Stable Full
2007-12-17 23:44 . 2007-12-18 23:25 <REP> d-------- C:\Program Files\Spyware Terminator
2007-12-17 23:44 . 2007-12-17 23:46 <REP> d-------- C:\Documents and Settings\Fred\Application Data\Spyware Terminator
2007-12-17 23:44 . 2007-12-17 23:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2007-12-17 23:17 . 2007-12-18 00:43 <REP> d-------- C:\Program Files\RegCleaner
2007-12-17 23:14 . 2007-12-20 01:23 1,393 --a------ C:\WINDOWS\imsins.BAK
2007-12-17 22:13 . 2007-12-17 22:13 <REP> d-------- C:\Program Files\Windows Defender
2007-12-17 21:53 . 2007-12-17 21:53 <REP> d-------- C:\Program Files\Trend Micro
2007-12-17 08:38 . 2007-12-17 08:38 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-12-16 21:50 . 2007-12-16 21:51 <REP> d-------- C:\Program Files\TuneUp Utilities 2007
2007-12-16 21:50 . 2007-12-16 21:50 <REP> d-------- C:\Documents and Settings\Fred\Application Data\TuneUp Software
2007-12-16 21:50 . 2007-12-16 21:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2007-12-16 21:50 . 2007-05-16 09:41 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-12-16 21:44 . 2007-12-16 21:44 <REP> d-------- C:\Documents and Settings\Fred\Application Data\Registry Booster
2007-12-15 14:27 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2007-12-15 14:27 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2007-12-15 14:27 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2007-12-15 13:03 . 2007-12-20 01:18 1,073,037,312 --a------ C:\WINDOWS\MEMORY.DMP
2007-12-15 12:29 . 2007-12-15 12:29 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2007-12-15 12:29 . 2007-12-15 12:29 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2007-12-15 12:29 . 2007-12-15 12:29 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2007-12-15 12:29 . 2007-12-15 12:29 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2007-12-15 12:29 . 2007-12-15 13:29 488 --a------ C:\WINDOWS\system32\logonui.exe.manifest
2007-12-15 12:20 . 2005-06-15 10:20 176,128 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-12-15 12:13 . 2004-08-05 13:00 1,086,058 -ra------ C:\WINDOWS\SETBA.tmp
2007-12-15 12:13 . 2004-08-05 13:00 1,014,836 -ra------ C:\WINDOWS\SETB7.tmp
2007-12-10 23:36 . 2007-12-11 01:49 319 --a------ C:\WINDOWS\game.ini
2007-12-10 07:55 . 2007-12-10 07:55 <REP> d-------- C:\Program Files\Microsoft Works
2007-12-10 07:54 . 2007-12-10 07:54 <REP> d-------- C:\Program Files\MSBuild
2007-12-10 07:49 . 2007-12-10 07:49 <REP> d-------- C:\Program Files\Microsoft.NET
2007-12-10 07:40 . 2007-12-10 07:40 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2007-12-10 07:35 . 2007-12-10 07:52 <REP> d--h----- C:\WINDOWS\ShellNew
2007-12-10 07:30 . 2007-12-10 07:30 <REP> dr-h----- C:\MSOCache
2007-12-09 18:49 . 2006-04-26 01:39 32,016 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-12-09 18:49 . 2006-04-28 01:51 29,968 --a------ C:\WINDOWS\system32\mdimon.dll
2007-12-09 18:46 . 2007-12-10 07:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-05 06:45 . 2007-08-25 16:28 <REP> d--h----- C:\Documents and Settings\Dylan\Voisinage r‚seau
2007-12-05 06:45 . 2007-08-25 16:28 <REP> d--h----- C:\Documents and Settings\Dylan\Voisinage d'impression
2007-12-05 06:45 . 2007-09-01 21:45 <REP> d--h----- C:\Documents and Settings\Dylan\ModŠles
2007-12-05 06:45 . 2007-12-05 06:46 <REP> dr------- C:\Documents and Settings\Dylan\Mes documents
2007-12-05 06:45 . 2007-08-25 16:28 <REP> dr------- C:\Documents and Settings\Dylan\Menu D‚marrer
2007-12-05 06:45 . 2007-12-05 06:46 <REP> dr------- C:\Documents and Settings\Dylan\Favoris
2007-12-05 06:45 . 2007-08-25 16:28 <REP> d-------- C:\Documents and Settings\Dylan\Bureau
2007-12-02 23:07 . 2007-12-02 23:07 <REP> d-------- C:\Program Files\RedEye
2007-11-27 21:31 . 2007-11-27 21:31 5,632 --ahs---- C:\WINDOWS\Thumbs.db
