virus alert! je desespere
Dernière réponse : dans Sécurité
Bonjour a tous
alors voulà ce matin j'ai telecharer un programme je l'est executer et 3 secondes apres, j'ai eu un nouveau fond d'écran qui est passé du bleu au rouge que je ne peu meme pas changer d'ailleurs, avec un virus alert! a coté de l'horloge plus de menu démarrer, plus de menu "tous les programmes" disque local C:\ masqué, un merdier pas possible, plus d'acces a internet (je suis sur le pc d'un ami, pour installer des programmes c'est un amis a moi qui me les envoi par msn (une des seules choses qui marchent encore)) donc j'ai vraiment besoin d'etre guidée par des personnes qui s'y conaissent parce-que je suis perdue![:(]( ":(")
j'ai déjà réussi a réactiver le gestionnaire des taches pour virer quelque merdes qui font ramer, et la ca va mieu, le pc plante plus etc. Par contre le virus me lance des liens vers différents anti-virus que je refuse evidemment, lorsque je veux allé sur internet explorer 7.0 ca me le ferme dessuite, mozilla par contre je peux acceder a google mais lorsqe je veux cliqué sur des liens ca me renvoi nouveau sur ce site d'anti-trojans ![:(]( ":(")
j'ai besoin d'aide,
merci merci merci merci merci d'avance à toute les personnes qui participerons!!!!!
alors voulà ce matin j'ai telecharer un programme je l'est executer et 3 secondes apres, j'ai eu un nouveau fond d'écran qui est passé du bleu au rouge que je ne peu meme pas changer d'ailleurs, avec un virus alert! a coté de l'horloge plus de menu démarrer, plus de menu "tous les programmes" disque local C:\ masqué, un merdier pas possible, plus d'acces a internet (je suis sur le pc d'un ami, pour installer des programmes c'est un amis a moi qui me les envoi par msn (une des seules choses qui marchent encore)) donc j'ai vraiment besoin d'etre guidée par des personnes qui s'y conaissent parce-que je suis perdue
j'ai déjà réussi a réactiver le gestionnaire des taches pour virer quelque merdes qui font ramer, et la ca va mieu, le pc plante plus etc. Par contre le virus me lance des liens vers différents anti-virus que je refuse evidemment, lorsque je veux allé sur internet explorer 7.0 ca me le ferme dessuite, mozilla par contre je peux acceder a google mais lorsqe je veux cliqué sur des liens ca me renvoi nouveau sur ce site d'anti-trojans j'ai besoin d'aide, merci merci merci merci merci d'avance à toute les personnes qui participerons!!!!!
Autres pages sur : virus alert desespere
Lassé par la pub ? Créez un compte
étant donné que je sais que vous allez me demander un rapport hijackthis le voila :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59: VIRUS ALERT!, on 07/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.175.133.27:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
F3 - REG:win.ini: run="C:\Documents and Settings\pearl\Application Data\Adobe\Manager.exe"
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: XMLDP Class - {72A128E0-2240-40c8-9E92-5387D64F839E} - C:\WINDOWS\xml2u32h.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QXK Olive - {86A223EE-081B-4CF9-98FB-52514CE4A8E1} - C:\WINDOWS\wnlmdakqenv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MSNAddon] C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX02.218\MSNAddon.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [lphcrnqj0e1ce] C:\WINDOWS\system32\lphcrnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKLM\..\Run: [SMrhcvnqj0e1ce] C:\Program Files\rhcvnqj0e1ce\rhcvnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKLM\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKLM\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKLM\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting
O4 - HKCU\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting
O4 - HKCU\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKCU\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKCU\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKCU\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKCU\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\pearl\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://212.42.54.137:8008/activex/AMC.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O21 - SSODL: tfnslopk - {3F9753B2-9BB2-482B-9B62-0172D68F8A2C} - C:\WINDOWS\tfnslopk.dll
O21 - SSODL: xokvrpwg - {6E3B7E4C-BC7B-45C7-9170-169E1BC3441B} - C:\WINDOWS\xokvrpwg.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59: VIRUS ALERT!, on 07/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.175.133.27:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
F3 - REG:win.ini: run="C:\Documents and Settings\pearl\Application Data\Adobe\Manager.exe"
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: XMLDP Class - {72A128E0-2240-40c8-9E92-5387D64F839E} - C:\WINDOWS\xml2u32h.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QXK Olive - {86A223EE-081B-4CF9-98FB-52514CE4A8E1} - C:\WINDOWS\wnlmdakqenv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MSNAddon] C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX02.218\MSNAddon.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [lphcrnqj0e1ce] C:\WINDOWS\system32\lphcrnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKLM\..\Run: [SMrhcvnqj0e1ce] C:\Program Files\rhcvnqj0e1ce\rhcvnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKLM\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKLM\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKLM\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting
O4 - HKCU\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting
O4 - HKCU\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKCU\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKCU\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKCU\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKCU\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\pearl\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://212.42.54.137:8008/activex/AMC.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O21 - SSODL: tfnslopk - {3F9753B2-9BB2-482B-9B62-0172D68F8A2C} - C:\WINDOWS\tfnslopk.dll
O21 - SSODL: xokvrpwg - {6E3B7E4C-BC7B-45C7-9170-169E1BC3441B} - C:\WINDOWS\xokvrpwg.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
Bonjour,On commence par ça
Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.
Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
main.txt <- ouvert en premier plan et en plein écran
extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
S'il s'agit d'une utilisation supplémentaire de DSS :
main.txt <- ouvert en premier plan et en plein écran
Ce que fait DSS :
re, merci en tous cas de m'aider j'espere que ca va marcher. Fais chier ce virus ![:(]( ":(")
mon font d'écran est changer jpeu plus le rechanger, plein d'erreur de script internet et tout ![:(]( ":(")
jsuis fichu ![:(]( ":(")
voila le menu de dds que tu ma demander![:(]( ":(")
Deckard's System Scanner v20071014.68
Run by pearl on 2008-08-08 13:54:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 1 Restore Point(s) --
1: 2008-08-08 11:54:24 UTC - RP1 - Deckard's System Scanner Restore Point
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as pearl.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:55: VIRUS ALERT!, on 08/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX00.141\dss.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\pearl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.175.133.27:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
F3 - REG:win.ini: run="C:\Documents and Settings\pearl\Application Data\Adobe\Manager.exe"
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: XMLDP Class - {72A128E0-2240-40c8-9E92-5387D64F839E} - C:\WINDOWS\xml2u32h.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QXK Olive - {86A223EE-081B-4CF9-98FB-52514CE4A8E1} - C:\WINDOWS\wnlmdakqenv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MSNAddon] C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX02.218\MSNAddon.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [lphcrnqj0e1ce] C:\WINDOWS\system32\lphcrnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKLM\..\Run: [SMrhcvnqj0e1ce] C:\Program Files\rhcvnqj0e1ce\rhcvnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKLM\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKLM\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKLM\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [tmp581078] cmd /Q /C "C:\WINDOWS\tmp581062.bat"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting
O4 - HKCU\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting
O4 - HKCU\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKCU\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKCU\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKCU\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKCU\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\pearl\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.13/cfweb_a...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://212.42.54.137:8008/activex/AMC.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O21 - SSODL: tfnslopk - {1C783713-F791-4E21-AEB8-B1FFB66D66F5} - C:\WINDOWS\tfnslopk.dll
O21 - SSODL: XyTKAPCe - {5CC0736D-F66A-D9C7-4DA3-896A77F63C88} - C:\WINDOWS\system32\xip.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 15066 bytes
-- File Associations -----------------------------------------------------------
.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2
.js - JSFile - shell\open\command - unable to read value
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 ZDPNDIS5 (ZDPNDIS5 NDIS Protocol Driver) - c:\windows\system32\zdpndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 catchme - c:\docume~1\pearl\locals~1\temp\catchme.sys (file missing)
S3 CO_Mon - c:\windows\system32\drivers\co_mon.sys
S3 EverestDriver (Lavalys EVEREST Kernel Driver) - c:\program files\lavalys\everest home edition\kerneld.wnt
S3 PCANDIS5 (PCANDIS5 Protocol Driver) - c:\windows\system32\pcandis5.sys (file missing)
S3 ZDCndis5 (ZDCndis5 Protocol Driver) - c:\windows\system32\zdcndis5.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S3 FLEXnet Licensing Service - "c:\program files\fichiers communs\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NMIndexingService - "c:\program files\fichiers communs\ahead\lib\nmindexingservice.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-08-07 17:24:02 256 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-07-14 22:54:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-07-08 and 2008-08-08 -----------------------------
2008-08-08 13:38:08 245 --a------ C:\WINDOWS\tmp581062.bat
2008-08-07 16:27:06 0 d-------- C:\WINDOWS\privacy_danger
2008-08-07 16:26:11 0 d-------- C:\Documents and Settings\pearl\Application Data\Malwarebytes
2008-08-07 16:26:05 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-07 16:26:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-07 15:58:20 0 d-------- C:\Program Files\Trend Micro
2008-08-07 15:05:56 65536 --a------ C:\Program Files\KB35379.exe
2008-08-07 15:05:09 65536 --a------ C:\Program Files\KB35219.exe
2008-08-07 13:35:26 94208 --a------ C:\WINDOWS\system32\pphcrnqj0e1ce.exe
2008-08-07 13:35:25 0 d-------- C:\Documents and Settings\pearl\Application Data\rhcvnqj0e1ce
2008-08-07 13:35:20 0 d-------- C:\Program Files\VAV
2008-08-07 13:35:14 0 d-------- C:\Program Files\rhcvnqj0e1ce
2008-08-07 13:35:11 0 d-------- C:\Program Files\PCHealthCenter
2008-08-07 13:34:57 0 d-------- C:\Documents and Settings\pearl\Application Data\TmpRecentIcons
2008-08-07 13:34:43 233472 --a------ C:\WINDOWS\xokvrpwg.dll
2008-08-07 13:34:43 86016 --a------ C:\WINDOWS\lnvegaow.exe
2008-08-07 13:34:42 389120 --a------ C:\WINDOWS\wnlmdakqenv.dll
2008-08-07 13:34:42 200704 --a------ C:\WINDOWS\tfnslopk.dll
2008-08-07 13:34:42 139264 --a------ C:\WINDOWS\epgk.exe
2008-08-07 13:34:42 192512 --a------ C:\WINDOWS\bgrqfetx.dll
2008-08-07 13:34:36 60928 --a------ C:\WINDOWS\system32\blphcrnqj0e1ce.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-08-07 13:34:31 134656 --a------ C:\WINDOWS\system32\lphcrnqj0e1ce.exe
2008-08-07 13:34:25 53760 --a------ C:\WINDOWS\xml2u32h.dll <Not Verified; Microsoft Corporation; XML parser library>
2008-08-07 13:15:40 0 d-------- C:\Program Files\Fake Webcam
2008-08-06 19:52:31 0 d-------- C:\Program Files\Common Files
2008-08-06 19:52:27 0 d-------- C:\Program Files\CamStudio
2008-08-06 19:48:11 0 d-------- C:\Program Files\Reverse & Upper
2008-07-14 15:07:54 0 d-------- C:\Documents and Settings\pearl\Application Data\COWON
2008-07-14 14:27:37 0 d-------- C:\Documents and Settings\pearl\Application Data\Audacity
-- Find3M Report ---------------------------------------------------------------
2008-08-08 13:53:14 0 d-------- C:\Documents and Settings\pearl\Application Data\Free Download Manager <FREEDO~1>
2008-08-08 13:44:06 0 d-------- C:\Documents and Settings\pearl\Application Data\tor
2008-08-08 13:32:54 0 d-------- C:\Documents and Settings\pearl\Application Data\Skype
2008-08-07 14:52:50 0 d-------- C:\Program Files\Steam
2008-08-07 13:35:39 0 d-------- C:\Documents and Settings\pearl\Application Data\Azureus
2008-08-07 13:34:20 0 d-------- C:\Documents and Settings\pearl\Application Data\Adobe
2008-08-07 12:56:16 0 d-------- C:\Documents and Settings\pearl\Application Data\Vidalia
2008-08-06 19:52:33 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-08-06 19:42:49 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-08-05 15:50:17 0 d-------- C:\Documents and Settings\pearl\Application Data\vmntoolbar
2008-07-24 19:11:09 0 d-------- C:\Program Files\mIRC
2008-07-21 14:12:51 0 d-------- C:\Program Files\Copie de mIRC
2008-07-20 15:24:57 0 d-------- C:\Program Files\Fichiers communs
2008-07-10 18:40:08 0 d-------- C:\Documents and Settings\pearl\Application Data\LimeWire
2008-07-10 18:38:27 0 d-------- C:\Program Files\Free Video Converter
2008-07-04 16:53:07 0 d-------- C:\Program Files\LimeWire
2008-07-03 17:48:33 0 d-------- C:\Program Files\Samsung
2008-06-20 20:29:06 0 d-------- C:\Documents and Settings\pearl\Application Data\Dealio
2008-06-20 20:24:46 0 d-------- C:\Program Files\Fichiers communs\SWF Studio
2008-06-18 13:06:54 0 d-------- C:\Documents and Settings\pearl\Application Data\Viewpoint
2008-06-17 14:21:59 0 d-------- C:\Program Files\Blip Blop
2008-06-13 21:04:26 0 d-------- C:\Program Files\Windows Live Toolbar
2008-06-13 21:04:25 0 d-------- C:\Program Files\Wanadoo Messager
2008-06-13 21:04:25 0 d-------- C:\Program Files\vmntoolbar
2008-06-13 21:04:21 0 d-------- C:\Program Files\AV Vcs 6.0 DIAMOND
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72A128E0-2240-40c8-9E92-5387D64F839E}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86A223EE-081B-4CF9-98FB-52514CE4A8E1}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices
!d;
"tmp581078"=cmd /Q /C "C:\WINDOWS\tmp581062.bat"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce
HKEY_USERS\.default\software\microsoft\windows\currentversion\runservices
SSS6_SPM REG_SZ "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [19/03/2007 00:05:02]
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [27/10/2006 16:05:08]
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system
!d;
"NoDispCPL"=1 (0x1)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer
!d;
"NoSetFolders"=1 (0x1)
HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer
Written by Bobbi Flekman 2006 (C)
GeneralFlags REG_DWORD 0 (0x0)
RestoredStateInfo REG_BINARY 180000000000000000000000f4010000f401000001000000
RestoredStateInfo REG_BINARY 18000000cc0000000000000034030000ea02000001000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"tfnslopk"= {1C783713-F791-4E21-AEB8-B1FFB66D66F5} - C:\WINDOWS\tfnslopk.dll [07/08/2008 11:30: VIRUS ALERT! 200704]
"XyTKAPCe"= {5CC0736D-F66A-D9C7-4DA3-896A77F63C88} - C:\WINDOWS\system32\xip.dll [16/04/2007 17:53: VIRUS ALERT! 32768]
REGEDIT4
"SfcScan"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPExtensions]
"ProcessGroupPolicy"="ProcessGroupPolicy"
00
"MaxNoGPOListChangesInterval"=dword:000003c0
00
"RequiresSuccessfulRegistry"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001
74,61,6c,6c,65,72,2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Notify]
"Unlock"="AtiUnLockEvent"
"Logoff"="ChainWlxLogoffEvent"
"Logoff"="CryptnetWlxLogoffEvent"
"Asynchronous"=dword:00000001
"Asynchronous"=dword:00000001
"Logoff"="SchedEventLogOff"
"DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00
"Asynchronous"=dword:00000001
"Disconnect"="TSEventDisconnect"
"Event"=dword:00000000
79,14,00,00,00,b5,8e,2a,f0,be,1a,1d,9b,da,83,49,58,b2,28,5f,3f,dd,1f,68,45
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SpecialAccounts]
"VUSR_"=dword:00010000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Credentials]
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ Ati2evxx.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ cscdll.dll
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logoff REG_SZ WLEventLogoff
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ WlNotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logon REG_SZ WLEventLogon
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows
!d;s/ /x22/;s/t.*t/x22=/;s/hkey_.*/[&]/;
appinit_dlls REG_SZ MsgPlusLoader.dll
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 140200001002000000020000900434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000007000b000000000007000b0000003f000000020000000400010001000000000000000000000000000000440000000100560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904e404f0030000010053007400720069006e006700460069006c00650049006e0066006f000000cc03000001003000340030003900300034004500340000004a001900010043006f006d006d0065006e007400730000004300720079007300740061006c002000530051004c002000440065007300690067006e0065007200200037002e0030000000000088003400010043006f006d00700061006e0079004e0061006d006500000000005300650061006700610074006500200053006f00660074007700610072006500200049006e0066006f0072006d006100740069006f006e0020004d0061006e006100670065006d0065006e0074002000470072006f00750070002c00200049006e0063002e000000ae00450001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000280063002900200031003900390031002d003100390039001000000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5409000054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001000200a8112e0400000200a8112e0400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500320030002e0032002e0030002e003100300037003000000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b00200033000000230054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010003009e112604000003009e11260400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500310030002e0033002e0030002e003100300036003200000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000200334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400f003000000000400f00300003f0000000000000004000100010000000000000000000000000000007e020000010053007400720069006e006700460069006c00650049006e0066006f0000005a02000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000036000b000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e003100300030003800000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c0054007200610064000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000180334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400dd03000000000400dd0300003f00000000000000040001000100000000000000000000000000000078020000010053007400720069006e006700460069006c00650049006e0066006f0000005402000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000034000a000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e0039003800390000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c00540072006100640065006d000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5802000054020000000200006c0734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000cc060000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000300000002000000530065007200760069006300650020005000610063006b002000340000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 580200005402000000020000440234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100010001000c000000010001000c00000000000000000000000400000001000000000000000000000000000000440000000000560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904b004a4010000010053007400720069006e006700460069006c00650049006e0066006f00000080010000010030003400300039003000340042003000000040002000010043006f006d00700061006e0079004e0061006d00650000000000440065004c006f0072006d00650020004d0061007000700069006e0067000000440022000100500072006f0064007500630074004e0061006d006500000000005200650067002000280044004c0069006200620079005c006d0073006600290000000000340014000100460069006c006500560065007200730069006f006e000000000031002e00300031002e0030003000310032000000380014000100500072006f006400750063007400560065007200730069006f006e00000031002e00300031002e003000300031003200000034001200010049006e007400650072006e0061006c004e0061006d00650000004d004e00470052004500470033003200000000000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