2007-11-21 23:23 . 2007-11-21 23:23 <REP> d-------- C:\Program Files\Inventel
2007-11-21 21:45 . 2007-11-11 01:53 <REP> d-a------ C:\Program Files\ActiveX
2007-11-21 21:33 . 2007-11-21 21:33 <REP> d-------- C:\Program Files\Wanadoo Messager
2007-11-21 17:55 . 2007-11-21 17:55 <REP> d-------- C:\WINDOWS\system32\AlertModule
2007-11-21 17:55 . 2004-08-23 14:49 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2007-11-21 17:54 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2007-11-21 17:54 . 2004-11-08 15:03 32,768 --a------ C:\WINDOWS\system32\ffJmpWeb.dll
2007-11-21 17:53 . 2007-12-20 01:49 <REP> d-------- C:\Program Files\Wanadoo
2007-11-21 17:33 . 2004-08-05 13:00 452,037 -ra------ C:\txtsetup.sif
2007-11-21 17:33 . 2004-08-05 13:00 263,488 -ra------ C:\$LDR$
2007-11-21 17:33 . 2007-11-21 17:33 256 ---hs---- C:\BOOT.BAK
 
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-20 01:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-20 00:59 87,797,280 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-20 00:57 2,550,816 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-20 00:32 239,108 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-20 00:32 1,175,612 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-18 21:02 --------- d-----w C:\Program Files\eMule
2007-12-17 21:03 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-12-17 20:19 --------- d-----w C:\Program Files\Astral
2007-12-17 19:25 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-17 19:21 --------- d-----w C:\Program Files\DAEMON Tools
2007-12-16 20:42 --------- d-----w C:\Documents and Settings\Fred\Application Data\Uniblue
2007-12-13 17:36 --------- d-----w C:\Program Files\Astonsoft
2007-12-12 19:49 90,980 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2007-12-12 19:49 85,860 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2007-12-11 18:00 --------- d-----w C:\Documents and Settings\Fred\Application Data\Pro Cycling Manager 2007
2007-12-11 00:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-10 22:00 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-12-10 21:58 --------- d-----w C:\Program Files\Google
2007-12-05 11:55 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-11-22 09:31 --------- d-----w C:\Program Files\EA Sports
2007-11-21 20:16 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-11-21 00:06 --------- d-----w C:\Program Files\KONAMI
2007-11-19 17:22 --------- d-----w C:\Program Files\Croteam
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-12 00:10 --------- d-----w C:\Program Files\Fox
2007-10-29 23:16 --------- d-----w C:\Program Files\Free Audio Pack
2007-10-28 16:16 --------- d-----w C:\Documents and Settings\Fred\Application Data\DivX
2007-10-28 08:58 --------- d-----w C:\Program Files\DivX
2007-10-28 08:35 --------- d-----w C:\Program Files\Virtual Dub
2007-10-27 15:31 --------- d-----w C:\Documents and Settings\Fred\Application Data\AccurateRip
2007-10-23 19:45 --------- d-----w C:\Program Files\Bethesda Softworks
2007-10-22 17:05 --------- d-----w C:\Program Files\Mio Technology
2007-10-20 14:45 --------- d-----w C:\Program Files\Cyanide
2007-09-27 20:35 86,094 ----a-w C:\WINDOWS\BPMNT.dll
2007-09-27 20:35 1,163,344 ----a-w C:\WINDOWS\vsapi32.dll
2007-09-27 19:54 71,749 ----a-w C:\WINDOWS\hcextoutput.dll
2007-09-27 19:54 267,845 ----a-w C:\WINDOWS\tsc.exe
2007-09-27 19:27 69,689 ----a-w C:\WINDOWS\UNZIP.DLL
2007-09-27 19:27 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL
2007-09-27 19:27 286,720 ----a-w C:\WINDOWS\PATCH.EXE
2007-09-02 23:05 92,672 ----a-w C:\Program Files\KillBox.exe
2007-08-29 20:31 17,144 ----a-w C:\Documents and Settings\Sylvie\Application Data\GDIPFONTCACHEV1.DAT
2007-02-09 16:34 420,816 ----a-w C:\Documents and Settings\Fred\Application Data\wunauclt.exe
.