ApplicationGoo REG_BINARY 140200001002000000020000b40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100350007000000000035000700000000003f00000000000000040000000100000000000000000000000000000012020000010053007400720069006e006700460069006c00650049006e0066006f000000ee010000010030003400300039003000340062003000000042001100010043006f006d00700061006e0079004e0061006d00650000000000500065006f0070006c00650053006f00660074002c00200049006e0063002e0000000000280000000100460069006c0065004400650073006300720069007000740069006f006e00000000002a0005000100460069006c006500560065007200730069006f006e000000000037002e0035003300000000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900380038002d0031003900390038002000500065006f0070006c00650053006f00660074002c00200049006e0063002e002000200041006c006c00200052006900670068007400730020005200650073006500720076006500640000003c000a0001004f0072006900670069006e0061006c00460069006c0065006e0061006d00650000007000730064006d0074002e001000000000000000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 000700005402000000020000840734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000e4060000010053007400720069006e006700460069006c00650049006e0066006f00000060030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009e003d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000a40834000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000004080000010053007400720069006e006700460069006c00650049006e0066006f000000f0030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000530065007400750070000000a600410001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000180434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000078030000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009a003b0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b002000330000002400
ApplicationGoo REG_BINARY 140200001002000000020000040334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001001c0008000000000000000800000000003f00000000000000040000000100000000000000000000000000000064020000010053007400720069006e006700460069006c00650049006e0066006f00000040020000010030003400300039003000340062003000000044001200010043006f006d00700061006e0079004e0061006d0065000000000043006f00720065006c00200043006f00720070006f0072006100740069006f006e0000004e0013000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000002c0006000100460069006c006500560065007200730069006f006e000000000038002e00300032003800000046001300010049006e007400650072006e0061006c004e0061006d006500000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000006c00240001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390037002c00200043006f00720065006c00200043006f00720070006f0072000800000000000000
ApplicationGoo REG_BINARY 140200001002000000020000380334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010002000a0001000a0002000a0001000a000000000000000000040001000100000000000000000000000000000098020000010053007400720069006e006700460069006c00650049006e0066006f0000007402000001003000340030003900300034004500340000004a001500010043006f006d00700061006e0079004e0061006d00650000000000530079006d0061006e00740065006300200043006f00720070006f0072006100740069006f006e000000000060001c000100460069006c0065004400650073006300720069007000740069006f006e0000000000530079006d0061006e007400650063002000530079006d006500760065006e007400200049006e007300740061006c006c0065007200000034000a000100460069006c006500560065007200730069006f006e0000000000310030002e0032002e00310030002e003100000030000800010049006e007400650072006e0061006c004e0061006d006500000053004500560049004e005300540000007e002d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020002800430029002000530079006d0061006e00740065006300200043006f0072000100000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 1402000010020000000200007c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000900260000000100090026003f000000000000000400000001000000000000000000000000000000dc020000010053007400720069006e006700460069006c00650049006e0066006f000000b8020000010030003400300039003000340062003000000066002700010043006f006d006d0065006e0074007300000042007500730069006e00650073007300200049006e00740065006c006c006900670065006e006300650020006f006e0020004500760065007200790020004400650073006b0074006f0070000000000048001400010043006f006d00700061006e0079004e0061006d0065000000000043006f0067006e006f007300200049006e0063006f00720070006f0072006100740065006400000060001c000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f0067006e006f0073002000470065006e006500720069006300200049006e007300740061006c006c006100740069006f006e00000038000c000100460069006c006500560065007200730069006f006e000000000031002c00200030002c002000330038002c0020003900000030000800010049006e007400650072006e0061006c004e0061006d00650000000100000000000000
GlobalFlag REG_SZ 0x000010F0
ApplicationGoo REG_BINARY 140200001002000000020000a40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000100000000000100010000003f00000000000000010001000100000000000000000000000000000004020000010053007400720069006e006700460069006c00650049006e0066006f000000e0010000010030003400300039003000340045003400000020000000010043006f006d00700061006e0079004e0061006d00650000000000580018000100460069006c0065004400650073006300720069007000740069006f006e000000000049004e005300540041004c004c0020004d004600430020004100700070006c00690063006100740069006f006e000000300008000100460069006c006500560065007200730069006f006e000000000031002e0030002e00300030003100000030000800010049006e007400650072006e0061006c004e0061006d006500000049004e005300540041004c004c0000002400000001004c006500670061006c0043006f00700079007200690067006800740000002800000001004c006500670061006c00540072006100640065006d00610072006b0073000000000040000c0001004f0072006900670069006e0061006c00460069006c0065006e0061006d006500000049004e005300540041004c004c002e004500580045000000300008000800000000000000
"Notification Packages scecli
Written by Bobbi Flekman 2006 (C)
Error: Key: software\microsoft\windows\currentversion\group policy\state does not exist!
Written by Bobbi Flekman 2006 (C)
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SaslProfiles
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SCHANNEL
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\File system]
@="Driver Group"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\RpcSs]
@="Service"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\vgasave.sys]
@="Driver"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components
7,0,5730,0
*
6,0,5730,11
6,0,5730,11
1 (0x1)
2,0,0,0
01000000
EN
EN
01000000
11,0,5721,5145
11,0,5721,5145
DirectAnimation
1,1,1,7
4,7,0,0320
*
1,397,2406,1
6,0,2900,2180
1 (0x1)
FR
11,0,5721,5145
4,71,1113,0
7,0,5730,11
6,00,01,0223
5,6,0,8820
1 (0x1)
5,00,2918,1900
7,0,5730,11
C:\WINDOWS\system32\msieftp.dll
11,0,5721,5145
4,9,9,2
2,0,50727,0
WAB
fr
en
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}\AuthorizedCDFPrefix
DOTNETFRAMEWORKS
7,0,5730,11
6,0,2800,2180
.NET Framework
6,0,5730,11
4,71,1968,1
2,1,4026,0
EN
6,0,5730,11
5,0,00,0
-- End of Deckard's System Scanner: finished at 2008-08-08 13:56:56 ------------
mon font d'écran est changer jpeu plus le rechanger, plein d'erreur de script internet et tout jsuis fichu voila le menu de dds que tu ma demander
Deckard's System Scanner v20071014.68
Run by pearl on 2008-08-08 13:54:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 1 Restore Point(s) --
1: 2008-08-08 11:54:24 UTC - RP1 - Deckard's System Scanner Restore Point
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as pearl.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:55: VIRUS ALERT!, on 08/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX00.141\dss.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\pearl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.175.133.27:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
F3 - REG:win.ini: run="C:\Documents and Settings\pearl\Application Data\Adobe\Manager.exe"
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: XMLDP Class - {72A128E0-2240-40c8-9E92-5387D64F839E} - C:\WINDOWS\xml2u32h.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QXK Olive - {86A223EE-081B-4CF9-98FB-52514CE4A8E1} - C:\WINDOWS\wnlmdakqenv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MSNAddon] C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX02.218\MSNAddon.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [lphcrnqj0e1ce] C:\WINDOWS\system32\lphcrnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKLM\..\Run: [SMrhcvnqj0e1ce] C:\Program Files\rhcvnqj0e1ce\rhcvnqj0e1ce.exe
O4 - HKLM\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKLM\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKLM\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKLM\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [tmp581078] cmd /Q /C "C:\WINDOWS\tmp581062.bat"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting
O4 - HKCU\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting
O4 - HKCU\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKCU\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKCU\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKCU\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKCU\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\pearl\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.13/cfweb_a...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://212.42.54.137:8008/activex/AMC.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O21 - SSODL: tfnslopk - {1C783713-F791-4E21-AEB8-B1FFB66D66F5} - C:\WINDOWS\tfnslopk.dll
O21 - SSODL: XyTKAPCe - {5CC0736D-F66A-D9C7-4DA3-896A77F63C88} - C:\WINDOWS\system32\xip.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 15066 bytes
-- File Associations -----------------------------------------------------------
.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2
.js - JSFile - shell\open\command - unable to read value
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 ZDPNDIS5 (ZDPNDIS5 NDIS Protocol Driver) - c:\windows\system32\zdpndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 catchme - c:\docume~1\pearl\locals~1\temp\catchme.sys (file missing)
S3 CO_Mon - c:\windows\system32\drivers\co_mon.sys
S3 EverestDriver (Lavalys EVEREST Kernel Driver) - c:\program files\lavalys\everest home edition\kerneld.wnt
S3 PCANDIS5 (PCANDIS5 Protocol Driver) - c:\windows\system32\pcandis5.sys (file missing)
S3 ZDCndis5 (ZDCndis5 Protocol Driver) - c:\windows\system32\zdcndis5.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S3 FLEXnet Licensing Service - "c:\program files\fichiers communs\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 NMIndexingService - "c:\program files\fichiers communs\ahead\lib\nmindexingservice.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-08-07 17:24:02 256 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-07-14 22:54:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-07-08 and 2008-08-08 -----------------------------
2008-08-08 13:38:08 245 --a------ C:\WINDOWS\tmp581062.bat
2008-08-07 16:27:06 0 d-------- C:\WINDOWS\privacy_danger
2008-08-07 16:26:11 0 d-------- C:\Documents and Settings\pearl\Application Data\Malwarebytes
2008-08-07 16:26:05 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-07 16:26:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-07 15:58:20 0 d-------- C:\Program Files\Trend Micro
2008-08-07 15:05:56 65536 --a------ C:\Program Files\KB35379.exe
2008-08-07 15:05:09 65536 --a------ C:\Program Files\KB35219.exe
2008-08-07 13:35:26 94208 --a------ C:\WINDOWS\system32\pphcrnqj0e1ce.exe
2008-08-07 13:35:25 0 d-------- C:\Documents and Settings\pearl\Application Data\rhcvnqj0e1ce
2008-08-07 13:35:20 0 d-------- C:\Program Files\VAV
2008-08-07 13:35:14 0 d-------- C:\Program Files\rhcvnqj0e1ce
2008-08-07 13:35:11 0 d-------- C:\Program Files\PCHealthCenter
2008-08-07 13:34:57 0 d-------- C:\Documents and Settings\pearl\Application Data\TmpRecentIcons
2008-08-07 13:34:43 233472 --a------ C:\WINDOWS\xokvrpwg.dll
2008-08-07 13:34:43 86016 --a------ C:\WINDOWS\lnvegaow.exe
2008-08-07 13:34:42 389120 --a------ C:\WINDOWS\wnlmdakqenv.dll
2008-08-07 13:34:42 200704 --a------ C:\WINDOWS\tfnslopk.dll
2008-08-07 13:34:42 139264 --a------ C:\WINDOWS\epgk.exe
2008-08-07 13:34:42 192512 --a------ C:\WINDOWS\bgrqfetx.dll
2008-08-07 13:34:36 60928 --a------ C:\WINDOWS\system32\blphcrnqj0e1ce.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-08-07 13:34:31 134656 --a------ C:\WINDOWS\system32\lphcrnqj0e1ce.exe
2008-08-07 13:34:25 53760 --a------ C:\WINDOWS\xml2u32h.dll <Not Verified; Microsoft Corporation; XML parser library>
2008-08-07 13:15:40 0 d-------- C:\Program Files\Fake Webcam
2008-08-06 19:52:31 0 d-------- C:\Program Files\Common Files
2008-08-06 19:52:27 0 d-------- C:\Program Files\CamStudio
2008-08-06 19:48:11 0 d-------- C:\Program Files\Reverse & Upper
2008-07-14 15:07:54 0 d-------- C:\Documents and Settings\pearl\Application Data\COWON
2008-07-14 14:27:37 0 d-------- C:\Documents and Settings\pearl\Application Data\Audacity
-- Find3M Report ---------------------------------------------------------------
2008-08-08 13:53:14 0 d-------- C:\Documents and Settings\pearl\Application Data\Free Download Manager <FREEDO~1>
2008-08-08 13:44:06 0 d-------- C:\Documents and Settings\pearl\Application Data\tor
2008-08-08 13:32:54 0 d-------- C:\Documents and Settings\pearl\Application Data\Skype
2008-08-07 14:52:50 0 d-------- C:\Program Files\Steam
2008-08-07 13:35:39 0 d-------- C:\Documents and Settings\pearl\Application Data\Azureus
2008-08-07 13:34:20 0 d-------- C:\Documents and Settings\pearl\Application Data\Adobe
2008-08-07 12:56:16 0 d-------- C:\Documents and Settings\pearl\Application Data\Vidalia
2008-08-06 19:52:33 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-08-06 19:42:49 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-08-05 15:50:17 0 d-------- C:\Documents and Settings\pearl\Application Data\vmntoolbar
2008-07-24 19:11:09 0 d-------- C:\Program Files\mIRC
2008-07-21 14:12:51 0 d-------- C:\Program Files\Copie de mIRC
2008-07-20 15:24:57 0 d-------- C:\Program Files\Fichiers communs
2008-07-10 18:40:08 0 d-------- C:\Documents and Settings\pearl\Application Data\LimeWire
2008-07-10 18:38:27 0 d-------- C:\Program Files\Free Video Converter
2008-07-04 16:53:07 0 d-------- C:\Program Files\LimeWire
2008-07-03 17:48:33 0 d-------- C:\Program Files\Samsung
2008-06-20 20:29:06 0 d-------- C:\Documents and Settings\pearl\Application Data\Dealio
2008-06-20 20:24:46 0 d-------- C:\Program Files\Fichiers communs\SWF Studio
2008-06-18 13:06:54 0 d-------- C:\Documents and Settings\pearl\Application Data\Viewpoint
2008-06-17 14:21:59 0 d-------- C:\Program Files\Blip Blop
2008-06-13 21:04:26 0 d-------- C:\Program Files\Windows Live Toolbar
2008-06-13 21:04:25 0 d-------- C:\Program Files\Wanadoo Messager
2008-06-13 21:04:25 0 d-------- C:\Program Files\vmntoolbar
2008-06-13 21:04:21 0 d-------- C:\Program Files\AV Vcs 6.0 DIAMOND
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72A128E0-2240-40c8-9E92-5387D64F839E}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86A223EE-081B-4CF9-98FB-52514CE4A8E1}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices
!d;
"tmp581078"=cmd /Q /C "C:\WINDOWS\tmp581062.bat"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce
HKEY_USERS\.default\software\microsoft\windows\currentversion\runservices
SSS6_SPM REG_SZ "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [19/03/2007 00:05:02]
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [27/10/2006 16:05:08]
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system
!d;
"NoDispCPL"=1 (0x1)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer
!d;
"NoSetFolders"=1 (0x1)
HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer
Written by Bobbi Flekman 2006 (C)
GeneralFlags REG_DWORD 0 (0x0)
RestoredStateInfo REG_BINARY 180000000000000000000000f4010000f401000001000000
RestoredStateInfo REG_BINARY 18000000cc0000000000000034030000ea02000001000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"tfnslopk"= {1C783713-F791-4E21-AEB8-B1FFB66D66F5} - C:\WINDOWS\tfnslopk.dll [07/08/2008 11:30: VIRUS ALERT! 200704]
"XyTKAPCe"= {5CC0736D-F66A-D9C7-4DA3-896A77F63C88} - C:\WINDOWS\system32\xip.dll [16/04/2007 17:53: VIRUS ALERT! 32768]
REGEDIT4
"SfcScan"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPExtensions]
"ProcessGroupPolicy"="ProcessGroupPolicy"
00
"MaxNoGPOListChangesInterval"=dword:000003c0
00
"RequiresSuccessfulRegistry"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001
74,61,6c,6c,65,72,2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Notify]
"Unlock"="AtiUnLockEvent"
"Logoff"="ChainWlxLogoffEvent"
"Logoff"="CryptnetWlxLogoffEvent"
"Asynchronous"=dword:00000001
"Asynchronous"=dword:00000001
"Logoff"="SchedEventLogOff"
"DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00
"Asynchronous"=dword:00000001
"Disconnect"="TSEventDisconnect"
"Event"=dword:00000000
79,14,00,00,00,b5,8e,2a,f0,be,1a,1d,9b,da,83,49,58,b2,28,5f,3f,dd,1f,68,45
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SpecialAccounts]
"VUSR_"=dword:00010000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Credentials]
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ Ati2evxx.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ cscdll.dll
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logoff REG_SZ WLEventLogoff
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ WlNotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logon REG_SZ WLEventLogon
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows
!d;s/ /x22/;s/t.*t/x22=/;s/hkey_.*/[&]/;
appinit_dlls REG_SZ MsgPlusLoader.dll
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 140200001002000000020000900434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000007000b000000000007000b0000003f000000020000000400010001000000000000000000000000000000440000000100560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904e404f0030000010053007400720069006e006700460069006c00650049006e0066006f000000cc03000001003000340030003900300034004500340000004a001900010043006f006d006d0065006e007400730000004300720079007300740061006c002000530051004c002000440065007300690067006e0065007200200037002e0030000000000088003400010043006f006d00700061006e0079004e0061006d006500000000005300650061006700610074006500200053006f00660074007700610072006500200049006e0066006f0072006d006100740069006f006e0020004d0061006e006100670065006d0065006e0074002000470072006f00750070002c00200049006e0063002e000000ae00450001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000280063002900200031003900390031002d003100390039001000000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5409000054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001000200a8112e0400000200a8112e0400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500320030002e0032002e0030002e003100300037003000000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b00200033000000230054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010003009e112604000003009e11260400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500310030002e0033002e0030002e003100300036003200000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000200334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400f003000000000400f00300003f0000000000000004000100010000000000000000000000000000007e020000010053007400720069006e006700460069006c00650049006e0066006f0000005a02000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000036000b000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e003100300030003800000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c0054007200610064000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000180334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400dd03000000000400dd0300003f00000000000000040001000100000000000000000000000000000078020000010053007400720069006e006700460069006c00650049006e0066006f0000005402000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000034000a000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e0039003800390000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c00540072006100640065006d000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5802000054020000000200006c0734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000cc060000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000300000002000000530065007200760069006300650020005000610063006b002000340000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 580200005402000000020000440234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100010001000c000000010001000c00000000000000000000000400000001000000000000000000000000000000440000000000560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904b004a4010000010053007400720069006e006700460069006c00650049006e0066006f00000080010000010030003400300039003000340042003000000040002000010043006f006d00700061006e0079004e0061006d00650000000000440065004c006f0072006d00650020004d0061007000700069006e0067000000440022000100500072006f0064007500630074004e0061006d006500000000005200650067002000280044004c0069006200620079005c006d0073006600290000000000340014000100460069006c006500560065007200730069006f006e000000000031002e00300031002e0030003000310032000000380014000100500072006f006400750063007400560065007200730069006f006e00000031002e00300031002e003000300031003200000034001200010049006e007400650072006e0061006c004e0061006d00650000004d004e00470052004500470033003200000000000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