 
(((((((((((((((((((((((((((((((((   Point de chargement Reg   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-20 15:30]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-27 19:17]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 11:51]
"WOOTASKBARICON"="C:\Program Files\Wanadoo\taskbaricon.exe" [2004-10-05 17:00]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apitrap.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ASSTE.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVSTE.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cleanup.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cqw32.exe]
ApplicationGoo 140200001002000000020000900434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000007000b000000000007000b0000003f000000020000000400010001000000000000000000000000000000440000000100560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904e404f0030000010053007400720069006e006700460069006c00650049006e0066006f000000cc03000001003000340030003900300034004500340000004a001900010043006f006d006d0065006e007400730000004300720079007300740061006c002000530051004c002000440065007300690067006e0065007200200037002e0030000000000088003400010043006f006d00700061006e0079004e0061006d006500000000005300650061006700610074006500200053006f00660074007700610072006500200049006e0066006f0072006d006100740069006f006e0020004d0061006e006100670065006d0065006e0074002000470072006f00750070002c00200049006e0063002e000000ae00450001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000280063002900200031003900390031002d003100390039001000000000000000
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divx.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\divxdec.ax]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DJSMAR00.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DRMINST.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\enc98.EXE]
DisableHeapLookAside 1
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncodeDivXExt.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EncryptPatchVer.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\front.exe]
ApplicationGoo 5409000054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001000200a8112e0400000200a8112e0400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500320030002e0032002e0030002e003100300037003000000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b00200033000000230054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010003009e112604000003009e11260400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500310030002e0033002e0030002e003100300036003200000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000200334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400f003000000000400f00300003f0000000000000004000100010000000000000000000000000000007e020000010053007400720069006e006700460069006c00650049006e0066006f0000005a02000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000036000b000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e003100300030003800000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c0054007200610064000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000180334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400dd03000000000400dd0300003f00000000000000040001000100000000000000000000000000000078020000010053007400720069006e006700460069006c00650049006e0066006f0000005402000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000034000a000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e0039003800390000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c00540072006100640065006d000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fullsoft.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\GBROWSER.DLL]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmarq.ocx]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\htmlmm.ocx]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\install.exe]
ApplicationGoo 5802000054020000000200006c0734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000cc060000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000300000002000000530065007200760069006300650020005000610063006b002000340000002300
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ishscan.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ISSTE.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\javai.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\jvm_g.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\main123w.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mngreg32.exe]
ApplicationGoo 580200005402000000020000440234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100010001000c000000010001000c00000000000000000000000400000001000000000000000000000000000000440000000000560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904b004a4010000010053007400720069006e006700460069006c00650049006e0066006f00000080010000010030003400300039003000340042003000000040002000010043006f006d00700061006e0079004e0061006d00650000000000440065004c006f0072006d00650020004d0061007000700069006e0067000000440022000100500072006f0064007500630074004e0061006d006500000000005200650067002000280044004c0069006200620079005c006d0073006600290000000000340014000100460069006c006500560065007200730069006f006e000000000031002e00300031002e0030003000310032000000380014000100500072006f006400750063007400560065007200730069006f006e00000031002e00300031002e003000300031003200000034001200010049006e007400650072006e0061006c004e0061006d00650000004d004e00470052004500470033003200000000000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msci_uno.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscoree.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorsvr.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mscorwks.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msjava.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mso.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NAVOPTRF.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NeVideoFX.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NPMLIC.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NSWSTE.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\photohse.EXE]
GlobalFlag 0x00200000
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PMSTE.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ppw32hlp.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\printhse.EXE]
GlobalFlag 0x00200000
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prwin8.EXE]
DisableHeapLookAside 1
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ps80.EXE]
DisableHeapLookAside 1
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\psdmt.exe]
ApplicationGoo 140200001002000000020000b40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100350007000000000035000700000000003f00000000000000040000000100000000000000000000000000000012020000010053007400720069006e006700460069006c00650049006e0066006f000000ee010000010030003400300039003000340062003000000042001100010043006f006d00700061006e0079004e0061006d00650000000000500065006f0070006c00650053006f00660074002c00200049006e0063002e0000000000280000000100460069006c0065004400650073006300720069007000740069006f006e00000000002a0005000100460069006c006500560065007200730069006f006e000000000037002e0035003300000000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900380038002d0031003900390038002000500065006f0070006c00650053006f00660074002c00200049006e0063002e002000200041006c006c00200052006900670068007400730020005200650073006500720076006500640000003c000a0001004f0072006900670069006e0061006c00460069006c0065006e0061006d00650000007000730064006d0074002e001000000000000000
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qfinder.EXE]
DisableHeapLookAside 1
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\qpw.EXE]
DisableHeapLookAside 1
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\salwrap.dll]
CheckAppHelp 1 (0x1)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup.exe]
ApplicationGoo 000700005402000000020000840734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000e4060000010053007400720069006e006700460069006c00650049006e0066006f00000060030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009e003d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000a40834000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000004080000010053007400720069006e006700460069006c00650049006e0066006f000000f0030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000530065007400750070000000a600410001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000180434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000078030000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009a003b0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b002000330000002400
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\setup32.dll]
ApplicationGoo 140200001002000000020000040334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001001c0008000000000000000800000000003f00000000000000040000000100000000000000000000000000000064020000010053007400720069006e006700460069006c00650049006e0066006f00000040020000010030003400300039003000340062003000000044001200010043006f006d00700061006e0079004e0061006d0065000000000043006f00720065006c00200043006f0072