ApplicationGoo REG_BINARY 140200001002000000020000b40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100350007000000000035000700000000003f00000000000000040000000100000000000000000000000000000012020000010053007400720069006e006700460069006c00650049006e0066006f000000ee010000010030003400300039003000340062003000000042001100010043006f006d00700061006e0079004e0061006d00650000000000500065006f0070006c00650053006f00660074002c00200049006e0063002e0000000000280000000100460069006c0065004400650073006300720069007000740069006f006e00000000002a0005000100460069006c006500560065007200730069006f006e000000000037002e0035003300000000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900380038002d0031003900390038002000500065006f0070006c00650053006f00660074002c00200049006e0063002e002000200041006c006c00200052006900670068007400730020005200650073006500720076006500640000003c000a0001004f0072006900670069006e0061006c00460069006c0065006e0061006d00650000007000730064006d0074002e001000000000000000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 000700005402000000020000840734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000e4060000010053007400720069006e006700460069006c00650049006e0066006f00000060030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009e003d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000a40834000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000004080000010053007400720069006e006700460069006c00650049006e0066006f000000f0030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000530065007400750070000000a600410001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000180434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000078030000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009a003b0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b002000330000002400
ApplicationGoo REG_BINARY 140200001002000000020000040334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001001c0008000000000000000800000000003f00000000000000040000000100000000000000000000000000000064020000010053007400720069006e006700460069006c00650049006e0066006f00000040020000010030003400300039003000340062003000000044001200010043006f006d00700061006e0079004e0061006d0065000000000043006f00720065006c00200043006f00720070006f0072006100740069006f006e0000004e0013000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000002c0006000100460069006c006500560065007200730069006f006e000000000038002e00300032003800000046001300010049006e007400650072006e0061006c004e0061006d006500000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000006c00240001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390037002c00200043006f00720065006c00200043006f00720070006f0072000800000000000000
ApplicationGoo REG_BINARY 140200001002000000020000380334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010002000a0001000a0002000a0001000a000000000000000000040001000100000000000000000000000000000098020000010053007400720069006e006700460069006c00650049006e0066006f0000007402000001003000340030003900300034004500340000004a001500010043006f006d00700061006e0079004e0061006d00650000000000530079006d0061006e00740065006300200043006f00720070006f0072006100740069006f006e000000000060001c000100460069006c0065004400650073006300720069007000740069006f006e0000000000530079006d0061006e007400650063002000530079006d006500760065006e007400200049006e007300740061006c006c0065007200000034000a000100460069006c006500560065007200730069006f006e0000000000310030002e0032002e00310030002e003100000030000800010049006e007400650072006e0061006c004e0061006d006500000053004500560049004e005300540000007e002d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020002800430029002000530079006d0061006e00740065006300200043006f0072000100000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 1402000010020000000200007c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000900260000000100090026003f000000000000000400000001000000000000000000000000000000dc020000010053007400720069006e006700460069006c00650049006e0066006f000000b8020000010030003400300039003000340062003000000066002700010043006f006d006d0065006e0074007300000042007500730069006e00650073007300200049006e00740065006c006c006900670065006e006300650020006f006e0020004500760065007200790020004400650073006b0074006f0070000000000048001400010043006f006d00700061006e0079004e0061006d0065000000000043006f0067006e006f007300200049006e0063006f00720070006f0072006100740065006400000060001c000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f0067006e006f0073002000470065006e006500720069006300200049006e007300740061006c006c006100740069006f006e00000038000c000100460069006c006500560065007200730069006f006e000000000031002c00200030002c002000330038002c0020003900000030000800010049006e007400650072006e0061006c004e0061006d00650000000100000000000000
GlobalFlag REG_SZ 0x000010F0
ApplicationGoo REG_BINARY 140200001002000000020000a40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000100000000000100010000003f00000000000000010001000100000000000000000000000000000004020000010053007400720069006e006700460069006c00650049006e0066006f000000e0010000010030003400300039003000340045003400000020000000010043006f006d00700061006e0079004e0061006d00650000000000580018000100460069006c0065004400650073006300720069007000740069006f006e000000000049004e005300540041004c004c0020004d004600430020004100700070006c00690063006100740069006f006e000000300008000100460069006c006500560065007200730069006f006e000000000031002e0030002e00300030003100000030000800010049006e007400650072006e0061006c004e0061006d006500000049004e005300540041004c004c0000002400000001004c006500670061006c0043006f00700079007200690067006800740000002800000001004c006500670061006c00540072006100640065006d00610072006b0073000000000040000c0001004f0072006900670069006e0061006c00460069006c0065006e0061006d006500000049004e005300540041004c004c002e004500580045000000300008000800000000000000
"Notification Packages scecli
Written by Bobbi Flekman 2006 (C)
Error: Key: software\microsoft\windows\currentversion\group policy\state does not exist!
Written by Bobbi Flekman 2006 (C)
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SaslProfiles
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SCHANNEL
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\File system]
@="Driver Group"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\RpcSs]
@="Service"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\vgasave.sys]
@="Driver"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs
Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components
7,0,5730,0
*
6,0,5730,11
6,0,5730,11
1 (0x1)
2,0,0,0
01000000
EN
EN
01000000
11,0,5721,5145
11,0,5721,5145
DirectAnimation
1,1,1,7
4,7,0,0320
*
1,397,2406,1
6,0,2900,2180
1 (0x1)
FR
11,0,5721,5145
4,71,1113,0
7,0,5730,11
6,00,01,0223
5,6,0,8820
1 (0x1)
5,00,2918,1900
7,0,5730,11
C:\WINDOWS\system32\msieftp.dll
11,0,5721,5145
4,9,9,2
2,0,50727,0
WAB
fr
en
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}\AuthorizedCDFPrefix
DOTNETFRAMEWORKS
7,0,5730,11
6,0,2800,2180
.NET Framework
6,0,5730,11
4,71,1968,1
2,1,4026,0
EN
6,0,5730,11
5,0,00,0
-- End of Deckard's System Scanner: finished at 2008-08-08 13:56:56 ------------
ah ba tien c'est exactement se virus que j'ai
http://i230.photobucket.com/albums/ee261/Angeldark000/I...
fausses alertes de sécurité,
modification du fond d'écran,
détournement de la page d'accueil du navigateur...
installation non désirée de faux logiciels de sécurité (rogue) proposant leurs services payants pour nettoyer l'infection.
http://i230.photobucket.com/albums/ee261/Angeldark000/I...
fausses alertes de sécurité,
modification du fond d'écran,
détournement de la page d'accueil du navigateur...
installation non désirée de faux logiciels de sécurité (rogue) proposant leurs services payants pour nettoyer l'infection.
Pour bien faire j'ai fait comme plus haut voici les rapports :
Deckard's System Scanner v20071014.68
Run by Cyrille on 2008-08-08 14:38:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
43: 2008-08-08 12:38:19 UTC - RP1498 - Deckard's System Scanner Restore Point
42: 2008-08-08 11:29:50 UTC - RP1497 - Opération de restauration
41: 2008-08-08 11:26:56 UTC - RP1496 - Opération de restauration
40: 2008-08-08 06:14:56 UTC - RP1495 - Software Distribution Service 3.0
39: 2008-08-07 18:53:57 UTC - RP1494 - Removed Alcohol 120%
-- First Restore Point --
1: 2008-06-25 12:41:01 UTC - RP1456 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 3.61 GiB (less than 15%) free.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-08-08 14:40:47
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\sony\giga pocket\shwserv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\sony\giga pocket\RM_SV.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Documents and Settings\Cyrille\Bureau\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/fr/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {79EEFFBE-0FA3-124A-C043-0E665AC71E0D} - (no file)
O2 - BHO: (no name) - {7B4504D7-3A03-0DE0-72AA-B83D80D27994} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9A1F30FC-531E-FFC4-E375-0FD2A1C65469} - (no file)
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [etqfbjglkn] c:\windows\system32\etqfbjglkn.exe etqfbjglkn
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [dscppuz] c:\documents and settings\cyrille\local settings\application data\dscppuz.exe dscppuz
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: Download Video - http://www.viloader.net/addon.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://www.m6video.fr/1click/install/files/installer2.c...
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/direc...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/5/b/0/5b0d4654-a...
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://protect.microsoft.com/security/protect/wsa/share...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} () - http://www.sibelius.com/download/software/win/ActiveXPl...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_d...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab27513.ca...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/fla...
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: wbsys.dll
O21 - SSODL: tfnslopk - {59B22543-6100-49FC-995F-0AEA39307D73} - C:\WINDOWS\tfnslopk.dll (file missing)
O21 - SSODL: xokvrpwg - {3097DAA5-E96B-479A-A61B-9725BBEF11ED} - C:\WINDOWS\xokvrpwg.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: scmkdofwetds (MsUpdate6) - Unknown owner - C:\WINDOWS\system32\msupd6.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\sony\vaio media music server\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\sony\giga pocket\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
--
End of file - 13466 bytes
-- File Associations -----------------------------------------------------------
.scr - PhEdit.scr - shell\open\command - C:\Program Files\VCW VicMan's Photo Editor\vcwphoto.exe %1
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SaiM27G Filter - c:\windows\system32\drivers\saim27g.sys <Not Verified; Saitek; Gaming Mouse 27G>
S3 Aldebaran (Aldebaran - Storage Filter Drivers) - c:\windows\system32\drivers\aldebaran.sys (file missing)
S3 AvFlt (Antivirus Filter Driver) - c:\windows\system32\drivers\av5flt.sys (file missing)
S3 ComFiltr (Panda Anti-Dialer) - c:\windows\system32\drivers\comfiltr.sys (file missing)
S3 fbxusb (FreeBox USB Network Adapter) - c:\windows\system32\drivers\fbxusb.sys <Not Verified; FreeBox SA; FreeBox USB Network Adapter>
S3 fruzecoz - c:\windows\system32\drivers\fruzecoz.sys (file missing)
S3 PalmUSBD - c:\windows\system32\drivers\palmusbd.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir Scheduler) - c:\program files\antivir personaledition classic\sched.exe <Not Verified; Avira GmbH; AntiVir Workstation>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
R2 LicCtrlService (LicCtrl Service) - rundll32.exe c:\windows\mmfs.dll,service
S2 MsUpdate6 (scmkdofwetds) - c:\windows\system32\msupd6.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Souris Microsoft PS/2
Device ID: ACPI\PNP0F03\4&35F762C4&0
Manufacturer: Microsoft
Name: Souris Microsoft PS/2
PNP Device ID: ACPI\PNP0F03\4&35F762C4&0
Service: i8042prt
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Plug and Play BIOS Extension
Device ID: ROOT\SYSTEM\0003
Manufacturer: (Standard system devices)
Name: Plug and Play BIOS Extension
PNP Device ID: ROOT\SYSTEM\0003
Service: a347bus
-- Scheduled Tasks -------------------------------------------------------------
2008-08-08 13:32:44 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2007-11-15 19:09:05 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-07-08 and 2008-08-08 -----------------------------
2008-08-07 18:57:35 0 d-------- C:\Documents and Settings\Cyrille\Application Data\TmpRecentIcons
-- Find3M Report ---------------------------------------------------------------
2008-08-08 13:43:23 474316 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-08-08 13:43:23 77038 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-08-07 10:14:29 0 d-------- C:\Documents and Settings\Cyrille\Application Data\GrabIt
2008-06-27 16:25:39 0 d-------- C:\Documents and Settings\Cyrille\Application Data\FileZilla
2008-06-26 16:25:45 0 d-------- C:\Program Files\FileZilla FTP Client
2008-06-16 14:25:30 0 d-------- C:\Documents and Settings\Cyrille\Application Data\DivX
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{79EEFFBE-0FA3-124A-C043-0E665AC71E0D}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B4504D7-3A03-0DE0-72AA-B83D80D27994}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A1F30FC-531E-FFC4-E375-0FD2A1C65469}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [18/08/2003 18:56: VIRUS ALERT!]
"AGRSMMSG"="AGRSMMSG.exe" [23/05/2003 11:43: VIRUS ALERT! C:\WINDOWS\AGRSMMSG.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [19/10/2007 21:16: VIRUS ALERT!]
"Totocam"="" []
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [18/07/2008 07:49: VIRUS ALERT!]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [04/08/2004 07:31: VIRUS ALERT!]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [24/04/2003 14:00: VIRUS ALERT!]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [24/04/2003 14:00: VIRUS ALERT!]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [24/04/2003 14:00: VIRUS ALERT!]
"etqfbjglkn"="c:\windows\system32\etqfbjglkn.exe" [09/08/2006 19:46: VIRUS ALERT!]
"ezShieldProtector for Px"="C:\WINDOWS\system32\ezSP_Px.exe" [20/08/2002 11:29: VIRUS ALERT!]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25: VIRUS ALERT!]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/05/2007 03:06: VIRUS ALERT!]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [22/12/2003 08:38: VIRUS ALERT!]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [02/01/2006 17:41: VIRUS ALERT!]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [06/05/2008 10:42: VIRUS ALERT!]
"dscppuz"="c:\documents and settings\cyrille\local settings\application data\dscppuz.exe" []
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [30/07/2008 14:45: VIRUS ALERT!]
C:\Documents and Settings\Cyrille\Menu D‚marrer\Programmes\D‚marrage\
Pervasive.SQL Workgroup Engine.lnk - C:\PVSW\Bin\w3dbsmgr.exe [22/07/2004 14:40:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Event Reminder.lnk - C:\Program Files\Broderbund\PrintMaster\PMremind.exe [28/07/2007 18:36:59]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 01:01:04]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
"NoDispCPL"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispAppearancePage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispSettingPage"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"NoStartMenuMorePrograms"=0 (0x0)
"NoSetFolders"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"tfnslopk"= {59B22543-6100-49FC-995F-0AEA39307D73} - C:\WINDOWS\tfnslopk.dll [ ]
"xokvrpwg"= {3097DAA5-E96B-479A-A61B-9725BBEF11ED} - C:\WINDOWS\xokvrpwg.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll 20/12/2001 23:34: VIRUS ALERT! 24576 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= :\WINDOWS\SYSTE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8102c819-44c0-11dc-9e22-000ea69ab500}]
AutoRun\command- M:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1d2c5b1-2ba7-11dc-9ded-000ea69ab500}]
AutoRun\command- G:\InstallTomTomHOME.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8972 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-08-08 14:42:04 ------------
Puis second rapport
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of Memory in Use: 57%
Physical Memory (total/avail): 511.36 MiB / 219.68 MiB
Pagefile Memory (total/avail): 1279.27 MiB / 885.98 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 27.95 GiB total, 3.61 GiB free.
D: is Fixed (NTFS) - 121.1 GiB total, 96.24 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
\\.\PHYSICALDRIVE0 - WDC WD1600BB-98DWA0 - 149.05 GiB - 2 partitions
\PARTITION0 (bootable) - Système de fichiers installable - 27.95 GiB - C:
\PARTITION1 - Étendu avec Inter. 13 étendue - 121.1 GiB - D:
\\.\PHYSICALDRIVE2 - Sony UMH-U HS-CF USB Device
\\.\PHYSICALDRIVE1 - Sony UMH-U HS-MS USB Device
\\.\PHYSICALDRIVE3 - Sony UMH-U HS-SM USB Device
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before install.
Windows Internal Firewall is enabled.
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.56
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.30
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.209
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.220
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.88
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.75
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.77
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.83
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.15
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.196
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.95
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.112
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.69
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.98
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.92
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.1
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.217
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.245
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.98
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.166
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.224
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.35
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.235
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.38
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.174
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.50
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.103
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.223
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.209
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.121
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.176
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.77
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.70
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.92
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.110
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.77
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.29
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.31
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.133
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.230
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.27
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.90
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.118
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.22
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.118
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.82
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.110
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.59
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.46
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.35
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.139
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.10
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.230
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.98
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.196
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.24
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.92
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.93
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.172
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.58
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.45
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.216
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.105
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.31
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.63
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.22
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.75
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.127
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.82
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.247
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.99
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.214
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.111
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.5
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.233
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.147
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.138
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.202
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.8
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.105
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.83
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.223
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.60
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.166
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.132
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.203
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.65
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.71
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.16
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.147
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.27
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.26
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.83
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.81
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.50
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.74
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.121
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.95
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.117
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.112
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.175
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.230
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: Avira AntiVir PersonalEdition v8.0.1.26 (Avira GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.40
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.11
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.26
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.11
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.73
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.139
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.40
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.111
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.173
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.144
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.112
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.210
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.31
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.45
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.184
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.29
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.56
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.208
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.109
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.192
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.65
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.97
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.65
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.132
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.82
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.202
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.34
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.53
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.224
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.50
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.144
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.250
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.51
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.45
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.59
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.176
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.99
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.211
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.174
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.196
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir Per
Deckard's System Scanner v20071014.68
Run by Cyrille on 2008-08-08 14:38:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
43: 2008-08-08 12:38:19 UTC - RP1498 - Deckard's System Scanner Restore Point
42: 2008-08-08 11:29:50 UTC - RP1497 - Opération de restauration
41: 2008-08-08 11:26:56 UTC - RP1496 - Opération de restauration
40: 2008-08-08 06:14:56 UTC - RP1495 - Software Distribution Service 3.0
39: 2008-08-07 18:53:57 UTC - RP1494 - Removed Alcohol 120%
-- First Restore Point --
1: 2008-06-25 12:41:01 UTC - RP1456 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 3.61 GiB (less than 15%) free.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-08-08 14:40:47
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\sony\giga pocket\shwserv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\sony\giga pocket\RM_SV.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Documents and Settings\Cyrille\Bureau\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/fr/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {79EEFFBE-0FA3-124A-C043-0E665AC71E0D} - (no file)
O2 - BHO: (no name) - {7B4504D7-3A03-0DE0-72AA-B83D80D27994} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9A1F30FC-531E-FFC4-E375-0FD2A1C65469} - (no file)
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [etqfbjglkn] c:\windows\system32\etqfbjglkn.exe etqfbjglkn
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [dscppuz] c:\documents and settings\cyrille\local settings\application data\dscppuz.exe dscppuz
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: Download Video - http://www.viloader.net/addon.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\Program Files\Allocam Multi Visio\allocam.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://www.m6video.fr/1click/install/files/installer2.c...
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/direc...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/5/b/0/5b0d4654-a...
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://protect.microsoft.com/security/protect/wsa/share...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} () - http://www.sibelius.com/download/software/win/ActiveXPl...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_d...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab27513.ca...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zyloml...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/fla...
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: wbsys.dll
O21 - SSODL: tfnslopk - {59B22543-6100-49FC-995F-0AEA39307D73} - C:\WINDOWS\tfnslopk.dll (file missing)
O21 - SSODL: xokvrpwg - {3097DAA5-E96B-479A-A61B-9725BBEF11ED} - C:\WINDOWS\xokvrpwg.dll (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: scmkdofwetds (MsUpdate6) - Unknown owner - C:\WINDOWS\system32\msupd6.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\sony\vaio media music server\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\sony\giga pocket\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
--
End of file - 13466 bytes
-- File Associations -----------------------------------------------------------
.scr - PhEdit.scr - shell\open\command - C:\Program Files\VCW VicMan's Photo Editor\vcwphoto.exe %1
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SaiM27G Filter - c:\windows\system32\drivers\saim27g.sys <Not Verified; Saitek; Gaming Mouse 27G>
S3 Aldebaran (Aldebaran - Storage Filter Drivers) - c:\windows\system32\drivers\aldebaran.sys (file missing)
S3 AvFlt (Antivirus Filter Driver) - c:\windows\system32\drivers\av5flt.sys (file missing)
S3 ComFiltr (Panda Anti-Dialer) - c:\windows\system32\drivers\comfiltr.sys (file missing)
S3 fbxusb (FreeBox USB Network Adapter) - c:\windows\system32\drivers\fbxusb.sys <Not Verified; FreeBox SA; FreeBox USB Network Adapter>
S3 fruzecoz - c:\windows\system32\drivers\fruzecoz.sys (file missing)
S3 PalmUSBD - c:\windows\system32\drivers\palmusbd.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir Scheduler) - c:\program files\antivir personaledition classic\sched.exe <Not Verified; Avira GmbH; AntiVir Workstation>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
R2 LicCtrlService (LicCtrl Service) - rundll32.exe c:\windows\mmfs.dll,service
S2 MsUpdate6 (scmkdofwetds) - c:\windows\system32\msupd6.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Souris Microsoft PS/2
Device ID: ACPI\PNP0F03\4&35F762C4&0
Manufacturer: Microsoft
Name: Souris Microsoft PS/2
PNP Device ID: ACPI\PNP0F03\4&35F762C4&0
Service: i8042prt
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Plug and Play BIOS Extension
Device ID: ROOT\SYSTEM\0003
Manufacturer: (Standard system devices)
Name: Plug and Play BIOS Extension
PNP Device ID: ROOT\SYSTEM\0003
Service: a347bus
-- Scheduled Tasks -------------------------------------------------------------
2008-08-08 13:32:44 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2007-11-15 19:09:05 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-07-08 and 2008-08-08 -----------------------------
2008-08-07 18:57:35 0 d-------- C:\Documents and Settings\Cyrille\Application Data\TmpRecentIcons
-- Find3M Report ---------------------------------------------------------------
2008-08-08 13:43:23 474316 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-08-08 13:43:23 77038 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-08-07 10:14:29 0 d-------- C:\Documents and Settings\Cyrille\Application Data\GrabIt
2008-06-27 16:25:39 0 d-------- C:\Documents and Settings\Cyrille\Application Data\FileZilla
2008-06-26 16:25:45 0 d-------- C:\Program Files\FileZilla FTP Client
2008-06-16 14:25:30 0 d-------- C:\Documents and Settings\Cyrille\Application Data\DivX
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{79EEFFBE-0FA3-124A-C043-0E665AC71E0D}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B4504D7-3A03-0DE0-72AA-B83D80D27994}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9A1F30FC-531E-FFC4-E375-0FD2A1C65469}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [18/08/2003 18:56: VIRUS ALERT!]
"AGRSMMSG"="AGRSMMSG.exe" [23/05/2003 11:43: VIRUS ALERT! C:\WINDOWS\AGRSMMSG.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [19/10/2007 21:16: VIRUS ALERT!]
"Totocam"="" []
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [18/07/2008 07:49: VIRUS ALERT!]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [04/08/2004 07:31: VIRUS ALERT!]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [24/04/2003 14:00: VIRUS ALERT!]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [24/04/2003 14:00: VIRUS ALERT!]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [24/04/2003 14:00: VIRUS ALERT!]
"etqfbjglkn"="c:\windows\system32\etqfbjglkn.exe" [09/08/2006 19:46: VIRUS ALERT!]
"ezShieldProtector for Px"="C:\WINDOWS\system32\ezSP_Px.exe" [20/08/2002 11:29: VIRUS ALERT!]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25: VIRUS ALERT!]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/05/2007 03:06: VIRUS ALERT!]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [22/12/2003 08:38: VIRUS ALERT!]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [02/01/2006 17:41: VIRUS ALERT!]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [06/05/2008 10:42: VIRUS ALERT!]
"dscppuz"="c:\documents and settings\cyrille\local settings\application data\dscppuz.exe" []
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [30/07/2008 14:45: VIRUS ALERT!]
C:\Documents and Settings\Cyrille\Menu D‚marrer\Programmes\D‚marrage\
Pervasive.SQL Workgroup Engine.lnk - C:\PVSW\Bin\w3dbsmgr.exe [22/07/2004 14:40:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Event Reminder.lnk - C:\Program Files\Broderbund\PrintMaster\PMremind.exe [28/07/2007 18:36:59]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 01:01:04]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
"NoDispCPL"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispAppearancePage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispSettingPage"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"NoStartMenuMorePrograms"=0 (0x0)
"NoSetFolders"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"tfnslopk"= {59B22543-6100-49FC-995F-0AEA39307D73} - C:\WINDOWS\tfnslopk.dll [ ]
"xokvrpwg"= {3097DAA5-E96B-479A-A61B-9725BBEF11ED} - C:\WINDOWS\xokvrpwg.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll 20/12/2001 23:34: VIRUS ALERT! 24576 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= :\WINDOWS\SYSTE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8102c819-44c0-11dc-9e22-000ea69ab500}]
AutoRun\command- M:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1d2c5b1-2ba7-11dc-9ded-000ea69ab500}]
AutoRun\command- G:\InstallTomTomHOME.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8972 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-08-08 14:42:04 ------------
Puis second rapport
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of Memory in Use: 57%
Physical Memory (total/avail): 511.36 MiB / 219.68 MiB
Pagefile Memory (total/avail): 1279.27 MiB / 885.98 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 27.95 GiB total, 3.61 GiB free.
D: is Fixed (NTFS) - 121.1 GiB total, 96.24 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
\\.\PHYSICALDRIVE0 - WDC WD1600BB-98DWA0 - 149.05 GiB - 2 partitions
\PARTITION0 (bootable) - Système de fichiers installable - 27.95 GiB - C:
\PARTITION1 - Étendu avec Inter. 13 étendue - 121.1 GiB - D:
\\.\PHYSICALDRIVE2 - Sony UMH-U HS-CF USB Device
\\.\PHYSICALDRIVE1 - Sony UMH-U HS-MS USB Device
\\.\PHYSICALDRIVE3 - Sony UMH-U HS-SM USB Device
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before install.
Windows Internal Firewall is enabled.
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.56
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.30
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.209
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.220
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.88
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.75
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.77
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.83
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.15
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.196
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.95
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.112
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.69
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.98
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.92
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.1
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.217
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.245
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.98
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.166
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.224
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.35
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.235
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.38
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.174
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.50
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.103
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.223
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.209
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.121
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.176
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.77
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.70
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.92
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.110
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.77
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.29
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.31
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.133
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.230
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.27
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.90
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.118
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.22
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.118
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.82
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.110
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.59
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.46
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.35
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.139
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.10
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.230
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.98
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.196
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.24
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.92
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.93
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.172
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.58
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.45
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.216
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.105
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.31
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.63
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.22
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.75
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.127
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.82
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.247
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.99
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.214
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.111
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.107
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.5
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.233
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.147
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.138
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197
(AntiVir PersonalProducts GmbH) Disabled
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.202
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.8
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.105
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.83
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.223
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.60
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.166
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.132
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.203
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.65
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.71
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.4
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.16
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.147
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.27
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.26
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.83
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.81
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.50
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.74
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.121
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.95
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.165
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.117
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.112
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.175
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.230
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.20
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: Avira AntiVir PersonalEdition v8.0.1.26 (Avira GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.215
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.40
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.11
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.26
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.11
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.73
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.122
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.139
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.40
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.131
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.111
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.173
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.144
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.112
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.210
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.31
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.45
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.184
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.29
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.56
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.193
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.208
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.178
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.109
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.192
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.2.6
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.65
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.97
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.65
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.227
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.132
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.82
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.190
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.202
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.182
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.34
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.53
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.224
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.50
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.91
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.144
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.250
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.51
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.158
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.45
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.59
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.176
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.99
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.114
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.211
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.2.78
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.174
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.196
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.3.64
(AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH)
AV: AntiVir Per
Bonjour,Un sujet par personne, merci
snif, on commence par ça ( je te demanderai d'être patient, je suis bénévole et j'ai une vie privée ) :
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
bjr, voila ce que tu ma demandé:
-----------\\ ToolBar S&D 1.0.8 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : pearl ] [ "F:\Toolbar SD" ] [ Selection : 1 ]
[ 09/08/2008 | 16:30:47,28 ] [ PC : PC-F68EA12040FE ]
[ MAJ : 04-08-2008 | 23:15 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\SrchAstt
C:\DOCUME~1\pearl\Cookies\pearl@conduit[1].txt
C:\DOCUME~1\pearl\Cookies\pearl@www.conduit[1].txt
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb126
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\CONTENT\dealiotoolbarplugin.js
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\CONTENT\dealiotoolbarplugin.xul
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\LOCALE\EN-US\dealio.dtd
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\LOCALE\EN-US\dealio.properties
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealiotoolbarplugin.css
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_large.png
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_small.png
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_winxp_act.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_winxp_hot.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_act.bmp
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_act.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_hot.bmp
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_hot.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\search_dealio.bmp
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\DealioFF.dll
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\DealioProtocol.js
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealio.idl
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealio.xpt
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealioHelperEngine.idl
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealioHelperEngine.xpt
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFDealioHelperPreferences.idl
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFDealioHelperPreferences.xpt
C:\DOCUME~1\pearl\Cookies\pearl@mysearch[1].txt
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb126
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR"
"Search Bar"="http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://recherche.neuf.fr/"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
-----------\\ Fin du rapport a 16:31:17,62
-----------\\ ToolBar S&D 1.0.8 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : pearl ] [ "F:\Toolbar SD" ] [ Selection : 1 ]
[ 09/08/2008 | 16:30:47,28 ] [ PC : PC-F68EA12040FE ]
[ MAJ : 04-08-2008 | 23:15 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\SrchAstt
C:\DOCUME~1\pearl\Cookies\pearl@conduit[1].txt
C:\DOCUME~1\pearl\Cookies\pearl@www.conduit[1].txt
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb126
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\CONTENT\dealiotoolbarplugin.js
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\CONTENT\dealiotoolbarplugin.xul
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\LOCALE\EN-US\dealio.dtd
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\LOCALE\EN-US\dealio.properties
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealiotoolbarplugin.css
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_large.png
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_small.png
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_winxp_act.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_winxp_hot.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_act.bmp
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_act.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_hot.bmp
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_hot.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\search_dealio.bmp
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\DealioFF.dll
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\DealioProtocol.js
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealio.idl
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealio.xpt
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealioHelperEngine.idl
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFBHODealioHelperEngine.xpt
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFDealioHelperPreferences.idl
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\IFDealioHelperPreferences.xpt
C:\DOCUME~1\pearl\Cookies\pearl@mysearch[1].txt
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb126
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR"
"Search Bar"="http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://recherche.neuf.fr/"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
-----------\\ Fin du rapport a 16:31:17,62
Re,
Relance Toolbar-S&D en double-cliquant sur le raccourci.
Choisis cette fois l'option 2 puis valide en appuyant sur Entrée.
! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici, puis un nouveau rapport HijackThis.
[#008040]Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
![;)]( ";)")
Relance Toolbar-S&D en double-cliquant sur le raccourci.
! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
[#008040]Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
re ![:)]( ":)")
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:04, on 09/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Free Download Manager\FUM\fumoei.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.175.133.27:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
F3 - REG:win.ini: run="C:\Documents and Settings\pearl\Application Data\Adobe\Manager.exe"
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QXK Olive - {86A223EE-081B-4CF9-98FB-52514CE4A8E1} - C:\WINDOWS\wnlmdakqenv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MSNAddon] C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX02.218\MSNAddon.exe
O4 - HKLM\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKLM\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKLM\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKLM\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKLM\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting
O4 - HKCU\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting
O4 - HKCU\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKCU\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKCU\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKCU\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKCU\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User '?')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User '?')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1801674531-1292428093-725345543-1004 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User '?')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.13/cfweb_a...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://212.42.54.137:8008/activex/AMC.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O21 - SSODL: tfnslopk - {1C783713-F791-4E21-AEB8-B1FFB66D66F5} - C:\WINDOWS\tfnslopk.dll
O21 - SSODL: XyTKAPCe - {5CC0736D-F66A-D9C7-4DA3-896A77F63C88} - C:\WINDOWS\system32\xip.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 14862 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:04, on 09/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Free Download Manager\FUM\fumoei.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.175.133.27:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
F3 - REG:win.ini: run="C:\Documents and Settings\pearl\Application Data\Adobe\Manager.exe"
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QXK Olive - {86A223EE-081B-4CF9-98FB-52514CE4A8E1} - C:\WINDOWS\wnlmdakqenv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: bgrqfetx - {87EF3F20-E986-4B30-B9AA-A65E59792F29} - C:\WINDOWS\bgrqfetx.dll
O4 - HKLM\..\Run: [YeppStudioAgent] C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MSNAddon] C:\DOCUME~1\pearl\LOCALS~1\Temp\Rar$EX02.218\MSNAddon.exe
O4 - HKLM\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKLM\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKLM\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKLM\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKLM\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting
O4 - HKCU\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting
O4 - HKCU\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe
O4 - HKCU\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe
O4 - HKCU\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe
O4 - HKCU\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe
O4 - HKCU\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User '?')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User '?')
O4 - HKUS\S-1-5-19\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [SSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [SSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [SSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DA.exe] C:\Windows\system32\Win1DA.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DC.exe] C:\Windows\system32\Win1DC.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DD.exe] C:\Windows\system32\Win1DD.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DE.exe] C:\Windows\system32\Win1DE.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-1292428093-725345543-1004\..\Run: [\Win1DF.exe] C:\Windows\system32\Win1DF.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1801674531-1292428093-725345543-1004 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User '?')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.13/cfweb_a...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://212.42.54.137:8008/activex/AMC.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O21 - SSODL: tfnslopk - {1C783713-F791-4E21-AEB8-B1FFB66D66F5} - C:\WINDOWS\tfnslopk.dll
O21 - SSODL: XyTKAPCe - {5CC0736D-F66A-D9C7-4DA3-896A77F63C88} - C:\WINDOWS\system32\xip.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 14862 bytes
-----------\\ ToolBar S&D 1.0.8 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : pearl ] [ "F:\Toolbar SD" ] [ Selection : 2 ]
[ 09/08/2008 | 19:36:07,25 ] [ PC : PC-F68EA12040FE ]
[ MAJ : 04-08-2008 | 23:15 ]
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\Program Files\AskTBar\SrchAstt
Supprime! - C:\DOCUME~1\pearl\Cookies\pearl@conduit[1].txt
Supprime! - C:\DOCUME~1\pearl\Cookies\pearl@www.conduit[1].txt
Supprime! - C:\Program Files\Dealio\DealioAU.exe
Supprime! - C:\Program Files\Dealio\kb126
Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
Supprime! - C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
Supprime! - C:\DOCUME~1\pearl\Cookies\pearl@mysearch[1].txt
Supprime! - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
Supprime! - C:\Program Files\Search Settings\kb126
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\Program Files\Dealio
Supprime! - C:\Program Files\Search Settings
Supprime! - C:\Program Files\VMNToolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://recherche.neuf.fr/"
"Search Bar"="http://recherche.neuf.fr/ie/default.html"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://recherche.neuf.fr/"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
-----------\\ Fin du rapport a 19:37:38,65
jte remercie de m'accorder de ton temps
Re,
Non, mais je n'avais pas vu le HijackTHis.
Cette procédure doit être imprimée pour que tu puisses l’avoir sous les yeux quand tu seras en mode sans échec.
Télécharge SDFix (d’Andy Manchesta)
Enregistre le sur ton le bureau.
Lance le.
Fais install afin qu’il puisse s’extraire.
Fais redémarrer ton ordinateur en mode sans échec
- Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
-- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
--- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.
Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\
Double clique sur RunThis.bat (L’extension bat peut ne pas apparaître)
Appuie sur Y pour le lancer.
Il te sera demandé d'appuyer sur une touche pour redemarrer , fais le
Il est probable que le redémarrage soit un peu plus long que d’habitude.
Une fois l’apparition de ton Bureau, il affichera Finished
Appuie sur une touche.
Un rapport est généré , poste le dans ta réponse.
Il se trouve également. dans le dossier SDFix >Report.txt<
Note : Si SDFix ne se lance pas (ça arrive!)
* Démarrer->Exécuter
* Copie/colle ceci:
* Clique sur ok, et valide.
* Redémarre et essaye de nouveau de lancer SDFix.
Aide : Comment faire démarrer son ordinateur en mode sans échec.
![;)]( ";)")
Citation :
j'ai analyse hijackthis apres d'avoi fais la suppression toolbar mais je l'est poster avant, ca ne change rien si ?Non, mais je n'avais pas vu le HijackTHis.
Cette procédure doit être imprimée pour que tu puisses l’avoir sous les yeux quand tu seras en mode sans échec.
Télécharge SDFix (d’Andy Manchesta)
Fais redémarrer ton ordinateur en mode sans échec
- Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
-- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
--- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.
Il se trouve également. dans le dossier SDFix >Report.txt<
Note : Si SDFix ne se lance pas (ça arrive!)
* Démarrer->Exécuter
* Copie/colle ceci:
Citation :
%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe* Clique sur ok, et valide.
* Redémarre et essaye de nouveau de lancer SDFix.
Aide : Comment faire démarrer son ordinateur en mode sans échec.
je tappotte peut-etre trop vite? Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumSecurity center alert virus RESOLU (merci FREDERIX)
- ForumSecurity center alert virus
- ForumVirus Windows Alert security
- ForumComment se debarrasser du virus windows security alert
- ForumVirus sécurity alert
- ForumWindows security alert virus
- ForumVirus alert sur ma barre de taches
- ForumProbleme Virus Alert + Menu Démarrer
- Forumprobleme virus alert! [résolu]
- Voir plus
